Spammers,spambots..whatnot (_ _)

[Claraviolet]

Uh..guys....Take a look at this forum

http://onepieceforum.net/index.php

Most of the registered users are spammers...(_ _)
In order to restrict them posting idiotic stuff,I am implementing "Admin Activation" for now.In other words, people cannot post any comments or threads until an admin activates their accounts.I know it's not a good solution but I have been deleting 900+ spam comments for a day and I am mad and (_ _) helpless.

And we have three plugins which are used to detect and stop spambots and spammers.But they aren't helping us much (_ _)

I have lost some valuable members because of these spambots.I wanna implement instant activation like before but I am afraid of the spammers and spambots...so can somebody help me?

Hmm...maybe I should tell you this....
I am not bragging but our site made it to the first page of yahoo and bing within 9 days.When you type "one piece forum" or "one piece forums" you can find us in the very first page...and...in the description part...for some weird reason "advertising section" pops up. (Just type it to get a better understanding)

It's just one section with no real posts but..for some reason it appears in yahoo and bing.That's the main reason for having these many spammers coming to our pirate site (_ _)

So,is there anyway we can fix that? Sorry if this thread seems childish >.>

 

[Gray]

That sucks. 🙁

Unfortunately, spammers are a part of foruming. Most plugins will only stop a large chunk of spammers, but not all of them. Some will slip through. 😛

And we have three plugins which are used to detect and stop spambots and spammers.But they aren't helping us much (_ _)

Which plugins do you currently use?

 

[ShaneVP]

Your register page is just default MyBB register, spammers can crack through that easy.

http://mods.mybb.com/view/registration- ... y-question

^ This MyBB plugin will help stop thousands of spammers.

 

[Red Herring]

Spambots are a problem on practically any software if you don't install extra security plugins. Here's what I recommend,

First, if you haven't enabled reCAPTCHA on your board already, do so. Get a key from >Google<, and add them in your reCAPTCHA settings in General Configuration under Settings in the ACP.

Secondly, as Shane mentioned above, get the Registration Security Questions plugin for MyBB. Delete ALL of the default questions (there are bots built to bypass that specific plugin's default questions) and create some questions of your own, as unique as possible without confusing the user. Avoid math questions, because some bots are built to answer those as well, even in text form.

Third, http://mods.mybb.com/view/stopforumspam-com-for-mybb get the Stop Forum Spam plugin for MyBB. Under its settings, allow it to check against e-mails with a confidence level of 40%. "Yes", for the failsafe setting. This is not only effective against spambots, but also against human spammers as well, which can be a huge problem for board owners.

Fourth, http://www.mybbsecurity.net/topic-register-time-v-1-2-1 is built to stop anything that registers within the time you set. It's effective against bots in general, which are built to fill out registration fields as quickly as possible. I recommend 15 seconds. Very few humans will actually finish registering within that time, but many bots will.

Fifth, and this is the most important one: always ensure you enable e-mail verification for registrations.


You don't actually have to use all of these methods, but I highly recommend Security Questions Mod, reCAPTCHA and e-mail verification at least. If you use the full setup, however, it'll block just about every spammer that attempts to enter your board. You may still get one or two once in a blue moon, but it will never be anything more than a minor inconvenience.

 

[Aki-P]

Use the StopForumSpam plugin: http://mods.mybb.com/view/stopforumspam-com-for-mybb

It compares registration data to the database at StopForumSpam, all the commonly known spammers detected via emails, usernames, and IPs can be blocked.

You can also set which things to match, emails & IP specifically, so you can avoid false detections with usernames.

I think this is an excellent plugin to use too, created by one of our own developers at PokemonGTS.com by my request: http://mods.mybb.com/view/limiturlposting

If you noticed, the spammers commonly are spamming links. You can set it so that newly registered users cannot post links unless they already have 2, 5, 10 or whatever amount of posts you want them to have.

This can most certainly put a stop to the bots that are being scripted to spam your forum.

You can also check out my post here about blocking spammer IP ranges because they're commonly using proxies (data center IP addresses) to do the spamming, which are 100% not the common home user you want as your visitors:

viewtopic.php?f=26&t=118856

I'll show you something else, if you run a WHOIS on the IP address: http://whois.domaintools.com/66.117.9.210

Here's an alternative one because that one is limited free use per day: http://who.is/

You'll find more info about the IP, in the case of "66.117.9.210", it belongs to "Corporate Colocation": http://www.corporatecolo.com/

A data center IP. Over 99% of the spammers are either bot scripts through a server or users running through a proxy. Either way, they're masking themselves behind a data center IP address. Why do users need to do that in order to legitimately access your site? They don't.

So get the IP's entire range:
NetRange: 66.117.0.0 - 66.117.15.255
CIDR: 66.117.0.0/20

And Block the CIDR in your block list.
If you don't know the CIDR, you can convert it on a site like this: http://ip2cidr.com/

This method, on top of other anti-spam measures on my site (including stopforumspam) has rapidly decreased spammers. Whenever the rare one does appear, I look up the IP and block the range, in most cases it does end up being from a server.

 

[newBB]

I had created a forum specifically for spammers, I thought it'd help you guys but I guess it didn't, lol.
You've many active members, request some of them to be moderators. Or read this thread, some of the plugins like "Register Time" and "Checkbox Validation" actually work:
http://community.mybb.com/thread-110224.html