Please report spam

[Kisai]

I think I've managed to get ACP installed, but unfortunately the ToS for Akismet and StopForumSpam will result in Ghastly's forum being blocked unnecessarily. Also they cost money, so deal breaker. The rest of it will work.

This adds a "oneclick ban" feature. It unfortunately doesn't IP ban, but it deletes everything the user posted, including profile data. Be VERY VERY careful with this feature because it will -DELETE- ANYONE, regardless of post count. It also makes the ban list available to moderators, which I'm wary of.

[McDuffies]

I mentioned elsewhere, 90% of spam messages have Subject field filled (as opposed to real posters who almost never bother with filling it, leaving "Re:..." subject. If spambots are designed to fill every form field they find, can that be used to make some sort of filter?

[IVstudios]

If you do that. Cope will never be able to post again.

[McDuffies]

Yes, but on the other hand, there are downsides too.

[Cope]

What? I'm not allowed to use the subject line anymore!?

[Cope]

Oh god I'm going into withdrawal....

[Bustertheclown]

How is staying and hoping while things get progressively worse not also a death sentence? I can't imagine that spammers are going to follow us to a completely different board system, when the exploits are obviously here in the phpBB, which doesn't seem to have upgraded in five years.

What are you talking about, it's the current version.

I'll admit that I don't really know what I'm talking about. I'm mostly speaking from frustration.

[Kisai]

How is staying and hoping while things get progressively worse not also a death sentence? I can't imagine that spammers are going to follow us to a completely different board system, when the exploits are obviously here in the phpBB, which doesn't seem to have upgraded in five years.

What are you talking about, it's the current version.

I'll admit that I don't really know what I'm talking about. I'm mostly speaking from frustration.

I don't think this was an exploit that the spammers found, rather that they registered several domains that weren't gmail, which probably had a much shorter turn around time to verify the activation code.

I've added two modifcations, one is the bad behavior mod, which is semi-effective against robots, and the ACP which has the one-click ban, It also disables all profile fields until there are 5 posts, which will get rid of the reason they fill all that out in the first place, so this makes it easier to just delete the posts without any additional work, banlist or not.

As for ban lists, I ended up deleting the banlist because it was causing a lot of processing time, and is clearly not effective.

[Terotrous]

How is staying and hoping while things get progressively worse not also a death sentence? I can't imagine that spammers are going to follow us to a completely different board system, when the exploits are obviously here in the phpBB, which doesn't seem to have upgraded in five years.

At least here we can fight back. If we move to a different board a lot of people won't bother making the switch. To say nothing of the fact that your forum account is tied to your siteadmin access.

This adds a "oneclick ban" feature. It unfortunately doesn't IP ban, but it deletes everything the user posted, including profile data. Be VERY VERY careful with this feature because it will -DELETE- ANYONE, regardless of post count. It also makes the ban list available to moderators, which I'm wary of.

Can we please at least make this reversible? Someone's going to screw up with this at some point and if it can't be undone the damage could be catastrophic.

[Kisai]

How is staying and hoping while things get progressively worse not also a death sentence? I can't imagine that spammers are going to follow us to a completely different board system, when the exploits are obviously here in the phpBB, which doesn't seem to have upgraded in five years.

At least here we can fight back. If we move to a different board a lot of people won't bother making the switch. To say nothing of the fact that your forum account is tied to your siteadmin access.

This adds a "oneclick ban" feature. It unfortunately doesn't IP ban, but it deletes everything the user posted, including profile data. Be VERY VERY careful with this feature because it will -DELETE- ANYONE, regardless of post count. It also makes the ban list available to moderators, which I'm wary of.

Can we please at least make this reversible? Someone's going to screw up with this at some point and if it can't be undone the damage could be catastrophic.

One you modify it you can't unmodify it without even more stuff to deal with. Basically I applied 3 different mods:
On CG: I applied two mods which broke things several times while getting it to work.
On KSpot: I reinstalled phpBB3 applied a different multi-blacklist mod that was super-hellish to make work
on PX: I reinstalled phpBB3 and applied only the first mod I put on CG. This resulted in the theme being broken for a while.

This is why I hate hate hate dealing with phpBB mods because, they never work out of the box.
Forunately I'm not an idiot, and know how to fix these things.

But I'm going to make a point of saying you should NOT one-click ban unless you are explicitly removing them for spam. It's all deleted immediately. It warns you of this.

If in doubt, flag them instead, and someone else can do it.

[Terotrous]

But I'm going to make a point of saying you should NOT one-click ban unless you are explicitly removing them for spam. It's all deleted immediately. It warns you of this.

What worries me is that someone might click it by accident or something. Just how heavily warned are you before it does it?

[Kisai]

This is disturbing:

Blocks per Day
Overview of the distribution of Blocks over the last 30 days
DATE TOTAL NUMBER %
11/30 638 10.3
11/29 889 14.35
11/28 852 13.75
11/27 789 12.73
11/26 967 15.6
11/25 808 13.04
11/24 1101 17.77
11/23 153 2.47


Most blocked IPs
Overview of the most blocked IPs
IP-ADRESS TOTAL NUMBER LAST TIME
99.198.97.245 6 Sat Nov 24, 2012 1:33 am
99.198.119.10 4 Mon Nov 26, 2012 11:17 pm
98.254.205.219 4 Tue Nov 27, 2012 4:34 pm
98.254.171.149 3 Thu Nov 29, 2012 1:29 pm
98.245.60.46 1 Tue Nov 27, 2012 11:26 am
98.242.146.151 1 Mon Nov 26, 2012 2:58 pm
98.238.93.65 3 Fri Nov 30, 2012 7:46 pm
98.237.30.113 2 Mon Nov 26, 2012 2:18 pm
98.235.2.32 1 Thu Nov 29, 2012 1:29 pm
98.233.154.30 3 Wed Nov 28, 2012 9:32 pm
98.220.9.21 1 Thu Nov 29, 2012 1:31 pm
98.217.212.7 4 Wed Nov 28, 2012 9:15 pm
98.211.149.208 3 Tue Nov 27, 2012 4:35 pm
98.154.211.18 1 Thu Nov 29, 2012 1:32 pm
98.113.207.177 2 Thu Nov 29, 2012 1:32 pm
97.88.215.98 1 Mon Nov 26, 2012 1:43 pm
96.60.137.107 3 Fri Nov 30, 2012 7:46 pm
96.47.225.82 289 Fri Nov 30, 2012 9:18 pm
96.47.225.74 288 Fri Nov 30, 2012 9:41 pm
96.47.225.66 292 Fri Nov 30, 2012 9:48 pm

[Terotrous]

Hey, if we're autoblocking 1000 spam attempts per day, I'd call that pretty good!