First spambot attack

Explaining how the new forum works
User avatar
ponchi101 Venezuela
Site Admin
Posts: 16559
Joined: Mon Dec 07, 2020 4:40 pm
Location: New Macondo
Has thanked: 4196 times
Been thanked: 6550 times
Contact:

First spambot attack

#1

Post by ponchi101 »

Hello.
On Dec 25th I woke up to find out dozens of new users registered in the forum. Looking at them, they were obviously a spambot attack. My fault, in that I had left the forum too wide open for this sort of events.
Some of the new users were as such:
attack.jpg
This post is just to inform you, and to ask anybody with expertise or simply good ideas, to contact us, either here or by PM, with any ideas and suggestions. All these will be welcomed.
If you see any suspicious "users" please also report.

Will post if anything else like this happens.

Txs
You do not have the required permissions to view the files attached to this post.
Ego figere omnia et scio supellectilem
User avatar
MJ2004
Posts: 418
Joined: Wed Dec 09, 2020 3:18 pm
Location: Boston
Has thanked: 110 times
Been thanked: 290 times

Re: First spambot attack

#2

Post by MJ2004 »

I was a moderator for a while on a different board. Spambots were a constant problem. Users had to be manually accepted/rejected, but after a while it got to be too much to scroll through the user requests, and we stopped accepting new users. Not sure what Kirkus did on TAT to avoid this problem.
User avatar
ponchi101 Venezuela
Site Admin
Posts: 16559
Joined: Mon Dec 07, 2020 4:40 pm
Location: New Macondo
Has thanked: 4196 times
Been thanked: 6550 times
Contact:

Re: First spambot attack

#3

Post by ponchi101 »

Again, I was being too naive. phpBB has a series of extensions to deal with this, and I did not look at them. I am installing several.
If you (or anybody) don't mind, log out and try to register again. You will now be required to answer a question that is basically non-searchable. I will also install a couple of another features.
All new registrations will be done via Admin approval. We may have some issues when an SP comes around and many people (I wish) will join us. Right now, I don't see any other way.
If you attempt a new register, and feel like doing one as a test, go ahead. I will delete the account once we test how strong the spam-blocking is.
txs, :)
Ego figere omnia et scio supellectilem
User avatar
mmmm8
Posts: 1508
Joined: Sat Dec 26, 2020 8:21 pm
Location: NYC
Has thanked: 975 times
Been thanked: 998 times

Re: First spambot attack

#4

Post by mmmm8 »

Kirk will have better insight on this but, essentially, besides the instructions you have in place with typing out certain answers, we blocked all sign-ups from China, for example, and asked them to email if they were a real person that wanted access. That seemed to help.
User avatar
Kirkus United States of America
Posts: 21
Joined: Tue Dec 08, 2020 5:57 pm
Location: Beautiful Central Coast of California
Has thanked: 22 times
Been thanked: 9 times

Honorary_medal

Re: First spambot attack

#5

Post by Kirkus »

Managing spambots, even human spammers, is one of the most difficult, and discouraging things to have to contend with. They're just relentless. mmmm8 is correct, we banned all of China and for awhile all of Russia. This, by far, made the biggest difference for TAT in cutting down the number of spambots and spammers that we had to deal with.

You did the right thing by adding the question at registration. I always used tennis related questions to hopefully slow down the human spammers (i.e., "What is the maximum number of sets that might be played in an ATP match?")

Eventually I ended up disabling new registrations completely except just before a Suicide Pool. During non-SP times I had instructions that visitors could see explaining the problem and telling them to email me if they wanted to become a member. I would then create the account for them. This may not work for you in the beginning because of all the new registrations you're going to be getting. But maybe in the future when registrations slow down.

If you want to block by country, which I think is the easiest, do a search for "how to block IP addresses by country using htacccess." Read several of the articles to get an idea off how it works. But be very very careful when creating or editing the htaccess file. One misplaced space, period, comma, etc., can bring your site to its knees. Make sure you can remove the file if it wasn't there to begin with, or replace it with a copy of the one that was there before you changed it, if there is one already there. Just to be safe, I would always create a backup of the forum and database before messing with the htaccess file.
Last edited by Kirkus on Sun Dec 27, 2020 10:45 pm, edited 1 time in total.
Thank you, Ponchi.
User avatar
ponchi101 Venezuela
Site Admin
Posts: 16559
Joined: Mon Dec 07, 2020 4:40 pm
Location: New Macondo
Has thanked: 4196 times
Been thanked: 6550 times
Contact:

Re: First spambot attack

#6

Post by ponchi101 »

I will read it, thanks. One issue that I have already read is that spammers are using a lot of VPN and can get around that.
In the phpBB forum they say to do several things.
1. All registrations have to be approved by Admin. Tog and/or I have to click ACTIVATE.
2. Put the question and make one that cannot be searchable. Things like: "Type only the upper case letters in this word: ZTYberWaYu"
3. Newly registered users have limited access and permissions. I set a number of tries before they get moved to regular users.

You know how we all thanked you for all you did in TAT1.0? Well, a lot of us really DID NOT KNOW all you did in TAT1.0. Just the spam thing took all of Saturday morning for me.

I am really hesitant to even edit the .htaccess file. As you say, one misplaced comma and it is automatic death.
Ego figere omnia et scio supellectilem
User avatar
Kirkus United States of America
Posts: 21
Joined: Tue Dec 08, 2020 5:57 pm
Location: Beautiful Central Coast of California
Has thanked: 22 times
Been thanked: 9 times

Honorary_medal

Re: First spambot attack

#7

Post by Kirkus »

Those 3 suggestions from the phpBB forum sound like a great set of things to do.
Thank you, Ponchi.
Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests