1 (edited by Grez 2010-08-16 16:48)

Topic: [Extension release] StopForumSpam.com Antispam

KeyDog & Grez & Slavok introduce... smile /dramatic entrance/ big_smile

Info: Cross-checks registering user's IP adress with StopForumSpam.com database.

Database: Bots which tried to register are stored in table PREFIXstopforumspam

Download: .zip (v1.1.2)

Changelog:

v1.1.0 Added guest posting protection.
v1.1.1 Fixed little bug
v1.1.2 Fixed bug in installation process

Eraversum - scifi browser-based online webgame

Re: [Extension release] StopForumSpam.com Antispam

I'm very happy with it.

Also: the more users start installing it, and giving feedback to SFS about which spammers are still getting though, the better the hit ratio will be.

So it's important that a few other people start adding IPs, emails of spammers to the SFS database (the sooner we get a one-click submit button in punapproval or a improved extension to do that, the smaller the chances any spammers will get though) big_smile

3

Re: [Extension release] StopForumSpam.com Antispam

Link fixed (I'm writing it here, cause I can't participate in closed topic like you two guys do big_smile)

Eraversum - scifi browser-based online webgame

Re: [Extension release] StopForumSpam.com Antispam

big_smile

btw:  Would it make sense, especially if someone has a large userbase already, with many spammer registrations, to run the same query on login.php? Then if there's a match DELETE the profile (or at least signal it).

somewhere here:

// Login
if (isset($_POST['form_sent']) && empty($action))
{
    $form_username = forum_trim($_POST['req_username']);
    $form_password = forum_trim($_POST['req_password']);
    $save_pass = isset($_POST['save_pass']);

    ($hook = get_hook('li_login_form_submitted')) ? eval($hook) : null;

    // Get user info matching login attempt
    $query = array(
        'SELECT'    => 'u.id, u.group_id, u.password, u.salt',
        'FROM'        => 'users AS u'
    );

    if ($db_type == 'mysql' || $db_type == 'mysqli')
        $query['WHERE'] = 'username=\''.$forum_db->escape($form_username).'\'';
    else
        $query['WHERE'] = 'LOWER(username)=LOWER(\''.$forum_db->escape($form_username).'\')';

    ($hook = get_hook('li_login_qr_get_login_data')) ? eval($hook) : null;
    $result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
    list($user_id, $group_id, $db_password_hash, $salt) = $forum_db->fetch_row($result);

    $authorized = false;
    if (!empty($db_password_hash))

5

Re: [Extension release] StopForumSpam.com Antispam

IMO it wouldn't be that good idea:

  • it's unnecessary (why check IP's each time someone's logging in? isn't easier to do it just once?)

  • it's dangerous (actually, when I tried to check users on my forum I found that some of them were using IPs that were at SFS.com), so it would be funny if you had deleted them big_smile

  • and finally - there's easier way to check registered users. Actually I wrote a script for that yesterday. I could try to enhance it a little bit and I can publish it smile

Eraversum - scifi browser-based online webgame

Re: [Extension release] StopForumSpam.com Antispam

Grez wrote:

why check IP's each time someone's logging in?

I think it's only interesting (potentially)  IF someone already has 3'000-10'000 users and just wants to make sure that the users logging in aren't just changing backlinks/signatures etc. but....

Grez wrote:

there's easier way to check registered users. Actually I wrote a script for that yesterday.

That's basically the endresult I was thinking of (a bit naively) smile

Grez wrote:

users on my forum I found that some of them were using IPs that were at SFS.com

Surprised by that. Is it TOR users? Because most registrations I see by bots are from India, Pakistan, USA, Philippines, China...

Re: [Extension release] StopForumSpam.com Antispam

Another question; if I have my forum open to guest posting (with email required and username) of course I still get a lot of registrations from spammers. But those are nearly always in the SFS db. So would it be here (in post.php) that we could incorp another check (if user is guest). Especially if Pun Approval for posts is activated it cut down a lot of posts to approve I imagine!

lines 92-100 shown below

// Do we have permission to post?
if ((($tid && (($cur_posting['post_replies'] == '' && $forum_user['g_post_replies'] == '0') || $cur_posting['post_replies'] == '0')) ||
    ($fid && (($cur_posting['post_topics'] == '' && $forum_user['g_post_topics'] == '0') || $cur_posting['post_topics'] == '0')) ||
    (isset($cur_posting['closed']) && $cur_posting['closed'] == '1')) &&
    !$forum_page['is_admmod'])
    message($lang_common['No permission']);


($hook = get_hook('po_posting_location_selected')) ? eval($hook) : null;

Re: [Extension release] StopForumSpam.com Antispam

Good stuff! My user lists are too clean though big_smile No records
Why don't you publish it under 1.3 Additions aswell seperately. It's a good project!

@ Slavok or alexp
you might want to try it on this site? Or give Grez access to test it?
also any chance of installing the stopforumspam extension here for further testing and improvement?

9

Re: [Extension release] StopForumSpam.com Antispam

KeyDog wrote:

Why don't you publish it under 1.3 Additions aswell seperately.

Well, it's not ready yet. I'd like to enhance it with more features.

KeyDog wrote:

Another question; if I have my forum open to guest posting

Yup, I could do that as well.



Actually, I was thing about little bit "reworking" the extension. At this state we disallow registering each IP which is at SFS.com db. But because of the data I had from my forum I think we should reconsider this and allow registration for users with less than some frequency rate (for example 5?) and those users would have to write a post which would be marked as "nospam" by users or mod.

It's a little bit confusing so here's an example how it would look for new user.

He tries to register -> we check whether he's at SFS.com and how many times -> if frequency is bigger than 5 he can't register, if not he can register but he's warned that if his posts don't get "nospam" approval from mods or users in next week (for example) he'll banned.

Eraversum - scifi browser-based online webgame

10

Re: [Extension release] StopForumSpam.com Antispam

Grez wrote:

allow registration for users with less than some frequency rate (for example 5?)

  • The best would be if that can be set my admin; "Minimum No Of Sightings Required To Block"

I'd want 1. Why?
Of 82 registrations blocked by this extension on a testsite last 7 days, 12 were 5 or less sightings. But the sightings were mostly fresh for the <=5. So I'd personally prefer to still not see those.

Grez wrote:

if frequency is bigger than 5 he can't register, if not he can register but he's warned that if his posts don't get "nospam" approval from mods or users in next week (for example) he'll banned.

I think this is good , as an option IF someone wants to double check.

11 (edited by Grez 2010-07-29 11:54)

Re: [Extension release] StopForumSpam.com Antispam

KeyDog wrote:

So would it be here (in post.php) that we could incorp another check (if user is guest)

Done (updated download link is in first post) wink

Eraversum - scifi browser-based online webgame

Re: [Extension release] StopForumSpam.com Antispam

Great extension, however it doesn't allow registration to work (you get an error clicking on "Register"). Disabling the extension makes it all work again.

Do you want me to enable debugging info and find out what happened?

13

Re: [Extension release] StopForumSpam.com Antispam

TomeOne wrote:

Do you want me to enable debugging info and find out what happened?

I'm using the extension on a couple of forums and have no such problems, so yes, would be good if you can tell us what's happening in your setup. Maybe also if you have mysql etc, version of ext, version of board....

14

Re: [Extension release] StopForumSpam.com Antispam

@TomeOne: Before installing extension change line 35, at manifest.xml from this

if (!$forum_db->table_exists('pun_pm_messages'))

to this

if (!$forum_db->table_exists('stopforumspam'))

I know about this error (and I have fixed it at home), but I've got problems with internet connection so I can't upload it  sad

Eraversum - scifi browser-based online webgame

Re: [Extension release] StopForumSpam.com Antispam

hello
where is the setting page of this extension?? i no find it in my board....

16

Re: [Extension release] StopForumSpam.com Antispam

There isn't any settings page.
It's only possible to go directly into phpmyadmin for example and see what IPs are being banned.

If it's installed it's "on".

17

Re: [Extension release] StopForumSpam.com Antispam

Update
v1.1.2 Fixed bug in installation process (described in this post)

Eraversum - scifi browser-based online webgame

18 (edited by TomeOne 2010-08-17 05:13)

Re: [Extension release] StopForumSpam.com Antispam

So I guess you won't need the debug info unless 1.1.2 still gives me grief? wink

Edit: which it hasn't, thanks Grez! big_smile

19

Re: [Extension release] StopForumSpam.com Antispam

Hey Grez

Found some php code for submitting spammers to stopforumspam, do we need anything else to be able to integrate the "report spammer" feature?
=================================

If required, data can be POSTed to the API, using the following example PHP code
[code=php]
function PostToHost($data) {
$fp = fsockopen("www.stopformspam.com",80);
fputs($fp, "POST /add.php HTTP/1.1\n" );
fputs($fp, "Host: www.stopforumspam.com\n" );
fputs($fp, "Content-type: application/x-www-form-urlencoded\n" );
fputs($fp, "Content-length: ".strlen($data)."\n" );
fputs($fp, "Connection: close\n\n" );
fputs($fp, $data);
fclose($fp);
}
PostToHost("username=USERNAME&ip_addr=IPADDRESS&email=
    EMAILADDRESS&api_key=XXXXXXXXXXXXX");
[/code]

20

Re: [Extension release] StopForumSpam.com Antispam

@KeyDog Actually there's easier (and better) way to do that with forum's function, but well, for this I need API key, so it means I have to programme something for Administrators to insert the key to forum's config and they would have to register to SFS.com and generate their API key... and frankly - I don't have time/mood for doing that sad

But, well if someone's little bit bored, feel free to programme that - I think you could for example use hook aba_add_edit_ban_qr_add_ban and add IP to SFS database (function get_remote_file() should do the trick), if the $ban_message is "spambot" or something like that.

Eraversum - scifi browser-based online webgame

21

Re: [Extension release] StopForumSpam.com Antispam

Grez wrote:

they would have to register to SFS.com and generate their API key

It's a very fast process. And compared to the time admins spend on deleting posts, users, signatures: tiny effort. smile Also it's optional to submit. The extension would be easy and non-hassle even with this feature. Additionaly: As we've seen here: While it reduces registrations significantly, there will always be a few that get past. So when someone does get past, you want it  to be 1st and last time big_smile

Grez wrote:

I don't have time/mood for doing that

Fair enough. You've done a great amount in little time, for which I personally am very thankful.

22

Re: [Extension release] StopForumSpam.com Antispam

This morning I had 2 of 4 registrations pending in pun_approval that were already in stopforumspam database - BUT only since a couple of hours.... however both IPs had been reported 8 (!) times in the last 6 hours... starting 5.x hours before I checked.... (I think they're taking advantage of night time reduced moderator activity)

So the question is: wouldn't it make sense to query the sfs-db every 3 hours for registrations completed in last 3 hours and delete any user whose IP was found?

That shouldn't put unnecessary load on the sfs-db I assume...


Edit:
I was told that instead of querying the sfs db one could download the list mentioned below.. if we had some script that gets it every 4-5 hours (wget and unzip) - that would permit a query of recent registrations (daily, weekly) without sending lots of queries and also faster as serverside

Updated once per hour
listed_ip_1.zip - Last 24 hours, limited to 6 downloads per IP per day, last update 05-Oct 06:00 EDT

Now the question is; can this be implemented in  "deluxe" extension - or does such a script need to be loaded seperately?

23

Re: [Extension release] StopForumSpam.com Antispam

I have 1.1.2 version installed, however, I just got several guest posts from IPs already in stopforumspam database (for more than a month).
This is not supposed to happen, right? What could be the problem?

24

Re: [Extension release] StopForumSpam.com Antispam

It's possible that SFS servers were down, when the user posted the message (extension waits max 10 seconds for SFS servers to respond)

Eraversum - scifi browser-based online webgame

25

Re: [Extension release] StopForumSpam.com Antispam

I actually got dozens over two days, had to switch off guest write access eventually.