MyBB Community Forums

Full Version: Spamming BOT's Issue.
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3
(2020-01-14, 02:30 AM)gimbal Wrote: [ -> ]I solved this problem with a few techniques together:
This is what I'm doing also.

Also, I have disabled PM by new unapproved users (registered in the above example). But once promoted they can basically do whatever they like.

The human spammers do get through occassionally though, but it's not that big a deal as my board is a low traffic one. Probably less than 20 human spammers a year?
You can use Restrict PM to forbid users to send PM until they have enough posts on the forum
(2020-01-14, 01:51 AM)iKsu Wrote: [ -> ]
(2020-01-14, 12:28 AM)Ashley1 Wrote: [ -> ]No it's not.

Its not possible that you could have a list of trusted emails as you state otherwise you would not have this problem.

Set the registration method to Admin activated and find a way to better vet your registration applications and your problem will be solved.
  • It's possible as i only allows using (Gmail - Yahoo - Hotmail) during registration.
  • I did not understand what do you mean? Could you explain more?

Spammers will still get past the security questions and even Google's recaptcha. If you're going to allow automatic registrations then you have to accept that you're going to get some spammers.
(2020-01-14, 02:09 AM).m. Wrote: [ -> ]
Quote:... do you think that is an effective method
yes.
Quote:Set the registration method to Admin activated
Ashley1's suggestion is to activate every new user through forum admin panel
after checking user name, email & ip address. initially it might be possible to
check newly joined members - as forum grows it would be difficult to do so ..

Edit:
you can also put new users' x posts on moderation queue
[eg. see required approvals plugin  (see also this related thread)]
Thanks a lot for your clarification and help, Also i tried your latest suggestion, But it have some issues. So i don't uses it.
(2020-01-14, 02:30 AM)gimbal Wrote: [ -> ]I solved this problem with a few techniques together:

1. ACP > Configuration > Settings > Login and Registration Options > 

Registration Method = Send email verification (requires user to validate their email address)
Display Hidden CAPTCHA = YES
Minimum Registration Time = at least 20 seconds
Show Security Question = YES

2. ACP > Configuration > Security Questions > make a more interesting question that is harder for bots to solve.

3. If a person or a bot gets past all of those tests, MyBB moves the user from the "Awaiting Activation Group" to the "Registered" Group, which has permission to post freely. So the idea is to modify the Registered Group so that the first post by any user must be moderated - meaning approved by you - before they appear on the forum. This effectively blocks spam, although you do have to go in and "approve" legitimate posts regularly, and delete the spam - but it's easy to do. Then, you create a "Promotion" system that if any Registered user has at least 1 post (meaning you approved their post), then they are "promoted" to a new "Approved" group, which can then post freely.

https://community.mybb.com/thread-186873.html

Here's how:

Make a backup first: in ACP > Tools & Maintenance > Database Backups

1. In ACP > Users & Groups > Groups > Add New User Group

Title: Approved
Copy Permissions From: "Registered"
Click "Save User Group"


2. In ACP > Users & Groups > Groups > Registered Group > Forums and Posts > Moderation Options:

Check: Moderate new posts
Check: Moderate new threads
Click "Save User Group"

3. In ACP > Users & Groups > Group Promotions > Add New Promotion

Title: Promote Registered to Approved
Promotion Requirements: select "Post Count"
Post Count: 1 "Greater than or equal to"
Original User Group: select "Registered"
New User Group: "Approved"
User Group Change Type: "Primary User Group"
Click "Save Promotion"

4. In order to promote all of your existing Registered users to the new Approved Group - so that they can still post freely:

ACP > Tools & Maintenance > Task Manager > Promotion System > Run Task

This way, any new "Registered" user who passes the Registration and email verification, will still have their first post held for approval. Once you approve a post, the user is moved to the "Approved" group and can post normally. 

Last, most of our problem registrations were coming from users hiding behind VPN or TOR nodes. There is a plugin called "chkProxy" which can block registration if the user is behind a proxy/VPN... I don't endorse the plugin and have not used it, but it looks like it is up to date.

https://community.mybb.com/mods.php?acti...w&pid=1280

I'm not sure if any of that will help with bots specifically, but it does help to filter out most problem registrations, and stop spam before it appears.
Thank You for the fully clarified post and help.
(2020-01-14, 07:53 AM)Crazycat Wrote: [ -> ]You can use Restrict PM to forbid users to send PM until they have enough posts on the forum
Thank You.
chkProxy no longer works. Spammers and bots can be taken to the form at ease.

iPatrol might be too strict, according to the discussions in the plugin's thread.

MyBB really, REALLY needs to do something about preventing the same IP addresses from registering over and over again without a moderator's intervention, especially when it comes to active forums that attract trolling. There is currently no way to restrict IP addresses from registering a maximum amount of accounts.
(2020-04-17, 07:04 PM)rfssjz Wrote: [ -> ]MyBB really, REALLY needs to do something about preventing the same IP addresses from registering over and over again without a moderator's intervention, especially when it comes to active forums that attract trolling. There is currently no way to restrict IP addresses from registering a maximum amount of accounts.
Did you really check the "Login and Registration Options" ?
[Image: 1DfSvPA.png]
It's almost futile to try to block IP addresses, simply because they change frequently - even for fixed landline ISPs - and it's trivial for a troublemaker to use TOR, VPN, or proxy to hide their real IP.

I found a way to block registrations and logins from anyone hiding behind a TOR address, or a Proxy - which blocked virtually all troublemakers - however, there were a few legitimate people who complained because this also blocks VPN (which uses proxies). So there is a trade off. Here's how we approached solving the problem on our forum:

The first step is to create a Task in ACP, which runs daily, which downloads a list of active TOR exit nodes to a text file - I think there are something like 1200 at any given time. Note, I created my script before recent changes by the TOR service - so I'm not sure if it still works (we've closed down our forum this winter), but you can see the Tor bulk exit list service here:

https://blog.torproject.org/changes-tor-...st-service

And this will download the current list:

https://check.torproject.org/torbulkexitlist

In ACP I created a Task which downloads the Tor list to the web server in a file called torexits.txt

function task_torexits($task)
{
	$url = "https://check.torproject.org/torbulkexitlist";
	$ch = curl_init();
	$fp = fopen("../torexits.txt", "w");
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
	curl_setopt($ch, CURLOPT_FILE, $fp);
	curl_setopt($ch, CURLOPT_URL, $url);
	curl_exec($ch);
	curl_close($ch);
	fclose($fp);
	add_task_log($task, "Tor List Updated");
}

Now we have a locally stored list of Tor exits updated automatically daily. So to test visitors who try to register or log in, we add a script at the top of the members.php file to filter out anyone visiting from a Tor exit. I created this script which drops any TOR visitor out to an HTTP 404 Error page, and log it in a text file for testing. (The log file would be better stored in MySQL where it can be protected from someone accidentally finding it and potentially compromising forum privacy...). I'm not actually a programmer and I don't know if this is this is the best way to do it or not, but I got it to work by trial and many errors:

// Get visitor's IP address
$ipAddress = $_SERVER["REMOTE_ADDR"];

// Block visitor if IP is a TOR exit node, list updated daily via ACP Task
function isTor($ipTor){
  $Torlist = explode("\n", file_get_contents('torexits.txt'));
  if(in_array($ipTor, $Torlist))
  return true;
}

if (isTor($ipAddress)) {
  $ip2string = date("Y-m-d H:i:s") . "\t" . $ipAddress . "\tTOR" . "\n";
  file_put_contents('torlog.txt', $ip2string, FILE_APPEND);
  header("HTTP/1.1 404 Not Found"); 
  header("Location: 404.php"); 
  exit;
}

Even after the above we still had enough problematic registrations from users hiding behind VPN and proxy servers, so I subscribed to the IP2Location.com web service (I have no affiliation), which has a constantly updated list of active proxy exits you can query with JSON. You have to subscribe, and it costs about $50 for 10,000 queries - but since we blocked out TOR for free, this was a reasonable cost. You can set up a trial subscription - it works by embedding your subscription or trial code in a script, shown below.

https://www.ip2location.com/web-service/ip2proxy

So we added this script in members.php, just under the TOR script above:

It queries the Visitor's IP against IP2Location's Proxy database using JSON and drops them out to a 404 error page and logs the attempt to a text file, if either of these conditions are true: The visitor is using a known proxy, or, the visitor's IP is from a country you want to block, using a list of 2-letter ISO country codes, (ie, 'us', 'uk'):

// Check Visitor against IP2Location Proxy database
 if(isset($ipAddress)) {
 	// Check IP with IP2Location Proxy database
	$urlTemplate = 'https://api.ip2proxy.com/?ip=' . $ipAddress .  
	  '&key=YOURKEYHERE&package=PX1';
	$urlToCall = sprintf( $urlTemplate, $ipAddress);
	$rawJson = file_get_contents( $urlToCall );
	$ip2location = json_decode( $rawJson, true );

	//Test response from to IP2Location
	if( $ip2location['response']=="OK" ){

		// Block Visitor if using a Proxy
		if( $ip2location['isProxy']=="YES" ){
			$ip2string = date("Y-m-d H:i:s") . "\t" . $ipAddress . 
			  "\tProxy\t" . $ip2location['countryCode'] . "\t" . 
			  $ip2location['countryName'] . "\n";
			file_put_contents('iplog.txt', $ip2string, FILE_APPEND);
			header("HTTP/1.1 404 Not Found"); 
			header("Location: 404.php"); 
			exit;
    		}

 		// Block Visitor if from a blocked country
		$blockCountry = array( 'RU', 'KP');
 		if( in_array ( $ip2location['countryCode'] , $blockCountry , true )){
			$ip2string = date("Y-m-d H:i:s") . "\t" . $ipAddress . 
			 "\tBlock\t" . $ip2location['countryCode'] . "\t" . 
			 $ip2location['countryName'] . "\n" ;
			file_put_contents('iplog.txt', $ip2string, FILE_APPEND);
			header("HTTP/1.1 404 Not Found"); 
			header("Location: 404.php"); 
			exit;
			}

		$ip2string = date("Y-m-d H:i:s") . "\t" . $ipAddress . 
		"\tOK\t" . $ip2location['countryCode'] . "\t" . 
		$ip2location['countryName'] . "\n" ;
		file_put_contents('iplog.txt', $ip2string, FILE_APPEND);
	}
 }

Since these scripts only run when a person actually tries to registor or log in - activating the members.php file - the volume of hits was relatively low on our forum, and we had no problem on a shared server at a standard hosting company. And again - a word of caution - the text log file should only be used for testing, and if you want a proper log the script should be enhanced to store it in MySQL...

Finally, anyone who successfully registered - and MyBB put them in the "Registered" group - we modified the group settings in ACP to hold the first post for moderation. Once approved, the ACP would automatically promote the user to an "Approved" group where they could then post normally. Collectively, the above steps kept out 99.9% of bad actors for several years, it was a breeze to moderate.
I've been using Antispam by CleanTalk plugin. It does a good job at stopping spam. Well worth the $8 a year they charge.

https://community.mybb.com/mods.php?acti...w&pid=1008
Hi , I have A better Solution The best Ever See .. That plugin Work only on 1.6 version But if any can Test to Update because Manualy for me just change 1.6* to 1.8* Not working..

If Any can Re create Is make Random Gif captcha already added on Registration page when we install the plugins Nothing to do Just do install plugin and enbabled. and config in the admin panel .. With a Lot of option like speed ,Caractere in the gif etc ..


https://community.mybb.com/thread-228439.html
i Continue To Thing The only Real Way to counter the Reel bot Spam Registration is To have a Captcha Gif like the plugin i have Ask to Re updated .. i wait anyone can re create or updated .. Because When a real Hacker want to Attack the forum with Spam bot registration Is not the Actual Captcha can stop them.. and the questions LOL you need to change it every 2 day if you dont wanna have again spam Even if you made 10000 questions per day ..
Pages: 1 2 3