Welcome to geekForum.com! Log in or Sign up to interact with the community.

Stop SMF Forum Spam

Discussion in 'Forums' started by Dukie, Jul 3, 2011.

  1. Dukie New Member

    Member Since:
    Jun 13, 2011
    Recently I've seen reports of spamming increase on SMF powered forums. Some people are blaming SMF 2.0 for this but honestly, that's not the reason! The latest release has nothing to do with this, in fact spammers are targeting other forum software, such as phpBB (another well known and popular open source forum software).

    What can you do about it? That's the question, how can you stop these spammers? Well, I have a solution which has kept spammers away from all my SMF powered forums. This is basically an article that well outline what you can do to stop spammers from spamming your forum! If you don't know me, allow me to introduce myself. I am a forum enthusiast, with over three experience in SMF. I've spent countless hours (that add up to days) helping people with SMF, whether it was at the SMF support forums or personal support through PM and Email.

    Anyways, let's get to do the point! Kick some spam-butt

    Step 1: Use the built in Anti-Spam feature that SMF 2.0 contains! It is located under configuration in the admin panel. Just hover over security and moderation and anti spam will pop up. Click that and you will be set to use SMF's powerful anti-spam feature.

    I do not recommend you make CAPTCHA more powerful because honestly, some forums might lose real members this way, due to impatient we human beings have. Instead I recommend you use SMF's verification questions option. Basically come up with 1 or 2 simple questions that only a real human being would know. An example or two are:

    Who is the current President of the United States? Barack Answer: Obama
    What is the color of greengrass? Answer: green

    After you have done this, make sure you log off and check for yourself to make sure it is working! You can do this by trying to create an account and making sure that your questions appear and the answer are accepted.

    Step 2: Use some of the ant-spam modifications already developed for SMF by third party developers. Here is a link to the page with a listing of all of them: http://custom.simplemachines.org/mods/index.php?action=search;type=19

    Some of the modifications listed are not compatible with SMF 2.0 but I will tell you some good ones that are!

    http://custom.simplemachines.org/mods/index.php?mod=1547 (Stop Spammer): This modification is amazing! It works, WORKS. I use it everywhere and this is all I need. When properly configured (easy to configure), it busts spammers by catching them and not allowing them to get approved. You'll get a list of the spammers waiting to be approved and you can reject them :) They do this by matching the IP, Email, username (you can choose which to match) with a public directory of known spam bots. This modification is amazing and I believe everyone should have it installed!

    http://custom.simplemachines.org/mods/index.php?mod=2839 (KeyCAPTCHA): A new type of CAPTCHA that I've heard good things about. It's users say that spam dropped 100% completely after this modification was installed. Why not give it a try :)

    These two modifications will get you a long way.

    Step 3: Not really needed by this may stop some spammers on their tracks. Change the registration settings from immediate registration to Email activation! Some spammers obviously come up with fake BS Email address and this will stop them.

    Anyways, these here are the three key steps that can make your forum SPAM FREE. If you have any questions please post a reply to this thread. If you need any help, don't hesitate to ask by replying.
  2. ukranger New Member

    Member Since:
    Jul 14, 2011
  3. Dukie New Member

    Member Since:
    Jun 13, 2011
  4. Miss KJ New Member

    Member Since:
    Dec 14, 2011
    Hi, Dukie,

    Here is a question to ask about SMF's verification questions option. When I set this option, i found that a problem occurred which is showed as below,

    Forbidden

    You don't have permission to access /index.php on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

    Can you please guide me for this problem?

    Thanks
  5. Dukie New Member

    Member Since:
    Jun 13, 2011
    [quote author=Miss KJ link=topic=26.msg1022#msg1022 date=1323934901]
    Hi, Dukie,

    Here is a question to ask about SMF's verification questions option. When I set this option, i found that a problem occurred which is showed as below,

    Forbidden

    You don't have permission to access /index.php on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

    Can you please guide me for this problem?

    Thanks
    [/quote]

    What kind of hosting do you have?

    Make sure that you have full permission to read, write, and edit index.php, you can check permissions using an FTP client or Cpanel File Manager.

    I think it might be because of how your forum is setup internally.

    Please get back to me.
  6. Clara Listensprechen Member

    Member Since:
    Jul 14, 2011
    [quote author=Miss KJ link=topic=26.msg1022#msg1022 date=1323934901]
    Hi, Dukie,

    Here is a question to ask about SMF's verification questions option. When I set this option, i found that a problem occurred which is showed as below,

    Forbidden

    You don't have permission to access /index.php on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

    Can you please guide me for this problem?

    Thanks
    [/quote]
    I've run into a similar problem and it may have to do with what version of SMF you're using, as in, does it handle the new format IP ? If it doesn't. then a Guest is not recognized as even having Guest permissions. It also causes Captcha to not function.
  7. Miss KJ New Member

    Member Since:
    Dec 14, 2011
    Hi,

    Currently my hosting is a standard hosting plan. I not sure of how to check for the permission through the cpanel. The version for the forum is now version 2.0.1.
    The verification question should be built in feature of smf 2.0, I really have no idea of why I cant set this option.
  8. Dukie New Member

    Member Since:
    Jun 13, 2011
    [quote author=Miss KJ link=topic=26.msg1029#msg1029 date=1324269547]
    Hi,

    Currently my hosting is a standard hosting plan. I not sure of how to check for the permission through the cpanel. The version for the forum is now version 2.0.1.
    The verification question should be built in feature of smf 2.0, I really have no idea of why I cant set this option.


    [/quote]

    Go to Cpanel file manager and click on each file and then click on "permissions" on the top.

    Yes verification question is built in 2.0, just check under configuration and then anti-spam
  9. Miss KJ New Member

    Member Since:
    Dec 14, 2011
    Hi,

    For the each file, sorry that do you mean is select all the file? I selected all the file and press the change permissions option and found that there are option of user, group and world for read, write and execute. The internal setup you mean last few post is refer to? I tried to change the permission, and found that different problems when I ticked for different options.

    Thanks for answering.
  10. Dukie New Member

    Member Since:
    Jun 13, 2011
    [quote author=Miss KJ link=topic=26.msg1057#msg1057 date=1324985700]
    Hi,

    For the each file, sorry that do you mean is select all the file? I selected all the file and press the change permissions option and found that there are option of user, group and world for read, write and execute. The internal setup you mean last few post is refer to? I tried to change the permission, and found that different problems when I ticked for different options.

    Thanks for answering.


    [/quote]

    I think you should contact your host and make them check why your forum isn't functioning correctly. Tell them to check your index.php file, also what hosting provider are you using?
  11. gempo New Member

    Member Since:
    Jan 9, 2012
    I can't thank you enough for this article. I have been battling with spammers this my forum came online. this article has made my day.
  12. Dukie New Member

    Member Since:
    Jun 13, 2011
    [quote author=gempo link=topic=26.msg1083#msg1083 date=1326117323]
    I can't thank you enough for this article. I have been battling with spammers this my forum came online. this article has made my day.
    [/quote]

    No problem :) If you found this helpful, please support this forum by simply being active. You can post replies or make your own topics.

    Thank you!
  13. Clara Listensprechen Member

    Member Since:
    Jul 14, 2011
    I performed a spammer experiment with my board, since I'm getting out of the forum biz altogether but my domain/hosting doesn't expire for a few months yet, and I thought y'all might be interested in the results.

    I modified all my Boards so that none of them were Default. I found that even Permissions restrictions didn't apply for some reason to first time registrants no matter how I configured 'em.

    I designated one Board as "Spam City". Board Permissions were such that membergroup Spammer could post there and nowhere else.

    Members of Spammer membergroup were denied permission to view other members' profiles.

    ....and then I let the spammers register, which they did hand over fist, single IPs with multiple accounts.

    The astonishing result of this experiment over 2 months was that no spammer posted any spam. CONCLUSION: spammers aren't interested in posting spam as Mission One. In observing spammer behavior on my board as well as Gri's board (I'm sure all SMF admins have encountered Gri at one time or another, ha) I've discovered that Mission One for spammers is to get access to info in member profiles. This is why I've come to refer to them as "spammer/hackers" -- they're more interested in hacking and phishing than in spamming.
  14. Dukie New Member

    Member Since:
    Jun 13, 2011
    [quote author=Clara Listensprechen link=topic=26.msg1134#msg1134 date=1327292004]
    I performed a spammer experiment with my board, since I'm getting out of the forum biz altogether but my domain/hosting doesn't expire for a few months yet, and I thought y'all might be interested in the results.

    I modified all my Boards so that none of them were Default. I found that even Permissions restrictions didn't apply for some reason to first time registrants no matter how I configured 'em.

    I designated one Board as "Spam City". Board Permissions were such that membergroup Spammer could post there and nowhere else.

    Members of Spammer membergroup were denied permission to view other members' profiles.

    ....and then I let the spammers register, which they did hand over fist, single IPs with multiple accounts.

    The astonishing result of this experiment over 2 months was that no spammer posted any spam. CONCLUSION: spammers aren't interested in posting spam as Mission One. In observing spammer behavior on my board as well as Gri's board (I'm sure all SMF admins have encountered Gri at one time or another, ha) I've discovered that Mission One for spammers is to get access to info in member profiles. This is why I've come to refer to them as "spammer/hackers" -- they're more interested in hacking and phishing than in spamming.
    [/quote]

    Good find, I think it will help others spammers know even more...
  15. Clara Listensprechen Member

    Member Since:
    Jul 14, 2011
    How so? False info in a profile gives a spammer false information. Besides, they're pretty good at data mining the profiles of other spammers. How do you mean, "know more"? They can't know more when they don't have permission to view other profiles. SMF has the ability to deny a member group access to other people's profiles. Please explain what you mean.
  16. Dukie New Member

    Member Since:
    Jun 13, 2011
    [quote author=Clara Listensprechen link=topic=26.msg1139#msg1139 date=1327446870]
    How so? False info in a profile gives a spammer false information. Besides, they're pretty good at data mining the profiles of other spammers. How do you mean, "know more"? They can't know more when they don't have permission to view other profiles. SMF has the ability to deny a member group access to other people's profiles. Please explain what you mean.
    [/quote]

    Oops, I meant it will help other people learn more about spammers.... Maybe they will read this and stop spammers from seeing member's profiles and thus, spammers will stop?
  17. Clara Listensprechen Member

    Member Since:
    Jul 14, 2011
    Well, that was my hope, anyway. With a dead board I had nothing to lose by experimenting. I did that so nobody else has to. Think what you will of Gri, but this study was the result of stuff that transpired via my investigation of "grivitation" and what I observed on his board.

    So here's an additional caution when Gri urges you to add your "gritoadmix" on his board: your profile WILL get datamined.
  18. Dukie New Member

    Member Since:
    Jun 13, 2011
    [quote author=Clara Listensprechen link=topic=26.msg1148#msg1148 date=1327555927]
    Well, that was my hope, anyway. With a dead board I had nothing to lose by experimenting. I did that so nobody else has to. Think what you will of Gri, but this study was the result of stuff that transpired via my investigation of "grivitation" and what I observed on his board.

    So here's an additional caution when Gri urges you to add your "gritoadmix" on his board: your profile WILL get datamined.
    [/quote]

    Gri is just unique...

Share This Page