You are not logged in. Please login or register.
Active topics Unanswered topics
Search options
here is a quick tip for anyone with a spam problem:
i was up to about 2 spammers per day that actually verify account and post porn, the remainder 5-10 false accounts per day arent sophisticated enough to automate the verification process. i simply changed the layout on the welcome email that has the login info and they stopped.. why? because their automated system recognizes the default template and knows where to extract the username and password from programatically.. so since i changed it around, their automated software no longer knows where to look for the login verification info and hence fails to verify account and does not post spam!
MattF wrote:Cron and the proper db management tools are by far the best solution. UI's are an idle option.
hey MattF, I appreciate your input on this matter. Just wondering though.. wouldnt having to use system admin tools(crontab) and direct modification of the DB defeat the overall purpose of punbb? correct me if im wrong but isnt the point of punbb is to be simpler and lighter than the other bb's out there?
i went ahead and deleted the entire forums folder and backed up the config.php.. extracted fresh copy of 1.2.15 into a new forums folder(same name).. chmod'd cache.. restored config.php and the forums are back up as they were before. but im still at 1.2.15.
question is.. can i do the same thing i just did but extract 1.2.16 instead? has anything changed in the database between 1.2.15 and 1.2.16 ? has the config file changed at all either? or is there somewhere that better explains the patch/upgrade process? i feel like a moron not being able to update a simple forum lol
well whatever you do to get around the spammers is hard because they too have access to the code and im sure some may even follow these forums just to keep up.
as far as the ocr.. i dont know how many of them have that sort of capacity available to them, im sure some do. but why have it use sessions? upon generation of a random string.. add the string to a temp table.. then check the user's verification input against that temp table.. too many wrong tries.. ban em. but the main problem i see is that to use this feature the server would need imagemagik or some other sort of graphic manipulation lib installed which increases requirements for the punbb and thats not good
if you had the resources available to support it.. you could add a "captcha" generation service. where when the verification email goes out.. the server first queries your service center for a captcha image(reduce local requirements) then drops the string in the temp table or wherever it is you store the random password.. emails the verification email with the random password inside the captcha image im the email and for those textonly-based mail clients they could be pointed to a url that is a copy of the verification email.
i guess the options are limitless really and we could come up with more all day but what matters is someone has to do it and thats not me. so ill shutup now lol
yemgi wrote:I do it manually every month via phpmyadmin
another good idea.. maybe give a button somewhere that admin's can simply press to "delete bogus signups"
as it is i have to go through the userlist and try to choose which ones i think are bogus and remove them.. my point is it should be easier.. thats all
very good smarty, maybe you guys might want to implement an automated prune option where upon new user(so not to deal with cron jobs) it prunes non-verfied users that have been there a certain period of time or even an option of displaying them in the total user count and latest new user. as far as storing them more efficiently.. personally id have new users in their own seperate table and not a part of the active forum system until they have verified, but thats just my opinion. the forums work awesome.. many thanks to all who have contributed! id love to contribute but im on so many other projects already that i want to keep this program clean for easy updates which is why i dont simply change/fix these little things and i post the suggestions/problems here. i welcome more trolls to try to feed on me but be forewarned.. i might be new on these forums but im definately not new to the internet
ok
why would i need to search the forums? im not going to modify anything. i am reporting a bug with the end-user product here. the product has methods of intersecting bogus users but yet it still displays them. again, thank you for your helpful input matt1298
not into modding.. just want to use the product as-is untouched. thanks for your helpful input into this matter
yes, it seems they have adapted to your verification system and are automatedly checking their email and then logging in and posting porn spam. maybe you could implement one of those "type these letters" verification things in as an added level of security as well as randomize the verification email so a bot cant parse it
ive got over 100 users now.. but only 6 are real.. the rest are spammers.. luckily you have the password email verification thing.
the bug im reporting is those users should not be in my system until they verify.. otherwise im going to end up with 1000's of fake users bogging down my system and loating my userbase stats
Hi.. I created the .patch file and ran it as per instructions found here but i could not find any update scripts or even a scripts folder as explained at the bottom of the instructions doc. when i went to the forum after running patch.. all i get is a blank white page. i try to go to install.php and i get a 403 forbidden.
the forums were working fine before with 1.2.15
so i decided to look more into it and downloaded the zipped file that has an update php script.. uploaded and ran but same blank white page.
so lastly i reuploaded all of the 1.2.15 scripts to overwrite anything ive done.. still a blank white page.
the only thing i havent done is delete the entire forums folder and reinstall fresh
anyone have any idea what could be the issue? or how i can solve it?
Posts found: 12