Recent problems with spambots

Everything about this website and its content. Here you will find update announcements or requests for feedback. Questions about layout, functionality, content, and your suggestions are welcome.
Phil
385
User avatar
Joined: Tue Sep 25, 2012 3:22 pm

Re: Recent problems with spambots

Post by Phil » Wed Aug 12, 2015 8:09 am

Steven wrote:our own spam detector is up for revision. All spam that passes through is added in our database, and we use it do adapt the filter to be more secure in the future.
You're wasting resources with that.

Content-filtering is never a good idea, because spammers (the ones who program these automated scripts) are more intelligent. The days are over when spam used to equal "viagra" and you could simply block anything with that inside the headline. Spam now days is sophisticated and uses text that is indistinguishable [to a script/filter] from coherent human written text. Using a content-filter is therefore a waste of time and resources.

But there's good news too. Forum spam is the most easy task to solve. Why?

Can you create a new topic without a user account? >No< [check]
Can you create polls without a user account? >No< [check]
Can you post in a topic without a user account? >No< [check]
Is there anything you can to, besides lurking (reading) without a user account? >No< [check]

Therefore, we can conclude that to do anything on this site that might cause some form of grief/annoyance/damage/whatever, you need a valid user account.

Therefore, the solution is simple:

1.) Use a better question at the registration processs (simply change the question).
2.) Use an additional captcha.
3.) the most basic simple solution: make user accounts inactive until activated by a moderator or admin.
4.) I assume a valid email address (valid and authenticated, e.g. by sending the password or an activation key to that email address) is already mandatory to actually activate your user account before being able to post is already a requirement??

Point 3 is the most basic one. If a moderator doesn't see enough to distinguish if it's legit or not, then point 1 or 2 may be required. Another way to solve; Add a field at the registration process on why the person wants to register to this site. Or to name their interests. Any coherent text in this field is probably from a human, not a bot.

Irregardless, checking user accounts before hand probably is a much smaller task than checking posts for possible spam content. Eradicate the fake user accounts, you eradicate the unwanted posts.
Last edited by Phil on Wed Aug 12, 2015 1:00 pm, edited 2 times in total.
Not for nothing, Rosberg's Championship is the only thing that lends credibility to Hamilton's recent success. Otherwise, he'd just be the guy who's had the best car. — bhall II
#Team44 supporter

rjsa
69
Joined: Fri Mar 02, 2007 2:01 am

Re: Recent problems with spambots

Post by rjsa » Wed Aug 12, 2015 12:32 pm

Steven wrote:Well, I understand spamming with links, but all that other crap with bogus text... I don't see the point, and I guess I'll never understand it.
These are bots. People do it because they can, they are just honing their code on us.

BanMeToo
14
Joined: Fri Dec 27, 2013 3:26 pm
Location: USA

Re: Recent problems with spambots

Post by BanMeToo » Wed Aug 12, 2015 2:33 pm

Phil wrote:4.) I assume a valid email address (valid and authenticated, e.g. by sending the password or an activation key to that email address) is already mandatory to actually activate your user account before being able to post is already a requirement??
Actually I don't think you get an activation link when you reg here.

e:
rjsa wrote:Bots chatting among themselves. I've seen it all.
I had quite a chuckle at that haha :?

Steven
Owner
User avatar
Joined: Mon Aug 19, 2002 5:32 pm
Location: Belgium

Re: Recent problems with spambots

Post by Steven » Sat Aug 15, 2015 9:55 am

Phil wrote:1.) Use a better question at the registration processs (simply change the question).
2.) Use an additional captcha.
3.) the most basic simple solution: make user accounts inactive until activated by a moderator or admin.
4.) I assume a valid email address (valid and authenticated, e.g. by sending the password or an activation key to that email address) is already mandatory to actually activate your user account before being able to post is already a requirement?
1) Any suggestions?
2) Will be far better after site update
3) Impossible. A lot of users will slip through, because most spammers only add link signatures after posting. The obvious spamwords in usernames and emails are already caught, while temporary email domains are blocked already as well
BanMeToo wrote:
Phil wrote:4.) I assume a valid email address (valid and authenticated, e.g. by sending the password or an activation key to that email address) is already mandatory to actually activate your user account before being able to post is already a requirement??
Actually I don't think you get an activation link when you reg here.
Yes you do

rjsa
69
Joined: Fri Mar 02, 2007 2:01 am

Re: Recent problems with spambots

Post by rjsa » Sat Aug 15, 2015 12:23 pm

Steven wrote:(1) Any suggestions?
Don't know if you heard of this? http://nomorecaptchas.com/

Phil
385
User avatar
Joined: Tue Sep 25, 2012 3:22 pm

Re: Recent problems with spambots

Post by Phil » Mon Aug 17, 2015 1:39 pm

Steven wrote:1) Any suggestions?
Anything.

The important thing to realize is that it's just a bot. A bot being a program, a script, a piece of logic that has ZERO ounce of intelligence. It can only do, what it is programmed to do. This is for the most part, searching the web, parsing the source code and looking for '<form method...>...</form>' inside it to realize there is a form. When it finds it, it looks for what text inputfields are there (you know, the boxes we use to enter something inside our browser on a webpage) and then they simply enter what ever they were programmed to enter and send it via POST method. Voila.

Most of the time, if the inputfields are some kind of login screen, like to an administration page, the bot will use some kind of bruteforce attempt to 'crack' the username and password. It will simply try various different combinations, more or less default known passwords or simple combinations. It will do this on a regular basis. When you do this on thousands of sites within a day, a week, a month whatever (it can, because noone physically is sitting behind the computer doing anything, the bot is entirely automated). You will find that with that many pages, the odds are actually that occasionally, a bot will actually find the right combination and voila, the site/account is hacked and access is gained.

The core thing here to realize is that bots are designed to attack and abuse as many forms on as many different websites as possible. Therefore, it is rarely a specific programmed bot for *your* unique site, like f1technical.net. Your site, is but many, that is actually 'attacked'.

So if you simply change the first control question to anything 'new' - chances are it will block every bot until someone actually goes and reprograms their little bot to solve the new question. If one of these spammers is an active F1 reader, then the odds are this will happen quickly. If it isn't, then you may have some piece and quiet for some time.

Just remember; The bot is inherently stupid. It doesn't understand the question you are putting there at your registration form. It just knows that there is a field and it will enter different phrases, words whatever and hit enter so many times until it succeeds with one of them. So, changing it to anything will likely result in some form of success.

If it doesn't - then you either are dealing with a bot that is updated frequently (and that someone is reading your forums), or the bots are coming through by some other means, security flaw, unprotected form or something.
Not for nothing, Rosberg's Championship is the only thing that lends credibility to Hamilton's recent success. Otherwise, he'd just be the guy who's had the best car. — bhall II
#Team44 supporter

Steven
Owner
User avatar
Joined: Mon Aug 19, 2002 5:32 pm
Location: Belgium

Re: Recent problems with spambots

Post by Steven » Sat Oct 10, 2015 4:29 pm

So, I have replaced the anti-spam questions upon registration with new ones.
Sadly, the epic Betrand Gachot question has thereby been removed.

Hope the new ones prove a bit more effective.
At least they show no results in my tests on google.

EDIT: Interesting, in 2 days, not a single spam registration :)
I also deleted nearly 800 sleeping spamusers in our database

Steven
Owner
User avatar
Joined: Mon Aug 19, 2002 5:32 pm
Location: Belgium

Re: Recent problems with spambots

Post by Steven » Mon Feb 15, 2016 7:50 pm

So, I have restored the previous anti-spam questions, as it turns out they are far more effective than Google's reCaptha.
Who would've thought that :D

Mr.G
39
User avatar
Joined: Wed Feb 10, 2010 9:52 pm
Location: Slovakia

Re: Recent problems with spambots

Post by Mr.G » Mon Feb 15, 2016 8:26 pm

Hi Steven, I use on my forum this extension - so far no problems and it's more user friendly, you just need to drag and drop from left to the right the correct words. https://www.phpbb.com/customise/db/mod/ ... ha_plugin/
Art without engineering is dreaming. Engineering without art is calculating. Steven K. Roberts