Welcome to the E-Blah Community!
We would like to welcome you to our community and invite you to register an account or login.
Being a registered member is important, as it gives you several advantages over the normal Guest status. After registering you will be able to download files and images, post messages, and access member-only portions of the forum - just to name a few. Registration is quick and simple, and only takes about a minute of your time.

E-Blah Community    Informational    Forum Updates  ›  Forum Spam Fix
Users Browsing Forum
No Members and 2 Guests

Forum Spam Fix  This thread currently has 345,882 views. Print
2 Pages 1 2 » Recommend Thread
Justin
March 22, 2013, 5:35pm Report to Moderator Report to Moderator

The E-Blah Developer
E-Blah Programmer
Posts: 15,252
Gender: Male
Posts Per Day: 2.42
Reputation: 93.31%
Reputation Score: +307 / -22
Time Online: 39 days 6 hours
Location: Tallassee, AL
Age: 33
Thanks to Fryedsoft and rusky, it looks like the problem with how spammers work around the captcha has been found. You must have the "Human Verification" turned on for this to work.

Please see this thread to find how it works:

http://www.eblah.com/forum/m-1353464983/s-0/#num4

You can try it yourself by downloading E-Blah from GitHub:

https://github.com/eblah/E-Blah-Forum


My Websites: Revolution Reality (My Blog)  | Portfolio

"But you, O Lord, are a compassionate and gracious God, slow to anger, abounding in love and faithfulness." — Psalm 86:15 NIV
Logged Offline
Site Site Private Message Private message
Nat
March 22, 2013, 6:25pm Report to Moderator Report to Moderator

Here to help
Administrator
Posts: 1,989
Gender: Male
Posts Per Day: 0.54
Reputation: 87.23%
Reputation Score: +41 / -6
Time Online: 7 days 13 hours 39 minutes
Location: Manchester UK
Age: 57
Justin... But for existing forums running, and those that just need a nice and easy <quick fix> How is the best way to implement this?


"Thats the way the mop flops"
Logged Offline
Site Site Private Message Private message Reply: 1 - 19
Justin
March 22, 2013, 7:49pm Report to Moderator Report to Moderator

The E-Blah Developer
E-Blah Programmer
Posts: 15,252
Gender: Male
Posts Per Day: 2.42
Reputation: 93.31%
Reputation Score: +307 / -22
Time Online: 39 days 6 hours
Location: Tallassee, AL
Age: 33
Go here:

https://github.com/eblah/E-Blah-Forum

Click "Zip" which will download the latest zip of the latest code, then upload everything. Make sure you have installed the Human Verification mod:

http://www.eblah.com/?v=downloads&f=SecurityImage.zip

Then, activate Human Verification and then make sure you go to Admin/Settings and save.

If you do this, it should be turned on and working.


My Websites: Revolution Reality (My Blog)  | Portfolio

"But you, O Lord, are a compassionate and gracious God, slow to anger, abounding in love and faithfulness." — Psalm 86:15 NIV
Logged Offline
Site Site Private Message Private message Reply: 2 - 19
Apollo
March 22, 2013, 8:40pm Report to Moderator Report to Moderator

E-Blah Member
Posts: 308
Posts Per Day: 0.06
Time Online: 3 days 4 hours 45 minutes
I suspect the question was really aimed at finding if it was possible just to upload the two files Admin2.pl and Setup.pl files as shown in the "Better salt generation" note in GitHub.

Thus avoiding the loss of any mods to an existing forum, and the need to find and re-install mods installed long ago - if we can still find them (some have come and gone over time)
Logged Offline
Site Site Private Message Private message Reply: 3 - 19
Justin
March 22, 2013, 9:41pm Report to Moderator Report to Moderator

The E-Blah Developer
E-Blah Programmer
Posts: 15,252
Gender: Male
Posts Per Day: 2.42
Reputation: 93.31%
Reputation Score: +307 / -22
Time Online: 39 days 6 hours
Location: Tallassee, AL
Age: 33
Admin2 and Register should be all you need. Look at the commit before for the file changes.


My Websites: Revolution Reality (My Blog)  | Portfolio

"But you, O Lord, are a compassionate and gracious God, slow to anger, abounding in love and faithfulness." — Psalm 86:15 NIV
Logged Offline
Site Site Private Message Private message Reply: 4 - 19
maverick
March 24, 2013, 4:13pm Report to Moderator Report to Moderator

E-Blah Member
Posts: 109
Gender: Male
Posts Per Day: 0.02
Reputation: 100.00%
Reputation Score: +3 / -0
Time Online: 256 days 2 hours 11 minutes
Location: Wales, UK
Quoted from Justin
Admin2 and Register should be all you need. Look at the commit before for the file changes.


Thanks to everyone for trying to address this problem, I thought I would let you know how I have got on with trying out this latest fix. I did initially try the Admin2 and Register pls but so called new members were registering about every 5 mins on the three forums I tested it on. So I did a full upgrade from the latest on Github. Thanks by the way of pointing that out it isn't that transparent.


Quoted from Justin

Go here:

https://github.com/eblah/E-Blah-Forum

Click "Zip" which will download the latest zip of the latest code, then upload everything. Make sure you have installed the Human Verification mod:

http://www.eblah.com/?v=downloads&f=SecurityImage.zip

Then, activate Human Verification and then make sure you go to Admin/Settings and save.

If you do this, it should be turned on and working.


So I have now done it so it is exactly as you have said here, however they still seem to be registering half hourly. I have done a few test registering and everything seems to doing what it is supposed to.

Just wondering have I missed to do something.

cheers


Logged Offline
Site Site Private Message Private message Reply: 5 - 19
Justin
March 25, 2013, 6:15am Report to Moderator Report to Moderator

The E-Blah Developer
E-Blah Programmer
Posts: 15,252
Gender: Male
Posts Per Day: 2.42
Reputation: 93.31%
Reputation Score: +307 / -22
Time Online: 39 days 6 hours
Location: Tallassee, AL
Age: 33
Do you have human verification on?

What does the end of your Settings.pl file look like?


My Websites: Revolution Reality (My Blog)  | Portfolio

"But you, O Lord, are a compassionate and gracious God, slow to anger, abounding in love and faithfulness." — Psalm 86:15 NIV
Logged Offline
Site Site Private Message Private message Reply: 6 - 19
maverick
March 25, 2013, 7:53am Report to Moderator Report to Moderator

E-Blah Member
Posts: 109
Gender: Male
Posts Per Day: 0.02
Reputation: 100.00%
Reputation Score: +3 / -0
Time Online: 256 days 2 hours 11 minutes
Location: Wales, UK
Hi Justin

Yes I have the  human versification box ticked in main preferences. I have put the GD folder in the forum folder and the font in Prefs. Everything seems to work ok

This is the last line from three different forums settings.pl

$captcha_random = "LLn(!yi36J7f!kzFX(M8";
1;

$captcha_random = "3cPP^8QtB)76j*RQw9qL";
1;

$captcha_random = "(fhQ#!52GQ9o24(9T6!*";
1;

Have I missed something out? Thanks for your help.


Logged Offline
Site Site Private Message Private message Reply: 7 - 19
Apollo
March 26, 2013, 12:07pm Report to Moderator Report to Moderator

E-Blah Member
Posts: 308
Posts Per Day: 0.06
Time Online: 3 days 4 hours 45 minutes
Quoted from Justin
Admin2 and Register should be all you need. Look at the commit before for the file changes.

Just some info from from trying this...

I replaced the two files with the new version from GitHub.

All worked fine ie no hiccups or errors when a test registration was made.

But I had to restore the original files after an hour or so as I had already collected more than a dozen spam registrations in that time.

Normally, about 0 - 3 spammers get through in a whole day (I have SFS mod installed).

Logged Offline
Site Site Private Message Private message Reply: 8 - 19
Justin
March 27, 2013, 4:38pm Report to Moderator Report to Moderator

The E-Blah Developer
E-Blah Programmer
Posts: 15,252
Gender: Male
Posts Per Day: 2.42
Reputation: 93.31%
Reputation Score: +307 / -22
Time Online: 39 days 6 hours
Location: Tallassee, AL
Age: 33
Hmm.

Have you looked into trying a different ttf font? Can someone try that and report back? You can also experiment with changing some of the distortion settings. Can someone that's suffering this problem try that?

Change line 162:

https://github.com/eblah/E-Blah-Forum/blob/master/cgi-bin/forum/Code/Register.pl#L162

The lines, angle, and maybe scramble are what should be adjusted.


My Websites: Revolution Reality (My Blog)  | Portfolio

"But you, O Lord, are a compassionate and gracious God, slow to anger, abounding in love and faithfulness." — Psalm 86:15 NIV
Logged Offline
Site Site Private Message Private message Reply: 9 - 19
maverick
March 27, 2013, 4:57pm Report to Moderator Report to Moderator

E-Blah Member
Posts: 109
Gender: Male
Posts Per Day: 0.02
Reputation: 100.00%
Reputation Score: +3 / -0
Time Online: 256 days 2 hours 11 minutes
Location: Wales, UK
Goodness they can read that!! I can barely read it, I will give it a go.


Logged Offline
Site Site Private Message Private message Reply: 10 - 19
maverick
March 28, 2013, 2:05pm Report to Moderator Report to Moderator

E-Blah Member
Posts: 109
Gender: Male
Posts Per Day: 0.02
Reputation: 100.00%
Reputation Score: +3 / -0
Time Online: 256 days 2 hours 11 minutes
Location: Wales, UK
I've tweaked those settings a bit, new registrations are down from about 100 to about 20 so I'll report back when I'm down to a few with the results. cheers


Logged Offline
Site Site Private Message Private message Reply: 11 - 19
Justin
March 28, 2013, 9:37pm Report to Moderator Report to Moderator

The E-Blah Developer
E-Blah Programmer
Posts: 15,252
Gender: Male
Posts Per Day: 2.42
Reputation: 93.31%
Reputation Score: +307 / -22
Time Online: 39 days 6 hours
Location: Tallassee, AL
Age: 33
What you could also try is what the original finders tried... Make it impossible to read (solid black) and see if you still get any spam. If so, them there's another problem.


My Websites: Revolution Reality (My Blog)  | Portfolio

"But you, O Lord, are a compassionate and gracious God, slow to anger, abounding in love and faithfulness." — Psalm 86:15 NIV
Logged Offline
Site Site Private Message Private message Reply: 12 - 19
maverick
April 4, 2013, 1:17pm Report to Moderator Report to Moderator

E-Blah Member
Posts: 109
Gender: Male
Posts Per Day: 0.02
Reputation: 100.00%
Reputation Score: +3 / -0
Time Online: 256 days 2 hours 11 minutes
Location: Wales, UK
Quoted from Justin
What you could also try is what the original finders tried... Make it impossible to read (solid black) and see if you still get any spam. If so, them there's another problem.



Sorry a bit late getting back, no time for anything at the moment I wasn't sure how to give a black background but I changed the lines to about 50 so the background doesn't get blacker than that. I'm pleased to say, I tried it on two forums and I haven't had one illegal membership yet. So I will keep on tweaking till I get an acceptable level and report back. Thanks.




Logged Offline
Site Site Private Message Private message Reply: 13 - 19
Fryedsoft
April 9, 2013, 4:29pm Report to Moderator Report to Moderator

E-Blah Member
Posts: 60
Gender: Male
Posts Per Day: 0.01
Time Online: 3 days 8 hours 19 minutes
Location: Farrell, PA
Age: 41
From my experience with the Salting, it doesn't eliminate spamming, but it does at the very least stop the automatic bots well, and the registration farms are pretty much covered by stopforumspam and aksimet.

As for the image, I've using a different font for image Generation (jokerman) and modified the generation string to "width => 200, height => 40, lines => 8, font => "$prefs/font.ttf", angle => 10, scramble => 1, rndmax => 6, ptsize => 14" with 1500 particles .

I'm averaging about 20 registrations attempts per day with about 1 or 2 getting through stopforumspam a week using the above changes to securityimage + the salt. Before the salt I was get 70-100 attempts with 4 getting through stopforumspam a day. after the salt it was down to 30-40 with 2-3 through stopforumspam a week. adding the image changes dropped the registration down to today's levels.

As for the other image verifiers. the Assira mod seemed to do nothing to stop automatic bots, since I believe the bots would just call register directly after getting the security image instead of clicking the submit button which assira would protect, and the recaptcha mod didn't seem to work correctly and would let people register even if they didn't solve the captcha. Not sure if it was the mod since I was testing the StopForumSpam Mod at the time so they might have conflicted...

So far, out of all the spam blocking techniques I've seen, the stopforumspam mod is easily the most effective.
Logged Offline
Site Site Private Message Private message Reply: 14 - 19
2 Pages 1 2 » Recommend Thread
Print

E-Blah Community    Informational    Forum Updates  ›  Forum Spam Fix