Security issues and spammer

Discuss anything not related to mms

Moderator: Moderator

User avatar
Uatschitchun
Overlord
Posts: 3189
Joined: Tue Dec 06, 2005 6:55 pm
Location: Germany
Contact:

Security issues and spammer

Postby Uatschitchun » Fri Nov 24, 2006 9:24 am

I noticed this line on the bottom of forum's index page:
We have 553 registered users


A look in the memberlist gives 495 users with 0 posts ... :roll:

So for sure, there are single user names I do know from other boards. But most of them seem to be spammers ;(

So looking around I found this user here:
http://mms.kicks-ass.org/forum/profile.php?mode=viewprofile&u=578

Following him/it brings me to:
http://www.phpbb-security.com/report.php?URL=http%3A%2F%2Fmms.kicks-ass.org%2Fforum

Shouldn't we do something? Julian ... are you reading?

Lg
Roman

User avatar
acmelabs
Overlord
Posts: 2365
Joined: Mon Feb 20, 2006 9:18 pm
Location: Germany
Contact:

Re: Security issues and spammer

Postby acmelabs » Sat Nov 25, 2006 8:04 pm

Uatschitchun wrote:I noticed this line on the bottom of forum's index page:
We have 553 registered users


A look in the memberlist gives 495 users with 0 posts ... :roll:

So for sure, there are single user names I do know from other boards. But most of them seem to be spammers ;(

So looking around I found this user here:
http://mms.kicks-ass.org/forum/profile.php?mode=viewprofile&u=578

Following him/it brings me to:
http://www.phpbb-security.com/report.php?URL=http%3A%2F%2Fmms.kicks-ass.org%2Fforum

Shouldn't we do something? Julian ... are you reading?

Lg
Roman

Hi,
the URL "phpbb-security" implies somehow a security issue. Well - php in general ain't notorious for security at all, but we do have here 'only' a spammer problem.
And I doubt, we have a CAPTCHA problem either. I think there is a poore little guy somewhere in the Ukraine or Russia who is adding this spam-accounts to our beloved forum for a handful kopecks, and really doesn't give a fuck about me going nuts.
I think the only solution to keep this forum clean is to confirm every single acount request manually, and do not rely on only a valid eMail-addy.
BUT: to be honest, I'm not very keen on such a job, and I think nobody does. This method would also mean to bulkhead this forum off. That's not my intention either.
I don't really have any good ideas about that.

Regards,

Andreas

User avatar
arj
Site Admin
Posts: 2316
Joined: Thu Dec 01, 2005 8:51 pm
Location: Denmark
Contact:

Postby arj » Sun Nov 26, 2006 11:55 am

Yeah it really sucks. They problem is that they are pretty hard to block. Currently we use the built-in captcha and email registration. But that doesn't seem to keep people away. They even use very different email address domains so it's also hard to block them based on that (although I have blacklisted 5-6 domains already). Luckily they only seem to post in this section so it's not all that bad. But I can say that it's pretty annoying to delete the posts each time. If it just was the same person we could just delete or ban that account but they keep creating new accounts (using different IP's) which just post 1 message and then go dark.


Return to “Off-topic”

Who is online

Users browsing this forum: No registered users and 1 guest