Community Killers to Avoid at All Costs

The author forgot to mention killing off spam.

I have seen established forum indexes completely filled with Viagra spam, cell phone deal spam and so on, this tells you that no admins or mods even visit the forums, I have deleted many forums from our forum directory over the years for this.
 
Getting back to spam killing forums, I was forced to pre-moderate all new member posts, simply because of machine gun Xrumer spambots dumping image embedded porn threads and the same with the Viagra morons dumping long threads with ad images embedded.

Now these Black Hat Spam-E-O scum bags are simply content with dumping links in forum user profile slots by the thousands with Xrumer spam scripts, so now I have to find a way to take all live link fields out of forum user profile forms for new members.

Some of these low life's have thousands of accounts on each forum they spam, so they could have the same amount of outgoing links just in forum user profile homepage link slots.

Forum software must be more versatile allowing administrators to remove (or add) live link slots for various user groups in the future.
 
Getting back to spam killing forums, I was forced to pre-moderate all new member posts, simply because of machine gun Xrumer spambots dumping image embedded porn threads and the same with the Viagra morons dumping long threads with ad images embedded.

Now these Black Hat Spam-E-O scum bags are simply content with dumping links in forum user profile slots by the thousands with Xrumer spam scripts, so now I have to find a way to take all live link fields out of forum user profile forms for new members.

Some of these low life's have thousands of accounts on each forum they spam, so they could have the same amount of outgoing links just in forum user profile homepage link slots.

Forum software must be more versatile allowing administrators to remove (or add) live link slots for various user groups in the future.

Assuming you use vBulletin, you can do the following to cut down on spammers
  • Enable re-captcha for registrations.
  • Add regular expressions to profile fields to prevent links from being added.
  • Only show members on the member list page who have more than 10 posts (I have it setup so members with 10+ posts get automatically promoted from the default registered group to a member group. Guests cant view the list either)
  • Members must confirm their accounts first before posting
  • Use the free TypePad Anti spam service built into Vbulletin than scans all new posts. Posts that are deemed as spam are moderated.
All the above is possible with a stock Vbulletin 3.8 (maybe even 3.7). If you also observe the spammer's patterns, you will notice other repetitive stuff they do and you can tweak your strategy to combat the spam.
 
  • Add regular expressions to profile fields to prevent links from being added.
OK, please explain how this is done in detail for folks that do not code.

PS: It kind of is common sense to put the control of these user group live links in the hands of administrators, there should be a control in the ACP for the fields that admins can change for the various user groups, I have no idea why this critical factor has not been considered in the past.
 
  • Add regular expressions to profile fields to prevent links from being added.
OK, please explain how this is done in detail for folks that do not code.

Go edit the user profile field and add the following

Code:
^[A-Z0-9 ]+$

This will only allow alphanumeric characters including space. Bots entering "http://myspam.com" will be blocked as the url will fail the regex check.
 
I still don't get it to be honest, if a new member can enter a homepage link why would a bot not be able to in the forum user profile homepage slot ??

I am talking about the homepage link slot and how to eliminate that for new members (that user group) specifically.

I just wonder why that permission does not exist in the user group permissions (the one to eliminate homepage link) like you can with signatures.
 
We had the same issues a while ago.

Currently we are using a mixture of:
- Country based blocking
- IP list blocking
- Checks against Project Honeypot
- Blocking based on unwanted Charsets (Chinese, Japanese, Cyrillic)
- User Agent based blocking
- Referrer blocking
- Header based blocking
 
Hi,

On our Website we currently block:

UserAgents:
Java/1.6.0_22
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Babya Discoverer 8.0:
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Crazy Browser 1.0.5)

Plus chinas Baidu Spider, as the UserAgent block is quicker than the Country block due to the database size :-)


Referrers:
Referrer are pretty unique to each software product/website, as Spammers use different search strings for different target systems

Headers:
We integrated BadBehavior as a module into our AntiSpam software and let it do all the header filtering, while our Software does the IP, Charset and RFI filtering

Techniques are likely to change over time, and hence we may have to block more UserAgents in the future.
But for now, our configuration gives us a good nights sleep :)
 
I still don't get it to be honest, if a new member can enter a homepage link why would a bot not be able to in the forum user profile homepage slot ??

I am talking about the homepage link slot and how to eliminate that for new members (that user group) specifically.

I just wonder why that permission does not exist in the user group permissions (the one to eliminate homepage link) like you can with signatures.

That's what I liked about IPB3 compared to vBulletin. You can set-up the first members user-group to NOT do things like add a signature and homepage link e.t.c. Not until they reach so many posts made on the open forums, or reach the next members group.

One of the first things new spam registrations will do, is add a homepage or signature links. And if they are human spam registrations, disabling the first user-group to add them will even help combat them also. Forcing them to do it on the open forums, which is much easier to spot.

That's why I prefer to not let guests view members profiles. Because if human spammers see you allow it, they'll join adding spam url's to their profile. Never posting anything in most cases on the forums to try and avoid detection, because they know guests can still view their profile and see the spam links to visit they added.

I think you must also aim to set-up your forum in such a way, as to try and discourage spammers from even being interested in it at all.
 
Another thing I've noticed from using UseBB and FluxBB (with a Questions and Answers) add-on added with the later, it's default in UseBB. Maths questions done as words (not numbered sums). Like this example below!

1: What is three minus one?

Works a hell of a lot better at stopping spammers, than using this below instead.

2: 3-1=
 
That's what I liked about IPB3 compared to vBulletin. You can set-up the first members user-group to NOT do things like add a signature and homepage link e.t.c. Not until they reach so many posts made on the open forums, or reach the next members group.

This is what I do with CycleChat - specifically to combat human registration spammers.

Up to 10 posts they are in the "Newbies" usergroup with very few privs - no sigs - no links - etc.

After 10 they are promoted to the full "Members" group with all the bells and whistles.

Cheers,
Shaun :D
 
Hi,

On our Website we currently block:

UserAgents:
Java/1.6.0_22
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Babya Discoverer 8.0:
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Crazy Browser 1.0.5)

Plus chinas Baidu Spider, as the UserAgent block is quicker than the Country block due to the database size :)

Referrers:
Referrer are pretty unique to each software product/website, as Spammers use different search strings for different target systems

Headers:
We integrated BadBehavior as a module into our AntiSpam software and let it do all the header filtering, while our Software does the IP, Charset and RFI filtering

Techniques are likely to change over time, and hence we may have to block more UserAgents in the future.
But for now, our configuration gives us a good nights sleep :)

Thanks....BadBehavior is something I will look into. If you dont mind, could you post a refer that you block for a forum?
 
Top Bottom