I've got a phpbb forum on my website that is kept just as a private chat area for me and some friends; after getting fed up of deleting **** bot posts, I've now implemented that all new memberships have to be validated by me. Now I'm getting 20 emails a day from **** bot application validation requests.

Presumably every forum gets hit by this annoying crap - anyone have any suggestions please?

 

Is there not a module for phpbb that needs some form of validation to be input before it registers a member?

 

Are you using phpBB3?

It has a lot more clever "new user" stuff, including not putting new members on the membership list until they are approved (thus SPAM websites are not visible so no point in adding them).

It also has an improved "visual confirmation" that you can crank up - but i get the feeling that many bots are some saddo in eastern europe or china bashing away at the keyboard.

mb

 

I'm currently phpbb2.0.22 - I honestly didn't know there was a new version out - so I guess I'll destroy the forum for a few days while I try install that and see if that solves the problem.

At the moment I have the jumbled JPG letters validation thing as well as having new members manually validated by me before they're allowed to post - but it seems to make no difference.

I'll try and see about phpbb3, cheers

 

Have you tried a 'captcha' code system for new subscribers ?

 

we killed hotmail / yahoo / msn signups which cleared most of the bots.

If a member signs up with a valid address we'll allow them to go back to a webmail manually after nn posts.

 

See if someone can write you a code that asks a simple question that needs an answer to be typed in...

We have "Are you a bot?" Answer yes and you dont get in, lol.

Simple, but it works, havent had one bot sign in since it was introduced.

 

Firstly, if you're not going to go to phpbb3 then make sure you are on the latest 2.x release, however I'd strongly recommend upgrading to version 3. Secondly, there are quite a few mods out there for php to prevent spambots as it's a problem that most if not all forum admins will encounter.

What I've done on one of the phpbb3 forums I manage is to:

a) enable admin email verification (I may change this to user verification at a later point)

b) added a new custom profile field and set it to be a required field for registration. I'm not sure if this will stop a spambot, depends on how clever they actually are, my guess is they'll be looking for the default set of fields and if a custom one is there it could stop them. I think it may be possible to require input in this field equals a regular expression, though I could be wrong.

c) I've added the Photo Visual Confirmation mod to the forum. This replaces the usual captcha method used by phpbb3. You basically have to select photos that match a specified category when you register, for example, you are shown six pictures and you need to select which one of those picture is a cat (it can be more than one picture). You can customize this to use whatever pictures you want, so it's very flexible.

I'd also suggest you have a look at the mods database on phpbb.com as there are probably other mods that you can use to prevent spambots.

 

I run the forums for what used to be a very popular WoW mod and thus we're on a lot of spammers "hit" list. We had all the systems in place above and we were still getting a few "bots" slip through the net who were probably cheap human labour.

The best thing I've done is ban all China & Taiwan IP addresses. Not had a single spam bot since.

A regularly updated list can be found here:

http://okean.com/sinokoreacidr.txt

Jules

 

Thank's for the advice.

I'm running the latest build of phpbb2 but will give phpbb3 a go; as well as all of the other suggestions

 

Same here, DOS attack kept hitting our server from China.. god knows why.. banned the load and jobs done

 

I'm also going to hit all those IP's onto a banned list from my server.. let alone the bb.

All of my decent traffic comes from EU/US anyhow - so its not like I'll be missing out on anything!

 

I use Invision for my forum and find it very good. More secure than phpbb.

However, I've got a custom field - birthday in a specific format. I found that a yes / no question caught some but not all.

With a email confirmation link, I've not had any spam bots sign up for months.

 

i get his alot on my site i do the same as you but i uses php fully modded which is the standard php forum but with loads of mods all ready put on as standard. With this there is an option to delete any new users that have not been activated after a day/week/month/year. I also ban email address from any **** bot like *@gmail.com the star blocks all names from anyone using gmail or any **** type mail

 

This is quite clever BBC NEWS | Technology | PC stripper helps spam to spread