Hello.
On Dec 25th I woke up to find out dozens of new users registered in the forum. Looking at them, they were obviously a spambot attack. My fault, in that I had left the forum too wide open for this sort of events.
Some of the new users were as such:
This post is just to inform you, and to ask anybody with expertise or simply good ideas, to contact us, either here or by PM, with any ideas and suggestions. All these will be welcomed.
If you see any suspicious "users" please also report.
Will post if anything else like this happens.
Txs
First spambot attack
- ponchi101
- Site Admin
- Posts: 16619
- Joined: Mon Dec 07, 2020 4:40 pm
- Location: New Macondo
- Has thanked: 4215 times
- Been thanked: 6590 times
- Contact:
First spambot attack
You do not have the required permissions to view the files attached to this post.
Ego figere omnia et scio supellectilem
- MJ2004
- Posts: 418
- Joined: Wed Dec 09, 2020 3:18 pm
- Location: Boston
- Has thanked: 110 times
- Been thanked: 290 times
Re: First spambot attack
I was a moderator for a while on a different board. Spambots were a constant problem. Users had to be manually accepted/rejected, but after a while it got to be too much to scroll through the user requests, and we stopped accepting new users. Not sure what Kirkus did on TAT to avoid this problem.
- ponchi101
- Site Admin
- Posts: 16619
- Joined: Mon Dec 07, 2020 4:40 pm
- Location: New Macondo
- Has thanked: 4215 times
- Been thanked: 6590 times
- Contact:
Re: First spambot attack
Again, I was being too naive. phpBB has a series of extensions to deal with this, and I did not look at them. I am installing several.
If you (or anybody) don't mind, log out and try to register again. You will now be required to answer a question that is basically non-searchable. I will also install a couple of another features.
All new registrations will be done via Admin approval. We may have some issues when an SP comes around and many people (I wish) will join us. Right now, I don't see any other way.
If you attempt a new register, and feel like doing one as a test, go ahead. I will delete the account once we test how strong the spam-blocking is.
txs,
If you (or anybody) don't mind, log out and try to register again. You will now be required to answer a question that is basically non-searchable. I will also install a couple of another features.
All new registrations will be done via Admin approval. We may have some issues when an SP comes around and many people (I wish) will join us. Right now, I don't see any other way.
If you attempt a new register, and feel like doing one as a test, go ahead. I will delete the account once we test how strong the spam-blocking is.
txs,
Ego figere omnia et scio supellectilem
- mmmm8
- Posts: 1534
- Joined: Sat Dec 26, 2020 8:21 pm
- Location: NYC
- Has thanked: 986 times
- Been thanked: 1017 times
Re: First spambot attack
Kirk will have better insight on this but, essentially, besides the instructions you have in place with typing out certain answers, we blocked all sign-ups from China, for example, and asked them to email if they were a real person that wanted access. That seemed to help.
- Kirkus
- Posts: 21
- Joined: Tue Dec 08, 2020 5:57 pm
- Location: Beautiful Central Coast of California
- Has thanked: 22 times
- Been thanked: 9 times
-
Honorary_medal
Re: First spambot attack
Managing spambots, even human spammers, is one of the most difficult, and discouraging things to have to contend with. They're just relentless. mmmm8 is correct, we banned all of China and for awhile all of Russia. This, by far, made the biggest difference for TAT in cutting down the number of spambots and spammers that we had to deal with.
You did the right thing by adding the question at registration. I always used tennis related questions to hopefully slow down the human spammers (i.e., "What is the maximum number of sets that might be played in an ATP match?")
Eventually I ended up disabling new registrations completely except just before a Suicide Pool. During non-SP times I had instructions that visitors could see explaining the problem and telling them to email me if they wanted to become a member. I would then create the account for them. This may not work for you in the beginning because of all the new registrations you're going to be getting. But maybe in the future when registrations slow down.
If you want to block by country, which I think is the easiest, do a search for "how to block IP addresses by country using htacccess." Read several of the articles to get an idea off how it works. But be very very careful when creating or editing the htaccess file. One misplaced space, period, comma, etc., can bring your site to its knees. Make sure you can remove the file if it wasn't there to begin with, or replace it with a copy of the one that was there before you changed it, if there is one already there. Just to be safe, I would always create a backup of the forum and database before messing with the htaccess file.
You did the right thing by adding the question at registration. I always used tennis related questions to hopefully slow down the human spammers (i.e., "What is the maximum number of sets that might be played in an ATP match?")
Eventually I ended up disabling new registrations completely except just before a Suicide Pool. During non-SP times I had instructions that visitors could see explaining the problem and telling them to email me if they wanted to become a member. I would then create the account for them. This may not work for you in the beginning because of all the new registrations you're going to be getting. But maybe in the future when registrations slow down.
If you want to block by country, which I think is the easiest, do a search for "how to block IP addresses by country using htacccess." Read several of the articles to get an idea off how it works. But be very very careful when creating or editing the htaccess file. One misplaced space, period, comma, etc., can bring your site to its knees. Make sure you can remove the file if it wasn't there to begin with, or replace it with a copy of the one that was there before you changed it, if there is one already there. Just to be safe, I would always create a backup of the forum and database before messing with the htaccess file.
Last edited by Kirkus on Sun Dec 27, 2020 10:45 pm, edited 1 time in total.
Thank you, Ponchi.
- ponchi101
- Site Admin
- Posts: 16619
- Joined: Mon Dec 07, 2020 4:40 pm
- Location: New Macondo
- Has thanked: 4215 times
- Been thanked: 6590 times
- Contact:
Re: First spambot attack
I will read it, thanks. One issue that I have already read is that spammers are using a lot of VPN and can get around that.
In the phpBB forum they say to do several things.
1. All registrations have to be approved by Admin. Tog and/or I have to click ACTIVATE.
2. Put the question and make one that cannot be searchable. Things like: "Type only the upper case letters in this word: ZTYberWaYu"
3. Newly registered users have limited access and permissions. I set a number of tries before they get moved to regular users.
You know how we all thanked you for all you did in TAT1.0? Well, a lot of us really DID NOT KNOW all you did in TAT1.0. Just the spam thing took all of Saturday morning for me.
I am really hesitant to even edit the .htaccess file. As you say, one misplaced comma and it is automatic death.
In the phpBB forum they say to do several things.
1. All registrations have to be approved by Admin. Tog and/or I have to click ACTIVATE.
2. Put the question and make one that cannot be searchable. Things like: "Type only the upper case letters in this word: ZTYberWaYu"
3. Newly registered users have limited access and permissions. I set a number of tries before they get moved to regular users.
You know how we all thanked you for all you did in TAT1.0? Well, a lot of us really DID NOT KNOW all you did in TAT1.0. Just the spam thing took all of Saturday morning for me.
I am really hesitant to even edit the .htaccess file. As you say, one misplaced comma and it is automatic death.
Ego figere omnia et scio supellectilem
- Kirkus
- Posts: 21
- Joined: Tue Dec 08, 2020 5:57 pm
- Location: Beautiful Central Coast of California
- Has thanked: 22 times
- Been thanked: 9 times
-
Honorary_medal
Re: First spambot attack
Those 3 suggestions from the phpBB forum sound like a great set of things to do.
Thank you, Ponchi.
Who is online
Users browsing this forum: No registered users and 0 guests