Modifications for Stopping phpBB Forum Spambots
by Bob Allen - Tuesday, 6 March 2007.
phpBB is one of the most popular software products for running online forums. As spammers found forums as a fantastic breeding ground for sending their commercial messages, phpBB admins have a lot of troubles to keep the integrity of their forums. I have been administering a couple of phpBB boards and this is the list of top anti-spambot mods.

I am listing the modifications in an alphabetical order, but I will especially note the ones that offer some value added functionality, as well as those I have more experience with. Because of obvious reasons related to the mods getting updated, I will not link directly to the files, but will use the official pages instead.

Block Open Proxy Registrants

Its main function is to blocks those attempting to register from open proxies. The mod was updated in December of 2005 but some people still use it. Personally I wouldn't use this kind of solution, as relying on predefined lists of proxy addresses is not my game.

Configure Member Profile Required Fields

This mod allow admin to configure which information in member profile is required inside admin control panel. The required field will need to be filled in during registration and upon profile update.

I used this MOD and it worked as a charm, but I should note that the configuration steps could be a bit complicated for an average user. As you are playing with fields, some interaction with the database will be needed.

Disable spambots

This mod uses cryptographic signing techniques to ensure that any comment submissions have occurred from an appropriate comment form (which should stop simple random submission bots), that the form was actually generated for the user who is submitting (stopping clusters of page-scraping spiders), and that at least 5 seconds have passed between the form generation and the submission (stopping bots which fully scrape the page and then immediately submit).

If one of these conditions is not met, the submit operation is turned into a preview, giving human posters another chance to submit.

Textual Confirmation

Textual Confirmation (TC) asks newly registering user a question. If the answer is wrong, TC rejects the registration. Also, TC notifies the forum admin and the community spam database. The administrator can edit the questions and answers in the Administration Panel.

There are two editions of Textual Confirmation: community and business. In the community edition, each time spam registration is rejected, Textual Confirmation sends a notification to the forum administrator and to the community spam notification database. If you don't want to send them copies of the notifications, you must buy a business license.

Registration disable website signature

When a user registers to the forum, the signature sections are hidden. If they enter in anything in the hidden fields they are denied from registration and if you turned the IP ban on, their IP Address is automatically banned.

I might say that his kind of an automatic spambot prevention really works flawlessly. With this kind of a mechanism I am getting just 2-3 spambots per week, which is at least 30 times less than the usual rate. Majority of spambots are filling in the URL and signature fields as this is their purpose, but on this way that will get banned.

Spotlight

Infographic: 25 years of the firewall

Posted on 24 July 2014.  |  The firewall turned 25, and McAfee is celebrating with an infographic that creatively depicts its lifetime. If you take a moment to scan the infographic, you’ll notice the firewall's introduction and evolution coincide with certain security events.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Jul 25th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //