Page 1 of 2
pete1964?
Posted: Wed 11 Oct, 2006 12.35
by Dr Lobster*
i've seen this mysterious user logged in for hours, it seems to be a spambot (look at its web address) and it didn't answer (or read) a pm i sent... just what on earth is it doing, just staying logged in all the time?
Posted: Wed 11 Oct, 2006 17.55
by Gavin Scott
You're right. He's gone.
There are more and more of these bots on the board - but most alarming is that they have started to post.
I'll try to stay on top of it, but feel free to message me if you observe similar behaviour.
Ta.
Posted: Wed 11 Oct, 2006 23.15
by cdd
I notice a new policy has been adopted which is good - obvious spambot threads should just be deleted unceremoniously and as quickly as possible, to reduce the impact they have on people who browse down the list. I just think it needs more frequent enforcing.
By the way - just an idea - on the registration form, why don't you make a mandatory textbox saying "In at least 200 characters, tell us a bit about who you are (it won't be posted on the forum)" or something like that. This would be good because most spambots wouldn't be specifically programmed to accept custom registration fields. It would get sent to the adminisrtator when the account is to be activated or not (assuming Manual Account Activation is on), and if it is obviously drivel then the person does not get accepted. Currently, the spambots' system clearly relies on a standardised PHPBB format. Adding a field like this would make it too much work per spam entry for them to get a worthwhile click through ratio thereby eliminating spam almost entirely. Just a thought
Posted: Thu 12 Oct, 2006 12.32
by Bail
omigod omigod!
THIS DOMAIN IS NOW UNDER OFFER!
Posted: Thu 12 Oct, 2006 13.02
by Gavin Scott
cdd wrote:I notice a new policy has been adopted which is good - obvious spambot threads should just be deleted unceremoniously and as quickly as possible, to reduce the impact they have on people who browse down the list. I just think it needs more frequent enforcing.
By the way - just an idea - on the registration form, why don't you make a mandatory textbox saying "In at least 200 characters, tell us a bit about who you are (it won't be posted on the forum)" or something like that. This would be good because most spambots wouldn't be specifically programmed to accept custom registration fields. It would get sent to the adminisrtator when the account is to be activated or not (assuming Manual Account Activation is on), and if it is obviously drivel then the person does not get accepted. Currently, the spambots' system clearly relies on a standardised PHPBB format. Adding a field like this would make it too much work per spam entry for them to get a worthwhile click through ratio thereby eliminating spam almost entirely. Just a thought
All good thoughts.
There isn't a "new policy" though. Bot threads are always removed as soon as they are seen - with the one exception where the replies were humerous so I only deleted the offending link.
Unfortunately, while Martin is the domain and site owner, he would have to add extra fields to the registration system, and any other coding changes.
Account activation is automatic, provided the user's email address is valid.
The bots signing up was never an issue when they didn't activate their accounts, but now that they are its a more serious problem.
When Martin pops by then I shall have a chat with him.
Posted: Thu 12 Oct, 2006 17.16
by cdd
Posted: Thu 12 Oct, 2006 17.33
by Pete
Do you not have FTP control for Metropol Gav? I'd have thought it would be useful what with the number of bugs and germs that affect phpBB.
Plus we could always beta test the amazing new HicksForum vapourware...
Posted: Wed 18 Oct, 2006 19.35
by Tiddles
Why not just enable the Anti spam filter in phpBB's configuration?
It makes users enter a server generated code, thus eliminating spam bots.
I notice you don't have it enabled, this is why you're getting spam bots!
Posted: Wed 18 Oct, 2006 22.00
by Gavin Scott
I see it's not just the bots signing up we have to watch out for.
I've only got access to the Admin site, rather than the FTP business; and to be honest I'd need a guiding hand to do anything complex.
Martin can maybe see to it when he gets some time.
Posted: Wed 18 Oct, 2006 22.02
by Pete
I'll hold your hand Gav
what version of phpBB are we on anyhow? It might be possible to import things without having to fanny around with FTP
Posted: Wed 18 Oct, 2006 22.03
by Gavin Scott
Hymagumba wrote:I'll hold your hand Gav
what version of phpBB are we on anyhow? It might be possible to import things without having to fanny around with FTP
2.0.6 from what I can see.