MikeD 11-28-2006, 07:20 AM Hi, I was just wondered if anyone has noticed this..... a new member joins but somehow manages to bypass the registration process. For example in my registration has a couple of required fields, and when I look at the new user member profile these fields are not filled out. Then later I find out they are not legit users, but spam bots. The reason I know they are bots is they don't show up on my stats reports, which do not include spiders or bots. Does anyone know if this is a known security issue in vBulliten that a bot or person can bypass required registration?
One other thing I was wondering about trying to combat spammers.... does anyone use the "moderate new members" option? If so how does it work?
Thanks.
minstrel 11-28-2006, 07:54 AM I do. What happens is Admins get notifications of new registrations. In my case, the new member is first required to complete email verification. After that, I need to manually activate the membership through the ACP. When you log in to the ACP, on the first screen you will see a link to "Users to Moderate" -- clicking on that link gives you a list of members awaiting moderation and you can activate, delete, or click on the member name or IP for further information.
MikeD 11-28-2006, 08:03 AM Thanks for the info. Do you find that moderating new members cuts down on spam? Also how do you know which users to delete and which ones to become active members? I can sometimes tell by the email address who is a spammer, but not always.
minstrel 11-28-2006, 08:06 AM It's not foolproof but it does cut way down on spam. As you say, you can often tell by the email addresses or even the member names (e.g. JohnDoe367, or Rivotril32). I also have a team of good moderators who will delete and ban by infraction for those who do manage to slip through.
Big Dan 11-28-2006, 08:34 AM What I really don't get is how their beating the catchpa.. That's supposed to be bot proof! I read somewhere (maybe here) that these are people registering and then the bots use the user name a password.
Luckily *crosses fingers* I haven't gotten one spammer on my board yet.
minstrel 11-28-2006, 08:42 AM I have heard (but can't exactly confirm) that there are bots now that can break some captcha systems. Not sure about vBulletin.
Joeychgo 11-28-2006, 10:37 AM Its a tough problem, and one I wish I could figure out a way to deal with more effectively because I get WAY too much spam posted on my various forums.
MikeD 11-28-2006, 12:28 PM I agree it's very frustrating. It seems like lately I spend more time cleaning up spam and deleting spammer accounts than actually talking to users in the forum :(
MikeD 11-28-2006, 12:33 PM Luckily *crosses fingers* I haven't gotten one spammer on my board yet.
You are very lucky, I don't know how any forum manages to avoid them. What's your secret, lol?
Joeychgo 11-28-2006, 12:38 PM I agree it's very frustrating. It seems like lately I spend more time cleaning up spam and deleting spammer accounts than actually talking to users in the forum :(
YES!!!!! I Agree!!!
SirAdrian 11-28-2006, 01:18 PM Look into "Spam Decimator" @ vBulletin.org - basically 2 clicks to delete all posts from a user and ban them (its in the postbit).
minstrel 11-28-2006, 07:28 PM Spam Decimator (http://www.vbulletin.org/forum/showthread.php?t=93762&highlight=Spam+Decimator) seems to be for 3.5x only.
minstrel 11-28-2006, 07:49 PM See Enhanced Captcha Image Verification - stop bots from signing up!! (http://www.vbulletin.org/forum/showthread.php?t=132482) for 3.6x (up to 3.64):
Title : Enhanced Captcha Image Verification
Version : 1.1
Coder : Andy Calderbank & Jason Williams
Purpose : Add extra Image Verification to the registration process, using an alternative system to the Captcha system.
Why : It would appear that spammers can now "read" the Captcha codes and overcome the verification process.
How : This extra feature uses images which are harder for a spam program/bot to interpret than text characters. The user has a choice of 4 randomly displayed images, and the answer is given below. The user must click on that image to proceed, if the incorrect image is selected an error message is shown. The images are randomly shown (from however many are in the directory - you can have as many as you want, just has to be more that 4!) and are automatically created from the images/verification/ directory - all on the fly. Sample images are included with this release, but you can use your own - I recommend using 100 x 100 pixels, in .jpg format and naming the image with a meaningful title (ie A House.jpg) - the extension is stripped so only the filename itself is shown.
To further enhance security, the images are passed through a script which means that none of the images on the screen have file names - and cannot be associated to the question by title alone.
I have been testing this on my forum and have found it to be effective - I cannot guarantee that this will stop all spamming, but this relies more on human input than a computer "reading" the image.
SirAdrian 11-29-2006, 01:15 PM I know we're using it (Spam Dec) at vBHackers, and they are running 3.6.0. It's possible they may have made modifications to it though.
The extra image verification is neat, I've seen it on a few sites now. But, the spammer can still guess (1/4 chance?).
smellyfed 12-12-2006, 07:29 PM I have success on my forums creating some custom profile fields with simple questions and then doing approvals manually. The bots aren't very successful at answering custom profile field questions with anything that makes sense.
minstrel 12-12-2006, 07:57 PM You really don't need the custom profiles. I have Admin approval and I haven't had an issue with spam... maybe one or two a year bother to go through the process and those get instantly dispatched to The Void by my moderators.
Night Shaded 12-25-2006, 07:04 PM I am not too worried about spambots on my new... project.
clearchannel 12-26-2006, 07:02 AM What I have done to address these issues with spam bots is to create a usergroup which is post moderatored. ALL new registrations are then placed in the post moderatored usergroup upon approval of their registration.
If their only purpose is to spam your forums, they will need to get past post moderation first. It's been my experience that spam bots never respond to an existing thread or topic, they always create a new thread or topic.
After a post or two, you can then move them to your registered member(s) usergroup.
I might also add, limiting most popular features, you can then restrict them from area's such as member profiles, email address, and the like, you may not want unsavory vistors from accessing.
Dave A 12-26-2006, 09:48 AM I might also add, limiting most popular features, you can then restrict them from area's such as member profiles, email address, and the like, you may not want unsavory vistors from accessing.
Second that thought and done from the start.
I'm experiencing a wierd series of registrations, though. No spam, just registrations. At first I thought they might be after member email adresses etc. But I'm starting to think it's driven by the same computer or program??
All have different IP adresses. All have free email addresses - cashette is fairly common, but there are others. Some confirm registration, some don't.
But they are being done by "computers" with the same timezone -12 hours, the international dateline??? And they never revisit the site :confused:
I'm hoping it isn't some hacking botnet move to generate spam mail, which seems the only thing of possible value left to keep coming back and generating a new membership each time. But there's no evidence of that either.
It just seems so senseless.
Caddyman 12-27-2006, 11:44 AM surefire way to stop spam, if it IS a bot......
called nospam! at .org, you set the questions and the registrant has to answer it, see it in action HERE (http://lowandloud.com/register.php) just agree to the TOS and click register, you see above the captcha theres a question.....you set the questions, easy or hard, no matter.....bots cant do it.
HACK HERE (http://www.vbulletin.org/forum/showthread.php?t=124828&highlight=no+spam%21)
MikeD 12-27-2006, 12:08 PM What I have done to address these issues with spam bots is to create a usergroup which is post moderatored. ALL new registrations are then placed in the post moderatored usergroup upon approval of their registration.
This seems like a good idea.... I might try this soon since I am running out of patience.
Caddyman 12-27-2006, 12:09 PM did you see my last post on the 1st page mike?
thats a great hack, having new members put into another group then moderating posts is alot of work IMHO, up to you
MikeD 12-27-2006, 12:12 PM All have different IP adresses. All have free email addresses - cashette is fairly common, but there are others. Some confirm registration, some don't.
This has helped me a little, I have found that cashette.com, gawab.com, mail.ru and web.de must harbor lots of spammers because it's these same domains over and over. Banning the entire domain has cut down on alot of these spammers.
I have also noticed many of these register, but they don't spam. I've also been wondering what they are up to.... it's almost like they are in "lay and wait" mode or something...
MikeD 12-27-2006, 12:14 PM did you see my last post on the 1st page mike?
thats a great hack, having new members put into another group then moderating posts is alot of work IMHO, up to you
I just now saw it, thanks for the tip. I will check it out when I have some time (I am visiting family for xmas this week and barely have a moments peace).
KimmiKat 12-27-2006, 04:52 PM I had quite a few coming from cashette.com, but nuking that domain from registering helped alot.
Another thing that annoyed me is some informercial I saw on TV recently. It was for a script that's being billed as an marketing script that automatically posts to Yahoo groups, Google groups and most mboard software. They even touted by say it can get pass the Gotcha images. I was tempted to call the 800# and give them a piece of my mind.
|
|
