GoPinball.com
http://gopinball.com/forum/

Spam
http://gopinball.com/forum/viewtopic.php?f=73&t=27562
Page 1 of 2

Author:  GeorgeH [ Wed Feb 12, 2020 2:42 pm ]
Post subject:  Spam

We are getting so much spam that it is overwhelming. Is there some sort of feature we can add to limit the spam? Is the new web site less vulnerable?

Author:  blue [ Wed Feb 12, 2020 4:45 pm ]
Post subject:  Re: Spam

GeorgeH wrote:
We are getting so much spam that it is overwhelming. Is there some sort of feature we can add to limit the spam? Is the new web site less vulnerable?

Doubt it. Even with the brand new forums at Pinball Nirvana, we are getting 5 bots a day trying to get in. We have been doing a pretty good job of blocking them out, and use a spam database service to match what the bots put out, and their known ip, but we figure we will be able to automatically block about 80% before they post. The rest (especially the new versions of these bots) we will have to manually delete and report to the spam database.

The people who make these things constantly change the bots so they can sneak in. The problem here is phpbb is the most popular freeware forums, and isn't as high end or as well protected as the paid systems, so it's a very easy target. Add to the fact this site hasn't been updated in a long time and everything is quite old and out of date makes it really easy for the bots.

Author:  ravarcade [ Wed Feb 12, 2020 7:07 pm ]
Post subject:  Re: Spam

@blue and other GoPinball admins:
Few years ago i worked on shop webpage. We have same problem with bots and spams in comments section. I removed 99% of bots with this simple solution:

1. Add hide field to form, like this:
Code:
<input type="hidden" id="botcheckvalue" name="botcheckfield" value="i_am_stupid_bot">

2. Add javascript subrotine:
Code:
$(function() {
    $("#botcheckvalue").val("human_here");
});

So, it will set that hidden field value to "human_here" when webpage is loaded. This is jQuery. If you don't use jQuery, it can be easly done without it.

3. On server check if botcheckfield="human_here". If it is not, then it is spam from bot.

It checks if javascript is running in end user browser. For most users it is true. Only few users expect working webpage with disabled javascript. For normal users it is completely invisible.

I don't think, that any bot will run JS on own servers to bypass this solution.

-----
Other alternative is:
1. Set form url (action attribute) to somthing wrong, like "gopinball.com/spamSink.php"

I checkd current page and i see this:
Code:
<form action="./posting.php?mode=edit&amp;f=73&amp;t=27562&amp;p=112632" method="post" name="postform" enctype="multipart/form-data">

Lets change it to:
Code:
<form id="FormJS" action="./spamSink.php" realAction="./posting.php?mode=edit&amp;f=73&amp;t=27562&amp;p=112632" method="post" name="postform" enctype="multipart/form-data">

So, we added "id", correct value is stored in "realAction" attribute and "action" atribute is set to "spamSink".
This way, if bot just fill from and send spam, it will send all to "spamSink"

2. Add JS:
Code:
$(function() {
   $('#FormJS').attr('action',  $('#FormJS').attr("realAction"));
});

This code, will just copy for this form "realAction" attribute to "action" on webpage load.

Now on serwer, you don't need to change how it work.

Author:  GeorgeH [ Thu Feb 13, 2020 4:54 pm ]
Post subject:  Re: Spam

Rafal,

I am not sure the admins would be knowledgeable enough to make these changes. Maybe they could give you admin privileges.

George

Author:  blue [ Thu Feb 13, 2020 7:49 pm ]
Post subject:  Re: Spam

Thanks Rav, will have a look and send JPH here as well. With this new software, we have to learn it just as much as VBulletin, in fact this is a lot higher end, but pretty sure we can insert the code within our admin, or if worse comes to worse, manually add it directly to the files and then upload it in ourselves.

Nice suggestion George, but we would rather have rav concentrate on BAM. JPH has 18 years running PN, and if you didn't know, I had my own tiny little site even longer, the direct descendant of it, sort of my grandchild if you think of it that way, is VPF. we should be cool.

Author:  GeorgeH [ Thu Feb 13, 2020 11:15 pm ]
Post subject:  Re: Spam

I was actually interested in Rafal helping the GoPinball admins but hopefully PN will benefit too.

Author:  GeorgeH [ Fri Mar 27, 2020 5:00 pm ]
Post subject:  Re: Spam

The amount of span is getting ridiculous. This is what the BAM topic looks like now:

Nathanbak

vipps approved canadian online pharmacies without a prescrip

walgreen online 423 mg

canadian pharmacy online cialis 376 mg

online pharmacy school programs 462 mg

top online pharmacies 416 mg

indian online pharmacy 34 mg

cialis online 393 mg

how does cialis work 124 mg

buy cialis pills online 30 mg

optumrx pharmacies 206 mg

VP-man and BAM - need help
[ Go to page: 1, 2 ]

ed pills online 458 mg

erectile dysfunction drugs online 65 mg

ed pills online 318 mg

Author:  GeorgeH [ Sun Apr 05, 2020 11:23 am ]
Post subject:  Re: Spam

The amount of spam is getting much worse.

Author:  MadMrMax [ Mon Apr 06, 2020 11:09 am ]
Post subject:  Re: Spam

Yes it has :(

I've asked LvR and TheNalex for help in this but haven't gotten any response.

-mark

Author:  DuMIchAuch72 [ Wed Apr 08, 2020 4:05 am ]
Post subject:  Re: Spam

Horrible... I didn't visit this site for about two month, after my main PC stops working, and additionaly I was in Hospital with health problems caused by late effects from an acident.

I missing an option to report spamming members. But it's useles without active Mods and Admins here.

Page 1 of 2 All times are UTC - 5 hours [ DST ]
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/