MyBB Community Forums
Spam Bots - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: 1.8 Support (https://community.mybb.com/forum-175.html)
+--- Forum: Security Management and Support (https://community.mybb.com/forum-179.html)
+--- Thread: Spam Bots (/thread-208774.html)



Spam Bots - zodearest223 - 2017-03-04

Hello everyone,

FORUM URL: http://tokyoghoulv2.decadence-rpg.net/index.php

I've been using MyBB as my go to forum provider for 6 years now and I have never had an extreme problem with bots until now. I've been struggling with warding them off for a couple months now. They originally would register and do nothing else. Now they're posting in boards, threads, and editing their user avatars and signatures.

Sometimes I go to delete certain bot accounts too and then it creates 5 other bot accounts from deleting the one account. I've accidentally deleted member accounts before because the Users & Groups tab in the Admin CP doesn't always update accordingly to when I've deleted bot accounts.

I have my forum set up to require someone to enter a Captcha and accounts to do e-mail activation but that is not preventing bots from flooding my forum. On average I have around 10-15 bot accounts daily register.

What are courses of action I can take to stop this madness from happening? These bots seem to be highly intelligent.


Also, I have no idea why the copyright for MyBB has disappeared from the footer of my forum. I have the code in the footer still but none of it is appearing.

Thanks everyone for your help.


RE: Spam Bots - VirusZero - 2017-03-05

Regarding the copyright notice part, check your footer template for that skin and look for the copyright notice and see if this is still there:
Powered By <a href="https://mybb.com" target="_blank">MyBB</a>, &copy; 2002-2017 <a href="https://mybb.com" target="_blank">MyBB Group</a>.


If it's not then add it back in.  (I checked via inspect element and view source but it didn't show up there for me. )


As for dealing with bots... Do you have registertime and securityquestions set up? 
If not set them up first. They're default parts of MyBB 1.8 so you just have to go into the ACP and set them up. Offhand they're both in the configuration -> settings page. But I may be misremembering their locations so you might have to check around a bit.

I'd also recommend installing IP2Location (if you don't already have it active) and setting China, Russia and Iran as blocked from visiting. (All are major spam producers and offer very few legitimate users.)


Let us know how it goes either way.


RE: Spam Bots - andrewjs18 - 2017-03-05

a friend's site was getting hammered with spam a few weeks ago. we tried basically every measure: change up the registration questions, switch to a different captcha, add cloudflare, etc.. the only thing that really stopped the spam was to block the offending countries outright from accessing the site, as mentioned above. we used a combination of cloudflare's geolocation header plus .htaccess rules to block them.

the offending countries we had spam coming in from were India, Pakistan & Iran, for the most part. We also went ahead and blocked China, Ukraine and Russia as well.


RE: Spam Bots - zodearest223 - 2017-03-07

Thanks for all the help guys. I went ahead and installed the plug in and banned bots from the countries the IP addresses originated from, but they are still registering on my forum from the banned countries. I'm real concerned. It's getting to the point where I'm thinking I may need to leave MyBB and create my site again with different forum software. I'm going to keep trying the suggested ideas and hopefully it'll stop soon, because I really do love MyBB.


RE: Spam Bots - VirusZero - 2017-03-08

When you installed the plugin did you also get the file from http://lite.ip2location.com/database-ip-country, (choose IPv4 bin on that page, then click "Not now, bring me to download page") upload it to your server and then set the full path in the plugin's settings? (So if you uploaded it to your inc folder then you'd enter: "/www/inc/IP2LOCATION-LITE-DB1.BIN" or "/www/mybbfolder/inc/IP2LOCATION-LITE-DB1.BIN" if your mybb install isn't in the public_html.)
If not, then try that and see what happens.

However If you have already done that and it's still not helping then do you have StopForumSpam enabled? (If not, try setting it up. It should be in the settings already, I don't recall where exactly offhand. If so, try maybe setting the confidence level to around 20% if it's higher than that.)


RE: Spam Bots - HLFadmin - 2017-03-09

You might want to make the effort to upgrade to 1.8.
One feature permits a required question/answer to submit the registration.

There is an old plugin that sets up the registration question.
https://mods.mybb.com/view/registration-security-question

Don't use the standard What is 2+2?
I use What is the name of this forum?

Not sure if the IP2Location plugin will work as expected.
It seems to be designed for 1.8, although it may be backward compatible.
I have not checked.

Upgrading from 1.6 to 1.8 will require plenty of work, but it is worth it due to fixed vulnerabilities.
Make the upgrade on a copy of the forum because you will need to fix the templates for the new version.
Afterwards you can switch the live forum faster to avoid downtime.


RE: Spam Bots - Lunorian - 2017-03-09

What helped me was setting up a system where a user's first three posts require manual staff approval. This allows us to ensure no spam posts are shown to users. The spammers are purged with the purge spammer function and are then submitted to StopForumSpam which makes it harder for them to continue spamming other boards Big Grin


RE: Spam Bots - R00T00 - 2017-04-02

I would block add Project Security to your Forum.

https://codecanyon.net/item/project-security-website-security-antivirus-firewall/15487703

I have had Bot and Spam issues before and after buying this product everything stops.
It has so many good tools inside it and its very easy to install.
It also protects allot of SQL attacks Crawling etc. Also you can disable access from Tor or Proxies/VPNs
Blacks All bad bots including Vulnerability scanners, like Uniscan etc.


Check the demo

Front End: https://project-security.ga
Admin Panel: https://project-security.ga/admin
Username: admin
Password: admin


Main Features

SQLi Protection
Protection from SQL Injections (SQLi) and XSS Vulnerabilities (Cross-Site Scripting).
Mass Requests Protection
Protection from Mass Requests that are made in order to overload your website.
Spam Protection
Protection from Spammers and Spam Bots that aim to spam your website.
Proxy Protection
Protection from Proxy Visitors or so-called people hiding behind proxies.
Malicious Files Scanner
Antivirus Scanner that will scan your website for malicious files and will notify you if any are detected.
Input Sanitization
Protection Module that automatically sanitize all incoming and outgoing requests and responses.
DNSBL Integration
Integration with some of the best Spam Databases (DNSBL) to protect your website from Bad Visitors.
Tor Protection
Detects and block visitors that use the Tor Browser to hide their Identify and to do malicious or suspicious things.
Intelligent Pattern Recognition
Detects Unknown and Zero-Day Attacks and Exploits.
Industrial-Strength Algorithms
Detects Known Hacker Attacks.
Ban System
Helps you to block and redirect Visitors / Users (IP Addresses), Countries, Operating Systems, Browsers and Internet Service Providers (ISP).
Bad Bots and Crawlers Protection
Blocks many Bad Bots and Crawlers that will wast your website bandwidth.
Fake Bots Protection
Verifying search engine bots that visit your website whether they are real or fake bots.
Headers Check
Every visitor’s response headers will be checked and if there are suspicious objects their access to the website will be denied.
Real-Time Scanning of All Requests
GET, POST and other types of Data.
Auto Ban
Function that will automatically block attackers and threats such as Bad Bots, Crawlers and other.
Attack Logs
Each attack and threat is logged into the database, so you can view them later. (No duplicates)
Detailed Logs
The logs contain many information about the Attack / Threat like Browser, Operating System, Country, State, City, User Agent, Location on the Map and other useful information.
E-Mail Notifications
You will receive an E-Mail Notifications when attack or threat is detected.
Multi-Site Monitoring & Protection
Protect and Manage multiple websites from a single remote Installation.
Dashboard with Stats
On the Dashboard you can check the Stats for the protection of your website.
Website Optimizations
Modules that will make your website faster and more optimized.
Useful Tools
Large collection of Tools such as .htaccess Editor, HTML Encryptor, Password, Hash Generator and other.
Errors Monitoring
Useful tool that shows all logged errors from your website.
.htaccess Editor
Edit your .htaccess file directly from the Admin Panel, no need to open it in any external editor.
IP Whitelist
A list of IP Addresses that will be ignored by the app and will not be blocked.
Site Information
Page with a huge amount of Information and Statistics about your website.
Very Optimized
The script is very lightweight and won’t slow down your website loading time.
Fully Responsive
Looks good on many devices and screen resolutions.
Easy to setup
The script is integrated with Installation Wizard that will help you to install the app.
Easy for use
Include one line of code in any main file to protect the whole website.


RE: Spam Bots - numberek - 2017-07-20

actually we installed mybb as a subfolder to wordpress and in wordpress we have wordfence installed. So most of the bots and hacking attempts are detected by wordfence. Otherwise it would have been more difficult with sole mybb installation.


RE: Spam Bots - Lunorian - 2017-07-27

(2017-07-20, 10:52 AM)numberek Wrote: actually we installed mybb as a subfolder to wordpress and in wordpress we have wordfence installed. So most of the bots and hacking attempts are detected by wordfence. Otherwise it would have been more difficult with sole mybb installation.

Wordfence will not affect mybb just because it's in a subfolder.