spam bots targeting XF-websites ?

erich37

erich37

Well-known member
I would imagine that "xenforo"-websites have been specifically targeted by bots ? For whatever reason..... :cautious:

So I think bots can see the wording "xen" and "xenforo" in the source-code of our forum-scripts and then hitting all of our forums with spam ?

A long long time ago I have purchased a "branding free" licence for XF and have asked why there is no version which is removing the wording "xenforo" from the source-code.

The answer from Kier was:
http://xenforo.com/community/threads/branding-free-split-from-version-number.1593/page-7#post-49626

I am wondering now if the reference to "xenforo" in the source-code would be eliminated, would this then diminish the spam and bot-attacks ?
 
Sort by date Sort by votes
Xrumer comes with lists of the different websites running different packages. I doubt spammers are specifically targeting xF websites, it is just become so visible recently because xrumer added in xF support.

Buying a branding free license might or might not alleviate the spam targeting your site, most likely not, cause there are more tells than the notice in the footer.
 
Upvote 0 Downvote
MagnusB said:
Buying a branding free license might or might not alleviate the spam targeting your site, most likely not, cause there are more tells than the notice in the footer.
Click to expand...

yeah, I know that "branding free" will definitely not reduce the spam, cause it is just the removal of the footer-link.

I do not care about the footer-link or the "branding-free".
I am rather thinking that the reference towards "xenforo" or "xen" in the source-code is a disadvantage and might attract bots.

Well, I am not a bot... so I don`t know :cool:

I have actually deleted one of my Forums, but the bots are still hitting my domain-name with 3000 hits per month. So I guess once the bots have "targeted" your domain, you lost the game to them anyway.
 
Upvote 0 Downvote
erich37 said:
yeah, I know that "branding free" will definitely not reduce the spam, cause it is just the removal of the footer-link.

I do not care about the footer-link or the "branding-free".
I am rather thinking that the reference towards "xenforo" or "xen" in the source-code is a disadvantage and might attract bots.

Well, I am not a bot... so I don`t know :cool:
Click to expand...
There are tells there as well, beyond the reference of the word xenforo. Things like filepaths, field names and URL structure are all tells that it is xenforo. Obfuscating this will probably not help that much, especially if you are already identified as a Xenforo site. I would say the work required to make your site unique in this aspect is not worth the yield.
 
Upvote 0 Downvote
erich37 said:
I would imagine that "xenforo"-websites have been specifically targeted by bots ? For whatever reason..... :cautious:

So I think bots can see the wording "xen" and "xenforo" in the source-code of our forum-scripts and then hitting all of our forums with spam ?

A long long time ago I have purchased a "branding free" licence for XF and have asked why there is no version which is removing the wording "xenforo" from the source-code.

The answer from Kier was:
http://xenforo.com/community/threads/branding-free-split-from-version-number.1593/page-7#post-49626

I am wondering now if the reference to "xenforo" in the source-code would be eliminated, would this then diminish the spam and bot-attacks ?
Click to expand...


Ah yes, I did much the same for the same reason.
Buying brand free will only hold of the bots for a small amount of time (it usually buys you a few months, depending on what you do).

I'm afraid once you are listed, that's it, there is no getting you off of the linklists... this linklist are manually shared and also given away with the core

The lists are harvested in various ways, there are actually sites just dedicated to these list... but don't forget these list are also manually edited
(just do a quick google search for "linklist forum" or "linklist xrumer")

The fasted way to find your self on one of these lists it to have a hight PR site with the standard Forum copywrite in the footer
... generally many of these lists are fist generated by a search engine crawl for certain phrases (for example "Forum software by XenForo" -xenforo.com), but this is not the by any means the only way
... list are also generated by crawling through sites like this (with a high number of related outbound links to XF forums, XenForo.com is a good source), or even directories of forums
... even having the word "forum" on you site can make your self a target for these lists
... they are also generated by manual users adding to the lists

So, by removing "XenForo" in the source you get a a reduced % of chance that you will be added to a list (if you haven't already been added), but this really only ever buys you time

These list often have a value (they are sold, or give users a certain amount of creditability). For instance, if I can generate a list with High PR sites that are easy to spam, that would be valuable to a link builder
There is not really much value in taking out non spamable sites from the lists, since it looks more attractive that I have a list of 10000 sites that are easy to spam (since hey, they are XenForo sites which we are targeting), rather than a miserable list of 500 sites that actually work (after all, I am a black hat in this scenario , and the forums that can't be spammed now might be possible to spam later)

Don't forget, that these linkList don't just target XenForo (although there are some lists that a pure XF) or even forums for that matter, they target places where it is possible to register and leave links, so even if you don't look like a XenForo site, if I can automatically register and leave links, you are a valuable resource.

In short, unless you only want to buy time and you don't intend to be easily found by users (from search engines or manual mechanisms), removing all reference to XenForo will only reduce the chance of you being found by linklist creators (and forum users). If you are already on a link list, you're not likely to ever be removed from that list.
 
Upvote 0 Downvote
Other scripts have seen a rise in spam lately, there is a new spam thread (similar to here) at vb.com every other day with users getting hit with 100's of bots in a matter of a few hours.
I'm sure you'll see the same threads at the phpbb, mybb and smf support sites as well.
 
Upvote 0 Downvote
I installed FoolBotHoneyPot on all of my XF sites and haven't had a problem since - worth every penny!! (y)

(Disclaimer: Free alternatives are available ... :ROFLMAO: )

Cheers,
Shaun :D
 
Upvote 0 Downvote
At this point, any forum without multiple schemes for catching spammers is easy prey.

This probably could have been said a long time ago, but the programs on their ends (spammers) are getting better and better so the traps on our end must also be continually approved.

The way I see it, the spammers have plenty of targets and will not spend a lot of time on any site. If they get a "success" registration (reg form timer, etc.) or are blocked continually, they move on. This especially pertains to human spammers who get paid per post.

My own niece, from what I have heard, is getting paid for certain...possibly shady...postings on the net! She lives in Panama and says a lot of the ex-pats there do whatever they can to make a buck.
 
Upvote 0 Downvote
sometimes I wish to have a script (and also the know-how) in order to spam the bots which are spamming my forum.
there needs to be a way to spam the bots themselves and hit back.... ? :cool:
 
Upvote 0 Downvote
funny you should mention that...

It's not really ethical... but foolboothoneypot does log the usernames and passwords of the bots (because they make assumptions and mistakenly fill out the username with passwords etc etc..)
These bots often use the same username/passwords over and over...

You could manually search for their posts and remove any links, but I've tinkered with the idea of reverse automation
(logging in with each of these bot users and removing their links / deleting their accounts)

Like I say, it's not ethical, and it's not hugely benifical to me, I've just tinkered with the idea
 
Upvote 0 Downvote
so as one of my domains has been targeted by bots and most probably is on these linklists you have mentioned, I guess it does not make any sense to operate a forum on that domain anymore... ?
so probably just have a WordPress-blog or something ?

Anyway, I would suggest to these bots to rather attack Failbook than my small forum :D ;)
 
Upvote 0 Downvote
Like I mentioned, linklists don't just target forums (blogs are a targeted too)

... first I would look at the patterns, if you find many are registering with certain user_agents / ip addresses, you can kill them off at the htaccess level (this will save a lot of resources)
have a look at your server access logs, you might find out more information there

I would also speak to your host, they might also have a solution (there are often options added to CPanel to prevent waves of bots taking up resources).
Your host has a vested interest in keeping your business, so it's worth talking to them and mentioning that you are getting "attacked" by lots of ip addresses that you suspect are bots.
 
Upvote 0 Downvote
erich37 said:
so as one of my domains has been targeted by bots and most probably is on these linklists you have mentioned, I guess it does not make any sense to operate a forum on that domain anymore... ?
so probably just have a WordPress-blog or something ?

Anyway, I would suggest to these bots to rather attack Failbook than my small forum :D ;)
Click to expand...

Your forum is on those lists along with mine and most everyones!

My old forum was on such a list for 5+ years. It would be the rare CMS or forum which are NOT on a list being sold somewhere.

Also, I do think that the ISP (hosts) matter quite a bit. I am fairly confident that mine keeps out the really really bad guys...although there is little that can be done on the run-of-the-mill spammers. That's what the add-ons are for. Try some...you'll like 'em.

If you have a forum where the subject matter is fairly limited and same with the visitors, just go to manual activation. Between that and some basic checks (QA, etc), you should be able to keep out spammers.
 
Upvote 0 Downvote
erich37 said:
so as one of my domains has been targeted by bots and most probably is on these linklists you have mentioned, I guess it does not make any sense to operate a forum on that domain anymore... ?
so probably just have a WordPress-blog or something ?
Click to expand...
It wouldn't make much sense to switch to another popular CMS. It's not like spam is an xF specific problem, every website, even custom ones, are being targeted, big or small.
 
Upvote 0 Downvote
Regulation is needed. Target the spammers and those who employ them with fines with portion of the fine paid to those who report the spammers, both email and in forums. They are using up to much of the community resources.
 
Upvote 0 Downvote
Spamming is just another way of PR for some people. And it seems to make money for them. So it won't stop, regardless what "regulations" are created.

The solution is very simple: Install a good captcha or the very recommendable FoolBotHoneyPot and make your life easier.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

S
  • Question Question
XF 2.2 Old users are becoming SPAM everyday !
2
Replies
21
Views
921
Ozzy47
Ozzy47
KhanTastic
  • Question Question
XF 2.2 Does XF has a default robots.txt file?
Replies
4
Views
378
KhanTastic
KhanTastic
C
  • Question Question
XF 2.2 Bounce post on Word Censor hit
Replies
3
Views
264
chris p
C
OverHere
  • Question Question
XF 2.1 Not spam but…
Replies
7
Views
586
Mr Lucky
Mr Lucky
SuperZambezi
  • Question Question
RM 2.2 Captcha Requirement for Downloads
Replies
0
Views
597
SuperZambezi
SuperZambezi
Top Bottom