cancel
Showing results for 
Search instead for 
Did you mean: 

forum spam

St3
All Star
Posts: 2,404
Thanks: 389
Fixes: 2
Registered: 13-07-2012

forum spam

Ive been getting some members join my forums lately and i always check to see if they are bots and often when i type into google the account username they sign up with .. the following websie shows up www.fakenamegenerator.com
spam comes to mind and i just delete the accounts, any of you peeps got forums and get spam from this same place ?
Win 10
i7 7700k
GTX 970
8 REPLIES
Superuser
Superuser
Posts: 8,952
Thanks: 451
Fixes: 38
Registered: 06-04-2007

Re: forum spam

Haven't come across that site but some "unusual" usernames are being used to sign up for lots of (unconnected) forums.
David
alanf
Aspiring Pro
Posts: 1,931
Thanks: 77
Fixes: 1
Registered: 17-10-2007

Re: forum spam

Until recently I was a moderator for a forum. Applicants were not allowed to post until we checked for reported email addresses &/or IP addresses on www.stopforumspam.com.
It wasted a heck of a lot of time doing those checks so you have my sympathy.

Community Veteran
Posts: 13,923
Thanks: 514
Fixes: 7
Registered: 01-08-2007

Re: forum spam

My forum got totally trashed over the weekend with tons of bots signing up and at least 20 spam messages being posted.
It's only a small forum (no not railway related) so it was quite annoying. The messages were queued as new members so none went public but it just created a bit of a headache checking out the non posters and removing them one by one.
Then I had to change all my Q&A questions slightly along with the answers so that they're still simple enough to answer but different enough for the bots not to recognise them and submit the answers.
I need a new signature... i'm bored of the old one!
Community Veteran
Posts: 19,099
Thanks: 434
Fixes: 21
Registered: 31-08-2007

Re: forum spam

I presume you guys don't specify your full email address on your sites in the form contact@mysite.net.uk  etc. and that you put spaces and spurious characters in there (so the 'bots' can't read an email address) which you tell readers to remove. eg. along the lines of -
*contact* @ mysite*.net.*uk (remove * & spaces) to email me.
HTH.
Community Veteran
Posts: 5,322
Thanks: 467
Fixes: 1
Registered: 21-03-2011

Re: forum spam

Are you using Wordpress?  I don't have those problems with Google's Blogspot.
Now Zen, but a +Net residue.
Community Veteran
Posts: 13,923
Thanks: 514
Fixes: 7
Registered: 01-08-2007

Re: forum spam

Quote from: Anotherone
I presume you guys don't specify your full email address on your sites in the form contact@mysite.net.uk   etc. and that you put spaces and spurious characters in there (so the 'bots' can't read an email address) which you tell readers to remove. eg. along the lines of -
*contact* @ mysite*.net.*uk (remove * & spaces) to email me.
HTH.

On my main site I just have a contact me form with a captcha and randomized field names. I've also written code that does none of that but requires a user to click a link in an email in order to deliver their message to me. Well slight porky, I wrote it for someone else but i could use it if i wanted i just don't need to  Wink
I need a new signature... i'm bored of the old one!
David_W
Rising Star
Posts: 2,293
Thanks: 29
Registered: 19-07-2007

Re: forum spam

One way to help avoid forum spam is to make it harder for the bots to find your forum.  If you look at the source code for this forum you'll find:
<meta name="keywords" content="PHP, MySQL, smf, simple, machines, forum, " />
So a search engine which searches for meta tags should find all SMF forums with those tags in place, the bots know where they are, which forum software they use etc. so removing the default meta names should help a little bit, especially if there is no mention of forums.
Another one is "powered by X".  A quick google for "powered by smf" brings up 88 million results, a lot of potential sites there to be botted!
Community Veteran
Posts: 767
Registered: 29-10-2008

Re: forum spam

Quote from: alanf
Applicants were not allowed to post until we checked for reported email addresses &/or IP addresses on www.stopforumspam.com.
It wasted a heck of a lot of time doing those checks

I’m a bit harsher (and lazier) than that. I don’t even let them see the registration page. By adding the following to the registration page
$addr = $_SERVER['REMOTE_ADDR'];
$spamcheck = file_get_contents("http://www.stopforumspam.com/api?ip=$addr");
if(strpos($spamcheck, "ears>yes") !== false) {
header("Location: http://www.yoursite.org/spammers.txt");
exit;
}

and putting an explanatory note in spammers.txt, just in case it’s an innocent party using a listed address. There are now plugins for forums that do pretty much the same thing.
Apart from that, the Q&As seem to be the key.
Gabe