Anti-spam and how to stop spammers

Darkcloud4491 posted 5th of September 2009 in Community Voice. 16 comments.

Ok. This fix will work with alot of webscripts but some steps might not me usable on some scripts or hosts.

1. set your captcha to the hardist seting.

2.add an anti-robot system (eg. askthem that the site is called)

3. make it so the e-mail must be confermed before they can log in.

4. you could set it so they can only post ob the blogs/forums only when the admin has granted access.

 

if you start geting spamed ather this then follow theses simple steps.

1. remove there account/posts etc.

2. block there e-mail.

3. log into cpanel and blacklist there IP. (your host can help you  with this step)

 

hope that helps keep you sites spam free

 
Comments
·Oldest
·Top
Please login to post a comment.
DosDawg
uh, guess what, this is a good attempt, but if you dont get rid of that feature on ActionsBlock Get E-mail, then you are actually going to continue to be spammed. yes you read that correctly. any person can login to a default dolphin site, with a verifiable email address and never become suspect of this action. but they could one by one, get all of your members email addresses sent to them.

now with that list compiled they are able to sell this to the blue pill people. so its not necessarily see more that you are being spammed from the site per se', but your email is available for access. craziest feature i have ever seen on any site anywhere.

login as a member on your site, view a members profile, you will see in Actions Block Get Email, ha ha ha, imagine that one eh?

Also, should remove that Greetings feature, spammers haven.

Regards,
DosDawg
ZopfWare
LOL... the guestbook was what tripped us up... we kept seeing our customers databases growing even though their membership was constant. Turned out that the spambots were leaving their nefarious ads inside of the guestbooks!

We have since disabled the guestbook feature until we can add some security features to it.
houstonlively
Most people that register on Dolphin sites are hit and run, actual persons and not spam bots. Captcha and anti-spam questions won't stop them.

Email confirmation during registration might help reduce spam, but email confirmation can also drive you nuts. Believe me, people can be pretty stupid and many times can't figure out how to get through the registration process if you require email confirmation. I have a vBulletin site where I state in gigantic bold yellow letters that you must visit see more a link that was sent to the email address you registered in order to activate your account. The idiots will still try to register with bogus email addresses and then complain that your site doesn't work. I don't know how some of these people find their way home. Another huge problem with confirmation emails is that services like aol and yahoo will block the incoming email as spam and the user will never receive the email they are supposed to reply to, and the account never gets activated.

Blocking IP addresses must be done with caution, since many users will be accessing your site through proxy servers.... aol, etc.

The vast majority of spam originates from .cn, .tw, .ru, and a handful of other top level domains. I plan on eventually using GeoIP to block entire countries from accessing my domain.... if english isn't their primary language, they don't need to be on my site.
CALTRADE
If you are starting a site for your Hometown, what are you going to do about expats? i.e. people from your city who now live overseas? - they would probably love a hometown site.
houstonlively
Well.... one thing is for sure... if the expats live in China, Taiwan, Russia, Pacific rim countries, and a handful of others, they will be S.O.L.
CALTRADE
I met lots of nice folks from Texas when I lived in Nigeria - a country that very well might be on your list. They so impacted the local culture that there are now many country and western bands in West Africa. Your call of course, but I though the Texans I met over seas were much nicer than the Texans I met in Texas!
CALTRADE
Houston, your argument against email confirmation is actually an argument for it - if people are registering with fake emails you don't want them anyway. I'm also wondering if the captcha is even necessary- since I don't think auto bots are that common and it doesn't stop people anyway.
houstonlively
People register with fake emails because, they themselves, do not want to be spammed. I do it myself a lot. Antispam questions actually are pretty effective. Not many spammers from .cn .tw .ru ...etc, know the name of the longest river in the US, or are willing to take the time to look it up.

Captcha is only useful in blocking registrations by spam bots.
mydatery
To reduce spammers here are some fun ways to do it that will occuppy there time and reduce/eliminate they're actually spamming anyone:

1. Get rid of the stupid Get E-Mail. This thing is ridiculous and should never have been installed, what was Boonex thinking.

2. Install an e-mail filtering system that monitors for certain phrases/words/characters and so on. Set this thing to look for the normal spam, http://*, ww*, .com, .co.uk, .org and so on. We all know what they use, set the filter see more to watch for it and catch it. This is really fun as they can spend hours sending e-mails to your site members that literally go nowhere.

3. Set word filtering that changes certain words to new meanings. For example: http://myspamsite.com will no be: I really like tasting cow dung from goat hoofs. Go ahead and let them post that on your forum, groups, shoutbox and so on. What's it really hurting? Plus when they see their links will not work it will eventually drive them away.

4. Lock down the site by killing free mode & promotional mode and run it as a normal site. You can still enable everything to the standard members, but force the registration.

5. Utilize an IP tracking system in the Admin Panel of the site, this will help you track the IP's and if your considering banning an individual run it through whoisip.com and so on to verify if it's an aol proxy or an actual user ip. Blocking IP's is a temp fix at best as people move around and such, home work, coffee shop, friends house, library and so on, you will spend a lot of time tracking them around to use just that means.

I'm not a fan of the verification e-mails, especially for young sites, as it ends up discouraging more people than actually resolving problems.

And yes, these tricks work and in the end they reduce spam on the site to virtually nothing.
CALTRADE
Totally agree on #1 - what a bizarre feature.
selo12
Well, in my case nothing helps, but I have now learned to live with it x) firstly my guestbook was being spammed so i deleted guestbook.php(wasnt using it), now the spammers landed on a 404 page but still on my cpanel i saw that this spambot did not stop..
then I began blocking the ips and after I had blocked about 100 I figured out that the spambot visited my site with a new ip adress each time from all over the world. So at the end I blocked acces from the countries that spammed most(about30) see more but since the spambot are entering from absolute all the countries i just gave up and it has been spamming/trying for several months now without me being able to do anything but it doesnt do any harm atleast not any that I am aware of since it is just landing on 404 pages? I get alot of visits atleast =)
ifranky
'I get alot of visits atleast'

Wrong most spm bots do not use Javascript and will hence not register in Google Analytics or decent stats scripts. And if you rely on your server stats/Awstats you might not have many people believing your stats if some day you want to sell your site.

It would be great if there were an Akismet implementation for Boonex, honestly can't believe Boonex hasn't come up with this solution yet. Or at least something like Wp-Spamfree, where comments/posts are checked see more for presence of Javascript. That would reduce more than 95% of automated spam and as Boonex scripts become more popular, the spam problem will only grow.
thefetishsocial
I do not use captchas on my site and i do not use verify email on my sites and i have zero spam. registering my site is as easy as it gets, if you want members you got to find another way to deal with spammers. Like hack the spammers computer/server and and leave them a warning message if you come back i will wipe you out! "Punk" works great for me.

I run dolphin , phpbb and vbulletin and i have Zero Spam!

Think like a spammer lean about the tools they use. i have a copy of all of see more them and know there limitations and weakness. makes it easy to defeat them.
keystroke
You have zero spam? I find that very hard to believe. Telling people to hack spammers will just make it worse in the end. Spammers will hack your site every other day, and you know it. Toss me a link to your site, I will show you a scam artist that is on it. Not me. I just mean there has to be a spammer registered. Unless you have 10 members and can control it, lol.
Darkcloud4491
you must have a good host with a lot of members to get no spamers
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.
PET:0.3351149559021