reed0427 Posted July 26, 2011 Report Posted July 26, 2011 Recently we discovered our unused forum was being used by spammers and causing us to exceed our bandwidth limit. The forum had been added when the new site at phpVMS was created, but we decided to use our old forum instead. The new forum sat idle until I approved a few new memberships from new hires in Afghanistan. I decided soon after that the applicants were bogus and deleted them from the roster, rejecting all future applicants too. (I think that Afghanistan doesn't reflect any Al Qeida connection. Afghanistan is just the first name on the country list). We deleted the forum a couple of days ago and ever since I'm getting new Afghanistan applicants at the rate of about 15 per hour. Non-stop. Does anyone have any suggestions? Quote
Moderators mark1million Posted July 26, 2011 Moderators Report Posted July 26, 2011 Look at their IP address and ban it from your server. Quote
reed0427 Posted July 26, 2011 Author Report Posted July 26, 2011 All different. Names and emails are different for each one, like some program is randomly generating them. Even the names often make no sense. Example: Name: Rmesnt1900 Rmesnt1900 email: gmoeli1959@yahoo.co.uk Quote
Strider Posted July 26, 2011 Report Posted July 26, 2011 The easy give away of a spammer, he will always choose Afghanistan as his country, and whatever VA is the first in the list. They don't bother to search for another country. Get the person's IP and ban it. Quote
reed0427 Posted July 26, 2011 Author Report Posted July 26, 2011 Been doing that. Most can be banned, but others are either unrecognized or too common, like gmail.com or yahoo.com. Too many legitimate pilots use these email sites. Quote
Strider Posted July 26, 2011 Report Posted July 26, 2011 It isn't always the email that will give them away, it is the country they select that gives them away all the time. They never change drop downs. Quote
stuartpb Posted July 26, 2011 Report Posted July 26, 2011 It isn't always the email that will give them away, it is the country they select that gives them away all the time. They never change drop downs. There is an effective trick I use on some registration forms, and that is to have a hidden input field (with something like name as the field title) on the form. a spam engine will enter text into the field, even though it's hidden and not viewable in the html output. I then wrote into the form handler a function whereby any submitted forms with the hidden field completed would be discarded. The spambots look for common fields in forms, and will try to complete these fields, so choosing something like name for the title will usually catch the spambots out. When a pilot completes the form, they don't see the hidden field, so it remains empty and the form gets processed as normal. It's not 100% effective, but then nothing is when it comes to anti spambots. Quote
Tom Posted July 26, 2011 Report Posted July 26, 2011 Check the code snippets forum. I posed some code to prevent spammers. 100% effective for me. Quote
Strider Posted July 26, 2011 Report Posted July 26, 2011 There is an effective trick I use on some registration forms, and that is to have a hidden input field (with something like name as the field title) on the form. a spam engine will enter text into the field, even though it's hidden and not viewable in the html output. I then wrote into the form handler a function whereby any submitted forms with the hidden field completed would be discarded. The spambots look for common fields in forms, and will try to complete these fields, so choosing something like name for the title will usually catch the spambots out. When a pilot completes the form, they don't see the hidden field, so it remains empty and the form gets processed as normal. It's not 100% effective, but then nothing is when it comes to anti spambots. What I said though is effective too, as I have gotten spam bots too, and they always use the same country of origin, and the same airline, I have 3 airlines using the same phpvms install, and the first airline is always used. Your way will catch them out, but if you don't know the code you use, knowing what to look for is the next best thing. Quote
stuartpb Posted July 26, 2011 Report Posted July 26, 2011 it was my tutor at uni who taught us this trick, and the website he gave us the info from is here: http://www.advancedhtml.co.uk/hidden-field-spam-trap-for-phpformmail/ You just need to adapt the form handler to suit the phpVMS form handlers. Quote
Strider Posted July 26, 2011 Report Posted July 26, 2011 My reply still stands. As you said, nothing is really 100% going to work, but at least knowing what to look for, if you have no spam traps, is the next best thing. Quote
Tom Posted July 26, 2011 Report Posted July 26, 2011 My reply still stands. As you said, nothing is really 100% going to work, but at least knowing what to look for, if you have no spam traps, is the next best thing. http://forum.phpvms.net/topic/5110-prevent-known-spammers/ Prevented 100% of spam registrations on a site that used to get 3-5 a day. It is updated when other people get them, so you're almost never going to get a new spammer to you first. Quote
Strider Posted July 26, 2011 Report Posted July 26, 2011 I know, but if you dont have that, what I said, still stands. You guys don't seem to realise, that knowing what to look for works just as well. I am not saying that doesn't work, just another way of checking, as I have that code, in the right place, yet I still get the odd spambot, so it is not working 100% for me. Quote
stuartpb Posted July 26, 2011 Report Posted July 26, 2011 My reply still stands. As you said, nothing is really 100% going to work, but at least knowing what to look for, if you have no spam traps, is the next best thing. I'm not trying to say you are wrong, I was merely offering another way to deal with spam. You seem to have got me wrong there? @Tom, I've never seen that post, so thanks I'm going to use that for my site Quote
Strider Posted July 26, 2011 Report Posted July 26, 2011 (edited) All part of the discussion my good friend. EDIT: Why did I get an ad for a dating service on a forum dedicated to flight simulation??? lol, is it trying to tell me something? Edited July 26, 2011 by Mr.Bean Quote
stuartpb Posted July 26, 2011 Report Posted July 26, 2011 Get out more, you know it makes sense! Quote
Strider Posted July 26, 2011 Report Posted July 26, 2011 Man I think Nabeel wants us all to get out more and get a life haha, yet another online dating service ad. I get out plenty. Just not interested in any of the girls near me. Quote
reed0427 Posted July 27, 2011 Author Report Posted July 27, 2011 Good ideas, I'll try them. I've been adding ip's in IP Deny Manager, but they still keep coming, even from the one's I denied, like aol.com, gmail.com, etc. Last night I got 198 spammer applications. The fight goes on... Quote
Moderators mark1million Posted July 27, 2011 Moderators Report Posted July 27, 2011 For the time being i would close your registrations for a few days, clearly someone has targeted your site for some reason. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.