spam.. spam..spam.. spam... IDEA....

Even thoughI have completely removed the blogs from my site I am still getting a few Chinese spammers. They are leaving their brand of garbage in the profile descriptions for some reason? I could possibly rid myself of a few more by having a compulsory picture uploads on joining. I really dont want to ban an entire nation, and i know they would only change IP anyways..... so... what to do?

Is it possible to ban an email address - ie. if someone tries to join my site with an email I have banned they will not be able to join? I ask this because the only consistent thing so far has been the e-mail addresses of the spammers.

If this is possible is it not then possible for someone to write a module that allows site owners to ban spammers, but also upload the e-mail address of the spammer to a database on a server somewhere when they do this?

If all dolphin users had this or (try not to laugh) boonex included it as part of dolphin, the database would rappidly grow into a snapshot of who is spamming our sites and what their e-mails are. This information could then be queried everytime someone joins a site, so if they show up as a spammer they will not be allowed to join.

This could even be a good service that someone could run on here, and possibly sell the mod too...

Just a thought.....

 

Nathan

 

7 Jul 2011

Anti spam mod sounds like a winner to me.

 

Default Boonex spam options just seem to '???' for me. 

7 Jul 2011

I am working on one.

Because of the nature of my business i have to run an open site. The filters that come with dolphin run to high of a risk of false positives because they rely on IP addresses which for most of the worlds population are dynamically assigned thus not permanent. So i ran into problems with innocent people being blocked because they just happen to have a IP address which was in one of those lists.

So i am working on a module that does filtering based on key words or regex expressions on the profiles headline, email and profile description fields which spammer use quite often.

As an added feature, the profiles description will also be checked using Bayesian probability filtering

This mod is a ways away from completion though.

I am working on it for my own site because i got tired of getting between 10-20 new spam accounts while i was asleep each night.


https://www.deanbassett.com
8 Jul 2011

 

Even thoughI have completely removed the blogs from my site I am still getting a few Chinese spammers. They are leaving their brand of garbage in the profile descriptions for some reason? I could possibly rid myself of a few more by having a compulsory picture uploads on joining. I really dont want to ban an entire nation, and i know they would only change IP anyways..... so... what to do?

Is it possible to ban an email address - ie. if someone tries to join my site with an email I have banned they will not be able to join? I ask this because the only consistent thing so far has been the e-mail addresses of the spammers.

If this is possible is it not then possible for someone to write a module that allows site owners to ban spammers, but also upload the e-mail address of the spammer to a database on a server somewhere when they do this?

If all dolphin users had this or (try not to laugh) boonex included it as part of dolphin, the database would rappidly grow into a snapshot of who is spamming our sites and what their e-mails are. This information could then be queried everytime someone joins a site, so if they show up as a spammer they will not be allowed to join.

This could even be a good service that someone could run on here, and possibly sell the mod too...

Just a thought.....

 

Nathan

 

I definitely agree there is room for improvement in spam prevention for Dolphin.  Rather than have every members information submitted to a "big brother" type of database I would suggest:

  • Dolphin web administrators submit only the spammers information to the Dolphin spam list.
  • Administrators can update the list (automatically or manually) on their individual websites.

This approach would mitigate the fear of Dolphin trying to take over individuals websites or direct solicitation from Boonex to independent Dolphin based websites because they already have all of their members information (Ning).

 

By the way , is your site invitation only or open?

8 Jul 2011

My site will be open. I do not launch until sept 1st. I have managed to cut the spam down dramatialy, but as a subscription site I will have to stop it altogether - paying customers will not want to see spam - and they should not have to.

Its a shame, because I imagine there are many, many genuine customers in china.

Deno... As a service and a mod I think this could be a very good earner for someone on here with the knowledge to pull it off. Perhaps give the mod away, but charge a monthly subscription for the service? Eitherway, I like the different approach you are taking to this.

8 Jul 2011

I recommend you to use htaccess to ban all visitors from china - thats easiest way how to stop about 90% of spammers.There is a article in forum already I think from dosdawg what to do...

8 Jul 2011

Deano- when this mod is ready, you have your first buyer here :-)

 

I work with a number of Dolphin sites based around the Martial Arts so China would be a welcome addition to my customers!

At the moment though, I have to block as much of China traffic as I can as its all spam...

 

Keyword filter based mod would be great.

8 Jul 2011

Most spamers in the case of dolphin want to leave a link. Backlinks increase rankings if they are done right and enough of them.

 

My guess is that they post something like a blog that initially shows up on the homepage where the page rank is the highest and flows. There actual post has a link or likely several to their site they are promoting.

 

I would say either disable and/or require the admin to approve them. Remove links entirely from tinymce posting and comments so they can't get a backlink. Or at least set them to nofollow so you can inform google that you do not vouch for the particular link.

 

I do not like to block or ban entire countries myself, but I am nearing the point that I am considering it. Depending on the website and location, if your site is primarily english do you think that many from china will really sign up and participate? Doubtful if you are in the english speaking world. Not out of the question, but do the spammers and hackers outweigh it? Something to think about.

 

DialMe.com - Your One and Only Source For Boonex Dolphin Tutorials and Resources
8 Jul 2011

Yea this is a big issue for me as well...I am getting killed with new registrations from the domain 126.com. Can I block a domain from registering?

8 Jul 2011

My site is a global dance based site. Dance is a truely global art form and dance is popular in china. There could be many valid customers that I will miss if I block it.

8 Jul 2011

Doesnt "CPANEL" have a block list for emails? I will have to look again.

THINK FOR YOUSELF! Its not illegal...YET ! www.NebLife.com
18 Jul 2011

 

Doesnt "CPANEL" have a block list for emails? I will have to look again.

I don't know how that would apply to Dolphin.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
18 Jul 2011

So far there is only one effective way I see of stopping them and that is to require the verification email before they can log in. It should be by default, but Dolphin allows people to create a profile, and submit and still log in unverified. This will stop them from logging in and being able to create any more than the items in the profile.

I regularly check all accounts on the site which are unverified, and delete them immediately if you see that the profile information is bogus (like address and other mismatched fields like city, state, country, etc).

It is an issue, and I have a full script of all the IP addresses by county in a format which should be a direct import into the database to block countries. I have tried over and over to block IPs using the Dolphin system, and it fails to block anyone... single IPs or ranges. There is a Block by IP, and it semi worthwhile as a FREE mod and installs easily.

After being on Dolphin for over 5 years, and fighting the fight each day, the best is to lock unverified members from being able to log in.

Also check all permissions as far as GUEST.... deny ALL!  Just allow view or use the page access which is built into Dolphin 7.0.7

Even Monkeys and Retards get it right with repitition! - Author Unknown
5 Aug 2011

Do you guys have mod_security running? If so put this in your config file:

 

SecRule ARGS_POST "\@gmx\.com" "log, drop"
SecRule ARGS_POST "\@126\.com" "log, drop"
SecRule ARGS_POST "\@qq\.com" "log, drop"
SecRule ARGS_POST "\@yahoo\.cn" "log, drop"
SecRule ARGS_POST "\@163\.com" "log, drop"
SecRule ARGS_POST "\@mx8168\.net" "log, drop"

 

That will drop the TCP connection if anyone tries to enter those email addresses ANYWHERE on your server. Change the "drop" to "deny" if you want them to get the nice denied message.

 

Then add this:

SecRule REQUEST_BASENAME "^join\.php$" phase:2,chain,log,drop
   SecRule ARGS_POST "href="

 

That will prevent any links from being put in any of the fields on your join form. Oh and change the name of your join form while you're at it. The spammers have bots looking for that file by name (you'll have to edit about 7 files to reflect the new file name). Last but not least, add this and change them to suit your needs:

 

SecRule ARGS_POST "prada-handbags" "log, drop"
SecRule ARGS_POST "fashion-replica" "log, drop"
SecRule ARGS_POST "replica-prada" "log, drop"
SecRule ARGS_POST "prada\ bag" "log, drop"
SecRule ARGS_POST "designer\ handbag" "log, drop"
SecRule ARGS_POST "prada\ bag" "log, drop"
SecRule ARGS_POST "prada\ purse" "log, drop"
SecRule ARGS_POST "prada\ handbag" "log, drop"
SecRule ARGS_POST "weebly\.com" "log, drop"
SecRule ARGS_POST "vibram-5fingersales" "log, drop"
SecRule ARGS_POST "republic-handbags" "log, drop"

 

I don't think I could live without mod_security and csf firewall (both free!)

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
6 Aug 2011

 

Do you guys have mod_security running? If so put this in your config file:

 

SecRule ARGS_POST "\@gmx\.com" "log, drop"
SecRule ARGS_POST "\@126\.com" "log, drop"
SecRule ARGS_POST "\@qq\.com" "log, drop"
SecRule ARGS_POST "\@yahoo\.cn" "log, drop"
SecRule ARGS_POST "\@163\.com" "log, drop"
SecRule ARGS_POST "\@mx8168\.net" "log, drop"

 

That will drop the TCP connection if anyone tries to enter those email addresses ANYWHERE on your server. Change the "drop" to "deny" if you want them to get the nice denied message.

 

Then add this:

SecRule REQUEST_BASENAME "^join\.php$" phase:2,chain,log,drop
   SecRule ARGS_POST "href="

 

That will prevent any links from being put in any of the fields on your join form. Oh and change the name of your join form while you're at it. The spammers have bots looking for that file by name (you'll have to edit about 7 files to reflect the new file name). Last but not least, add this and change them to suit your needs:

 

SecRule ARGS_POST "prada-handbags" "log, drop"
SecRule ARGS_POST "fashion-replica" "log, drop"
SecRule ARGS_POST "replica-prada" "log, drop"
SecRule ARGS_POST "prada\ bag" "log, drop"
SecRule ARGS_POST "designer\ handbag" "log, drop"
SecRule ARGS_POST "prada\ bag" "log, drop"
SecRule ARGS_POST "prada\ purse" "log, drop"
SecRule ARGS_POST "prada\ handbag" "log, drop"
SecRule ARGS_POST "weebly\.com" "log, drop"
SecRule ARGS_POST "vibram-5fingersales" "log, drop"
SecRule ARGS_POST "republic-handbags" "log, drop"

 

I don't think I could live without mod_security and csf firewall (both free!)

 Great information, and very helpfull.  Also hopefully richards list could be added to, Im sure it woulsd soom build a good picture of who and where they are comming from...... Is there a way to spam the spammers????? I like payback lol

6 Aug 2011

 

Do you guys have mod_security running? If so put this in your config file:

 

 where is this config file ?

8 Aug 2011

 

 

 Great information, and very helpfull.  Also hopefully richards list could be added to, Im sure it woulsd soom build a good picture of who and where they are comming from...... Is there a way to spam the spammers????? I like payback lol

 Sure you can spam them back... There are lots of porn signup lists and you have their email right :-)

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
8 Aug 2011

 

 

Do you guys have mod_security running? If so put this in your config file:

 

 where is this config file ?

 IF you have mod_security installed it should be at /usr/local/apache/conf/modsec2.user.conf

 

Another thing (I've probably mentioned before) is if you're using Exim for your server email you can put custom rules in /etc/cpanel_exim_system_filter (or /etc/antivirus.exim, you can see in WHM which one it's using) that will filter ALL the email going into the server. You can put rules in Cpanel but if you have a LOT of sites it can be a pain doing it for each one, this file is a master filter. Frankly I was sick of hearing about how I had won the UK lottery or how some Nigerian warlord wanted to transfer money to me.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
8 Aug 2011

hello you can block access to the join page for a text file robot

a passion for BoonEx Dolphin www.dolphindesigntheme.com
8 Aug 2011

Is this being address in the new beta ? I can not even use my site because of these spammers and have not seen a reasonable solution.

14 Oct 2011

another option might be to add code to your .htaccess file.    you can use www.blockacountry.com

Before you do though, it would be interesting to see what others think.

 

I used it on an old classified ad site to block nigeria spammers.

14 Oct 2011

Just in case anyone is doing this mod, i have added a few email domains to the list:

Here's my conf file:

SecRule ARGS_POST "\@gmx\.com" "log, deny"
SecRule ARGS_POST "\@126\.com" "log, deny"
SecRule ARGS_POST "\@qq\.com" "log, deny"
SecRule ARGS_POST "\@yahoo\.cn" "log, deny"
SecRule ARGS_POST "\@163\.com" "log, deny"
SecRule ARGS_POST "\@mx8168\.net" "log, deny"
SecRule ARGS_POST "\@12gohere.net" "log, deny"
SecRule ARGS_POST "\@boxedchristmascards.net" "log, deny"
SecRule ARGS_POST "\@110mail.net" "log, deny"
SecRule ARGS_POST "\@yeah.net" "log, deny"
SecRule ARGS_POST "\@sohu.com" "log, deny"
SecRule ARGS_POST "\@hotmail.com" "log, deny"
SecRule ARGS_POST "\@free-medicine.net" "log, deny"
SecRule ARGS_POST "\@satiny.co.uk" "log, deny"
SecRule ARGS_POST "\@energyforthehome.com" "log, deny"
SecRule ARGS_POST "\@dunkssb.net" "log, deny"
SecRule ARGS_POST "\@pumpkincarving.org" "log, deny"
SecRule ARGS_POST "\@theory-test-practice.co.uk" "log, deny"
SecRule ARGS_POST "\@cooljordanshoestore.com" "log, deny"
SecRule ARGS_POST "\@betfairmethods.com" "log, deny"

SecRule REQUEST_BASENAME "^join\.php$" phase:2,chain,log,deny
  SecRule ARGS_POST "href="

SecRule ARGS_POST "prada-handbags" "log, deny"
SecRule ARGS_POST "fashion-replica" "log, deny"
SecRule ARGS_POST "replica-prada" "log, deny"
SecRule ARGS_POST "prada\ bag" "log, deny"
SecRule ARGS_POST "designer\ handbag" "log, deny"
SecRule ARGS_POST "prada\ bag" "log, deny"
SecRule ARGS_POST "prada\ purse" "log, deny"
SecRule ARGS_POST "prada\ handbag" "log, deny"
SecRule ARGS_POST "weebly\.com" "log, deny"
SecRule ARGS_POST "vibram-5fingersales" "log, deny"
SecRule ARGS_POST "republic-handbags" "log, deny"

http://towtalk.net ... Hosted by Zarconia.net!
15 Oct 2011

oh yeah, here's a couple more.

'sunglasses'

'unlocked'

http://towtalk.net ... Hosted by Zarconia.net!
15 Oct 2011

ohhhh... not the prada handbags lol..... friggin nightmare. I felt like my site was a bag store at one point.

15 Oct 2011

 That's my list... oh my god, someone actually took my advice! Woo hoo! Hahaha... I've just about given up on preaching this though Sky because most of the people here are on shared hosting and can't/don't have mod_security..

 

Oh and after I posted that rule list I changed that one rule to:

SecRule ARGS_POST "=href" "log, deny"

So it blocks links everywhere and not just on the join form.. I figured out they would just join and then try and go back and edit their profile to add the link. Then they were trying to spam the blogs without even joining.. so I changed that rule so you can't post a link ANYWHERE.. that finally stopped them.

 

Just in case anyone is doing this mod, i have added a few email domains to the list:

Here's my conf file:

SecRule ARGS_POST "\@gmx\.com" "log, deny"
SecRule ARGS_POST "\@126\.com" "log, deny"
SecRule ARGS_POST "\@qq\.com" "log, deny"
SecRule ARGS_POST "\@yahoo\.cn" "log, deny"
SecRule ARGS_POST "\@163\.com" "log, deny"
SecRule ARGS_POST "\@mx8168\.net" "log, deny"
SecRule ARGS_POST "\@12gohere.net" "log, deny"
SecRule ARGS_POST "\@boxedchristmascards.net" "log, deny"
SecRule ARGS_POST "\@110mail.net" "log, deny"
SecRule ARGS_POST "\@yeah.net" "log, deny"
SecRule ARGS_POST "\@sohu.com" "log, deny"
SecRule ARGS_POST "\@hotmail.com" "log, deny"
SecRule ARGS_POST "\@free-medicine.net" "log, deny"
SecRule ARGS_POST "\@satiny.co.uk" "log, deny"
SecRule ARGS_POST "\@energyforthehome.com" "log, deny"
SecRule ARGS_POST "\@dunkssb.net" "log, deny"
SecRule ARGS_POST "\@pumpkincarving.org" "log, deny"
SecRule ARGS_POST "\@theory-test-practice.co.uk" "log, deny"
SecRule ARGS_POST "\@cooljordanshoestore.com" "log, deny"
SecRule ARGS_POST "\@betfairmethods.com" "log, deny"

SecRule REQUEST_BASENAME "^join\.php$" phase:2,chain,log,deny
  SecRule ARGS_POST "href="

SecRule ARGS_POST "prada-handbags" "log, deny"
SecRule ARGS_POST "fashion-replica" "log, deny"
SecRule ARGS_POST "replica-prada" "log, deny"
SecRule ARGS_POST "prada\ bag" "log, deny"
SecRule ARGS_POST "designer\ handbag" "log, deny"
SecRule ARGS_POST "prada\ bag" "log, deny"
SecRule ARGS_POST "prada\ purse" "log, deny"
SecRule ARGS_POST "prada\ handbag" "log, deny"
SecRule ARGS_POST "weebly\.com" "log, deny"
SecRule ARGS_POST "vibram-5fingersales" "log, deny"
SecRule ARGS_POST "republic-handbags" "log, deny"

 

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
15 Oct 2011

I can't make that change because I allow my members to post links in their posts in the forum. My site is a manually approved membership, I know who everyone is I give access too.

I tested it last night and it didn't seem to stop me from posting a spam membership. I need to check my mod_security and make sure it's enabled. (I thought it was)

I personally think your idea is a good one. it will certainly help

http://towtalk.net ... Hosted by Zarconia.net!
15 Oct 2011

Ok, I'm on a VPS and I have checked my mod_security, it is enabled. I can still create accounts with spammer email addresses and terms like prada in the description. It does not seem to be working

what am I missing?

http://towtalk.net ... Hosted by Zarconia.net!
15 Oct 2011

2 things to check:

1. Did you put those rules in /usr/local/apache/conf/modsec2.user.conf?

2. Open /usr/local/apache/conf/modse2.conf and make sure it has this line:

Include "/usr/local/apache/conf/modsec2.user.conf"

 

If you want to speed up testing change that rule to check contact.php instead of join.php... that way you can just enter a banned word in the contact form and see if it blocks you instead of going through the whole join process. Then just change it back to join.php when your done.

 

Let me know if it wasn't one of those two things.

 

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
15 Oct 2011

Sky, you might already have this installed but if not check it out. It's a little control panel for mod_security that installs in WHM. It's written by the people who make CSF firewall but you can use it even if you don't have the firewall installed. It lets you turn modsec on and off and edit the rule files from within WHM.. and it's free!

 

http://configserver.com/cp/cmc.html

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
15 Oct 2011

Time ago, prolaznik has published another way for restrict some of email providers of spammer on registration, I've added the email to ban, and this works very well for me..

Step1.

/inc/ design.inc.php

at the end of the file find
bx_import('BxDolAlerts');

and add this ABOVE it.

function ForbidenEmailProvider($Email)

     {
     
       $ForbidenEmailProvider[] = "@163.com";

       $ForbidenEmailProvider[] = "@sohu.com";

       $ForbidenEmailProvider[] = "@21cn.com";

       $ForbidenEmailProvider[] = "@gmx.com";

       $ForbidenEmailProvider[] = "@126.com";

       $ForbidenEmailProvider[] = "@qq.com";

       $ForbidenEmailProvider[] = "@yahoo.cn";

       $ForbidenEmailProvider[] = "@mx8168.net";

       $ForbidenEmailProvider[] = "@110mail.net";

       $ForbidenEmailProvider[] = "@buybrandshop.info";

       $ForbidenEmailProvider[] = "@lenfos.com";

       $ForbidenEmailProvider[] = "@mailinator.com";

       $ForbidenEmailProvider[] = "@tom.com";

       $ForbidenEmailProvider[] = "@hotmilitararygirls.com";

       $ForbidenEmailProvider[] = "@speaktolearn.net";

       $ForbidenEmailProvider[] = "@qtyhosting.com";

       $ForbidenEmailProvider[] = "@12gohere.net";

       $ForbidenEmailProvider[] = "@boxedchristmascards.ne";

       $ForbidenEmailProvider[] = "@yeah.net";

       $ForbidenEmailProvider[] = "@free-medicine.net";

       $ForbidenEmailProvider[] = "@satiny.co.uk";

       $ForbidenEmailProvider[] = "@energyforthehome.com";

       $ForbidenEmailProvider[] = "@dunkssb.net";

       $ForbidenEmailProvider[] = "@pumpkincarving.org";

       $ForbidenEmailProvider[] = "@theory-test-practice.co.uk";

       $ForbidenEmailProvider[] = "@cooljordanshoestore.com";

       $ForbidenEmailProvider[] = "@betfairmethods.com";
    
       foreach($ForbidenEmailProvider as $key => $value)
          {
          if ( strpos("zyx".$Email,$value) > 0 )
             return false;
          }  

       return true;

     }



Step2.

in administration / builders / profile fields (join form)
edit the email field click on advanced and replace 

return (bool) preg_match('/^([a-z0-9\+\_\-\.]+)@([a-z0-9\+\_\-\.]+)$/i', $arg0);

WITH THIS

return ( ForbidenEmailProvider($arg0) and preg_match('/^([a-z0-9\+\_\-\.]+)@([a-z0-9\+\_\-\.]+)$/i', $arg0) );

Step3.

in administration / settings / languages settings look for 

_FieldError_Email_Check 

and edit the error msg. that's displayed, the default one is (please enter correct email) change to something like this

Invalid email address / or the email provider you are using is blacklisted.

or whatever you like.

That's it  you can add more email providers or remove some

$ForbidenEmailProvider[] = "@someprovider.";

Templates and Modules for Dolphin 7.3 http://www.boonex.com/market/posts/Giovanni_m
16 Oct 2011

mscott, I checked that. I set it up in SSH and checked it in WHM. it's all there and enabled. I will have to get with HFW and see if they are overriding it somehow.

Giovanni - COOL FIND! Thanks Prolaznik

 

PS, If you noticed, I have added hotmail to my list of banned domains. I know some people still use it but a lot of trash comes from them now.

http://towtalk.net ... Hosted by Zarconia.net!
16 Oct 2011

Sky, make sure none of your .htaccess files have this in them:

 

<IfModule mod_security.c>
SecFilterEngine Off
</IfModule>

 

Also, if you look at the main apache error log (usr/local/apache/logs/error_log) does it have any entries at all from modsec?

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
16 Oct 2011

My htaccess files do have that in it.Was added a while back to solve a video upload problem.

There are also no entries  in the mod_sec logs

http://towtalk.net ... Hosted by Zarconia.net!
16 Oct 2011

Ahhh, that entry in the htaccess turns mod security off compelely for that directory and any sub-directory under it... I think we just found the problem with your spam blocking :-)

 

What was it blocking with the videos? It hasn't stopped me but I also haven't really uploaded any huge ones.

 

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
16 Oct 2011

Yeah, but have you been screwing with Dolphin since 7 came out, lol

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

Ok, Mod security is definitely enabled. I removed all the SecPOST comments in the htaccess files in ALL my sites. I flushed all the cache the hard way including the browsers. I double checked the conf file to make sure everything was listed

I even went so far as to remove my IP from the ignore list in my firewall setup.

 

It flat doesn't work for me.

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

Since 7??? I just upgraded all my sites from 6.0.3 to 7.0.6 a few months ago, lol.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
17 Oct 2011

OH! You just reminded me when you said ignore file... you don't have your IP whitelisted with modsec do you? Do you have it monitoring the contact form or still just the join? I'll give it a try if you want me to, that would narrow it down so we could see if it was just letting YOU through.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
17 Oct 2011

go for it, townation.com

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

Yuuup not working... the email blacklist mod is working so I put @gmx.com in the about me section and it still let me join.

 

You know when I was telling you to check conf files I forgot to mention the main one! Open /usr/local/apache/conf/httpd.conf and make sure this is there:

Include "/usr/local/apache/conf/modsec2.conf"

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
17 Oct 2011

Ok, wrote the new line in the httpd conf file. Lets check it again

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

LOL, still lets me in as a Prada bitch

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

Did you restart Apache after you made the change? We're not stopping until it's working!!!!! lol

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
17 Oct 2011

Oh crap. stand by

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

Haven't done it in a while. I'm rebooting the whole system. Will be back up in a minute

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

is up.

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

LOLOLOL! STILL DOESN'T WORK!

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

$&#@! Is it possible you missed an .htaccess somewhere below the root dir of the site?

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
17 Oct 2011

No. I was pretty thorough. only have 2 sites with modified htaccess files. the rest are all stock test sites

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

hang on a sec. gonna check that httpd conf file and make sure the changes stuck.

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

Yup, still there.

http://towtalk.net ... Hosted by Zarconia.net!
17 Oct 2011

I'm going to move this to PM before the MODS kill us both.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
17 Oct 2011

Doing all the stuff you guys have mentioned and enabling "Promotional Membership" seems to have done the trick for me because I don't allow my promotional members to post anything. The fake sign ups have stopped for now.

Thanx guys.  

Free the Dolphin...
3 Nov 2011

Hello,

I had the same problem as

I solved it by adding this directive at the begin of modsec2.user.conf. I added this directive which was not included in default configuration.

SecRequestBodyAccess On

If it can help somebody ...


Aleks.

Alex.
22 Nov 2011

I banned the entire china country and then had issues where they was using other country IP's !! WAS A NIGHTMARE until I done the following:-

 

1. keep china blocked

2. Made blogs moderated (not auto activated)

3. Limit number of postings per standard member per day

 

Just the 3 above steps and brough spamming issues down to just about 0%

DedicatedServer4You.com -- BIGGEST Range of Dedicated Servers at the Lowest Price!
22 Nov 2011

Make site paid sitze and charge some low fee like 2 dollars for year registration so evcerybody can afford it. IM sure chinese spammers stay away and not pay anything :-) That is most safe way how to get rid of spammers and also most of other abusive people who only create a mess on your site..

22 Nov 2011

 i like your idea, its awesome.

Make site paid sitze and charge some low fee like 2 dollars for year registration so evcerybody can afford it. IM sure chinese spammers stay away and not pay anything :-) That is most safe way how to get rid of spammers and also most of other abusive people who only create a mess on your site..

 

so much to do....
22 Nov 2011

I used that on my joomla sites. I put 1 dollar registration fee and suddenly..no spammers :-) They dont pay a cent to enter any site..so only free sites are in danger...

22 Nov 2011

 sorry for going off topic but i hate joomla :)

I used that on my joomla sites. I put 1 dollar registration fee and suddenly..no spammers :-) They dont pay a cent to enter any site..so only free sites are in danger...

 

so much to do....
22 Nov 2011

Getting $2 off someone can be like getting blood from stone and may prevent good users looking for a free service from adding good content !

 

Just saying ;)

DedicatedServer4You.com -- BIGGEST Range of Dedicated Servers at the Lowest Price!
22 Nov 2011

fighting with spam is so time consuming and neverending job that I simply give up to release any free site. ON allk wherte is membership I have 1 dollar fee and get only serious people there ..true not alot of people but better to have 90 unique users than 500 users wher 410 are spammers and give all my time to fight with them

22 Nov 2011

I have read this on german webside, i think this is a good idea.

 

" How long is a real visitor needs to write his message? Determined more than 16 seconds, and (even if he falls asleep in between) for no longer than 16 hours. Spam-​​bots on the other hand need only a few seconds in 76%, less than 1% of the bots scan the form only once, then use it for all subsequent spam. It's pretty rare that automated spam entries are made outside this period on the requirements of the form. In order to use this feature to spam prevention, you do not need to start a session - a hidden form field completely sufficient for this purpose:"

<?php define ('Zeit', time()); // Start time of the script set

#
additional code to check:
if (!isset($_POST['date'])) { /*
field is missing ->Spam */ }
elseif (!is_numeric($_POST['date'])) { /*
manipulation ->Spam */ }
elseif (intval($_POST['date']) >
Zeit-10) { /* too fast ->Spam */ }
elseif (intval($_POST['date']) <
Zeit-10*3600) { /* old form ->Spam */ }
else { /* kein Spam¿ ->
maybe additional inspections and processing of the entry */ }

#
more code to form:
echo '<input name="date" type="hidden" value="', time(), '" />';
?>

" Only the term comparison of filtered out 76% of all spam. And because spam bots hidden input fields normally transferred unchecked, this field should be defaced by not even naming or encoding of the value."

 

Maybe someone can build a mod for Dolphin with this script.

Here is the link to the website with more information: http://1ngo.de/web/captcha-spam.html

24 Nov 2011

 Help!! Help!! hello everyone, im also sick of these spammers, i tried to block emails by doing the following but now when new members fill out the join form and click join at the bottom the page does not go anywhere... nothing happens... I tried to trouble shoot and removed the e-mail block from admin profile fields and it works fine, members are able to join but without the e-mail field... can someone tell me what the hell happen?

what is the original code that goes in in the admin>profile fields>emai> advance>check ?

Thanks

running 7.0.8

 

Time ago, prolaznik has published another way for restrict some of email providers of spammer on registration, I've added the email to ban, and this works very well for me..

 

Step1.

/inc/ design.inc.php

at the end of the file find
bx_import('BxDolAlerts');

and add this ABOVE it.

function ForbidenEmailProvider($Email)

     {
     
       $ForbidenEmailProvider[] = "@163.com";

       $ForbidenEmailProvider[] = "@sohu.com";

       $ForbidenEmailProvider[] = "@21cn.com";

       $ForbidenEmailProvider[] = "@gmx.com";

       $ForbidenEmailProvider[] = "@126.com";

       $ForbidenEmailProvider[] = "@qq.com";

       $ForbidenEmailProvider[] = "@yahoo.cn";

       $ForbidenEmailProvider[] = "@mx8168.net";

       $ForbidenEmailProvider[] = "@110mail.net";

       $ForbidenEmailProvider[] = "@buybrandshop.info";

       $ForbidenEmailProvider[] = "@lenfos.com";

       $ForbidenEmailProvider[] = "@mailinator.com";

       $ForbidenEmailProvider[] = "@tom.com";

       $ForbidenEmailProvider[] = "@hotmilitararygirls.com";

       $ForbidenEmailProvider[] = "@speaktolearn.net";

       $ForbidenEmailProvider[] = "@qtyhosting.com";

       $ForbidenEmailProvider[] = "@12gohere.net";

       $ForbidenEmailProvider[] = "@boxedchristmascards.ne";

       $ForbidenEmailProvider[] = "@yeah.net";

       $ForbidenEmailProvider[] = "@free-medicine.net";

       $ForbidenEmailProvider[] = "@satiny.co.uk";

       $ForbidenEmailProvider[] = "@energyforthehome.com";

       $ForbidenEmailProvider[] = "@dunkssb.net";

       $ForbidenEmailProvider[] = "@pumpkincarving.org";

       $ForbidenEmailProvider[] = "@theory-test-practice.co.uk";

       $ForbidenEmailProvider[] = "@cooljordanshoestore.com";

       $ForbidenEmailProvider[] = "@betfairmethods.com";
    
       foreach($ForbidenEmailProvider as $key => $value)
          {
          if ( strpos("zyx".$Email,$value) > 0 )
             return false;
          }  

       return true;

     }



Step2.

in administration / builders / profile fields (join form)
edit the email field click on advanced and replace 

return (bool) preg_match('/^([a-z0-9\+\_\-\.]+)@([a-z0-9\+\_\-\.]+)$/i', $arg0);

WITH THIS

return ( ForbidenEmailProvider($arg0) and preg_match('/^([a-z0-9\+\_\-\.]+)@([a-z0-9\+\_\-\.]+)$/i', $arg0) );

Step3.

in administration / settings / languages settings look for 

_FieldError_Email_Check 

and edit the error msg. that's displayed, the default one is (please enter correct email) change to something like this

Invalid email address / or the email provider you are using is blacklisted.

or whatever you like.

That's it  you can add more email providers or remove some

$ForbidenEmailProvider[] = "@someprovider.";

 

 

29 Nov 2011

The problem may be reduced for a while. Over the weekend the FBI (IIRC) seized around 170 domains featuring all the stuff we have come to know and hate -Uggs, fake Prada, football jerseys etc.

Since that happened the spam has dropped right off.

As my site is entirely user content driven with anything up to 50 new content submission accounts opened per day (that is going up as we get a higher Alexa ranking) we have to be careful about who we ban and I have significant genuine membership (and readership) from Asia, including China that there is no benefit to an outright ban.

What I have found is that if one takes away the 'toys' they need then the benefit of signing up is taken away and eventually one really does get filtered from their target lists.

So, we removed all opportunities to drop live links from comments, profiles etc.

The Chineses still send me nice pics with a dead link but I am not overly worried about those. People actually look at the pics and I remove the ones I don't want to see. ;)

 

TheDundy's suggestion is a good one. Timing is worth a look at. A script can signup, drop a link and be gone in a second (depending upon how fast your site runs) As no human is so fast then blocking very fast (or very slow) signups/customisation/first post is viable.

That said I have seen some autoposting tools that even go as far as to mimic the activity of a human in terms of typing out entries one letter at a time with randomisation. Very cool stuff. ;)

29 Nov 2011

So excuse my ignorance what does CAPTCHA do?

29 Nov 2011

help help help , i'v been in contact with a member hear who apparenty is from china, after this I received domain name registrants on my NOT READY , temporary unavailable website.

Can I name this individual and the registrant emails ??

I am no coder or understand techniqual jargon, just about understand HTML so can anyone assist in adding what others have added for security such as emails ect.

 

29 Nov 2011

 

help help help , i'v been in contact with a member hear who apparenty is from china, after this I received domain name registrants on my NOT READY , temporary unavailable website.

Can I name this individual and the registrant emails ??

I am no coder or understand techniqual jargon, just about understand HTML so can anyone assist in adding what others have added for security such as emails ect.

 

 Since all Dolphin site navigation structures are the same, it makes us very vulnerable to anyone looking; no matter if your published or not.

It's a matter of the search. Just this simple search term in google  returns mostly  "Dolphin" sites.

Make a search  using "inurl:my_page/add/"

ManOfTeal.COM a Proud UNA site, six years running strong!
29 Nov 2011

WOW...

DRautenbach....i feel for you..

my website is getting hit pretty hard!!!!. within  the last 3 months I probably  deleted over 700 spam accounts. I'm at the point I'm not even sure whos real and who isn't on my site.  All i been doing is mass deleting users. I tried some of the advises found in the forums and it doesn't appear to be working.

Its been non-stop and Arvixe who does the hosting of my site is ready to shut my site down. its that bad!!!!

I'm  at a point I'm ready to shut my site down..

R

2 Dec 2011

 

WOW...

DRautenbach....i feel for you..

my website is getting hit pretty hard!!!!. within  the last 3 months I probably  deleted over 700 spam accounts. I'm at the point I'm not even sure whos real and who isn't on my site.  All i been doing is mass deleting users. I tried some of the advises found in the forums and it doesn't appear to be working.

Its been non-stop and Arvixe who does the hosting of my site is ready to shut my site down. its that bad!!!!

I'm  at a point I'm ready to shut my site down..

R

 Robin,

Adding the additional question,

i.e.

  • "What is 5+5"
  • "Are you Human?"

http://www.boonex.com/forums/topic/China-is-invading-help-me-with-form-field-validation.htm

to the join form has stopped 98% of my spamming, IT WORKS

ManOfTeal.COM a Proud UNA site, six years running strong!
3 Dec 2011

 

 

WOW...

DRautenbach....i feel for you..

my website is getting hit pretty hard!!!!. within  the last 3 months I probably  deleted over 700 spam accounts. I'm at the point I'm not even sure whos real and who isn't on my site.  All i been doing is mass deleting users. I tried some of the advises found in the forums and it doesn't appear to be working.

Its been non-stop and Arvixe who does the hosting of my site is ready to shut my site down. its that bad!!!!

I'm  at a point I'm ready to shut my site down..

R

 Robin,

Adding the additional question,

i.e.

  • "What is 5+5"
  • "Are you Human?"

http://www.boonex.com/forums/topic/China-is-invading-help-me-with-form-field-validation.htm

to the join form has stopped 98% of my spamming, IT WORKS

 Hello newton27,

Thanks for the reply back. Finally had a chance to sit down and try your idea.. will let you know what happens.. 

Within the last 3 days I had 250 spammers hit my site and Im hoping, hoping this will stop them.. thanks again.

cheers..

7 Dec 2011

It has worked for me, I still get the occasional spammer, but I can tell their actually human.

China is no longer a problem using the "Join by Country" module on some sites.

The chase now is the ones using hotmail and gmail, which I cannot block. 

ManOfTeal.COM a Proud UNA site, six years running strong!
7 Dec 2011

....

7 Dec 2011

It happened to my site for the last couple weeks from the WALL and SPY module. i had to remove these two modules to stop spam. And so far is ok. Not sure that Wall and Spy have security issue.

7 Dec 2011

Hey newton27, 

Thanks for the link, man it worked. the difference is day and night.

from getting 20 to 30 spam a day to getting 1 spam with the last 4 days.. 

works!!

http://www.boonex.com/forums/topic/China-is-invading-help-me-with-form-field-validation.htm

 

Thanks

R

9 Dec 2011

 So what did you do on your site? May I view it please? Thanks

 

Hey newton27, 

Thanks for the link, man it worked. the difference is day and night.

from getting 20 to 30 spam a day to getting 1 spam with the last 4 days.. 

works!!

http://www.boonex.com/forums/topic/China-is-invading-help-me-with-form-field-validation.htm

 

Thanks

R

 

9 Dec 2011

 Your welcome Robin. 

This should be a core feature or an option at the least.

Hey newton27, 

Thanks for the link, man it worked. the difference is day and night.

from getting 20 to 30 spam a day to getting 1 spam with the last 4 days.. 

works!!

http://www.boonex.com/forums/topic/China-is-invading-help-me-with-form-field-validation.htm

 

Thanks

R

 

ManOfTeal.COM a Proud UNA site, six years running strong!
9 Dec 2011

 

 So what did you do on your site? May I view it please? Thanks

 

Hey newton27, 

Thanks for the link, man it worked. the difference is day and night.

from getting 20 to 30 spam a day to getting 1 spam with the last 4 days.. 

works!!

http://www.boonex.com/forums/topic/China-is-invading-help-me-with-form-field-validation.htm

 

Thanks

R

 

 blank question info

And this is another shot

wrong answer

And results after you submit join form

wrong answer result

And this is what you get using the email blocking mod.

email blocking

ManOfTeal.COM a Proud UNA site, six years running strong!
10 Dec 2011

Hey Newton,

Thanks man. I appreciate it. I also sent you an email regarding another question.

10 Dec 2011

 

Hey Newton,

Thanks man. I appreciate it. I also sent you an email regarding another question.

 your welcome, you have mail..

ManOfTeal.COM a Proud UNA site, six years running strong!
10 Dec 2011

Try these simple steps to prevent spam on your site:

http://www.boonex.com/forums/topic/Simple-Spam-Fighting-Steps.htm

Rules → http://www.boonex.com/terms
12 Dec 2011

I was having this issue, everyday 10 to 15 sign ups with nothing important or meaningful on my site, just a bare site and yet these sign ups from the crappy spam stuff.

Anyway, no more.

What happened, I had my splash page installed and template. The splash has all the standard questions to register (username, pwd, confirm pwd and email).

Then system takes you to a 2nd page of registration where you have to click on User Terms and their is a Captcha.

That is it.

Now I noticed no more spam sign ups. Zero.

Why am i telling you this? So that you too can avoid the same problem. I am not sure which portion of the sign up process has worked, but it has and it is such a joy.

19 Dec 2011

I've figured out why the join button was ceasing to function for some on Prolaznik's fix...

In design.inc.php, the code in my file was different to others (unsure whether due to previous modifications or discrepancies between version 7.0.3 and other versions...

At the bottom of your design.inc.php, you should see the following two lines:-

$oZ = new BxDolAlerts('system', 'design_included', 0);
$oZ->alert();

What is directly above these two lines? If you don't see the following line, then this will likely fix the issue:-

bx_import('BxDolAlerts');

Copy and paste the following into your design.inc.php file above:-

$oZ = new BxDolAlerts('system', 'design_included', 0);
$oZ->alert();

===

//block registrations using specific email providers
function ForbidenEmailProvider($Email)

     {  
       $ForbidenEmailProvider[] = "@163.com";
       $ForbidenEmailProvider[] = "@sohu.com";
       $ForbidenEmailProvider[] = "@21cn.com";
       $ForbidenEmailProvider[] = "@gmx.com";
       $ForbidenEmailProvider[] = "@126.com";
       $ForbidenEmailProvider[] = "@qq.com";
       $ForbidenEmailProvider[] = "@yahoo.cn";
       $ForbidenEmailProvider[] = "@mx8168.net";
       $ForbidenEmailProvider[] = "@110mail.net";
       $ForbidenEmailProvider[] = "@buybrandshop.info";
       $ForbidenEmailProvider[] = "@lenfos.com";
       $ForbidenEmailProvider[] = "@mailinator.com";
       $ForbidenEmailProvider[] = "@tom.com";
       $ForbidenEmailProvider[] = "@hotmilitararygirls.com";
       $ForbidenEmailProvider[] = "@speaktolearn.net";
       $ForbidenEmailProvider[] = "@qtyhosting.com";
       $ForbidenEmailProvider[] = "@12gohere.net";
       $ForbidenEmailProvider[] = "@boxedchristmascards.ne";
       $ForbidenEmailProvider[] = "@yeah.net";
       $ForbidenEmailProvider[] = "@free-medicine.net";
       $ForbidenEmailProvider[] = "@satiny.co.uk";
       $ForbidenEmailProvider[] = "@energyforthehome.com";
       $ForbidenEmailProvider[] = "@dunkssb.net";
       $ForbidenEmailProvider[] = "@pumpkincarving.org";
       $ForbidenEmailProvider[] = "@theory-test-practice.co.uk";
       $ForbidenEmailProvider[] = "@cooljordanshoestore.com";
       $ForbidenEmailProvider[] = "@betfairmethods.com";
   
       foreach($ForbidenEmailProvider as $key => $value)
          {
          if ( strpos("zyx".$Email,$value) > 0 )
             return false;
          } 

       return true;

     }

bx_import('BxDolAlerts');

===

The entire bottom of your design,inc.php page should read:-

    $oForm = new BxTemplFormView($aForm);

    bx_import('BxDolAlerts');
    $sCustomHtmlBefore = '';
    $sCustomHtmlAfter = '';
    $oAlert = new BxDolAlerts('profile', 'show_login_form', 0, 0, array('oForm' => $oForm, 'sParams' => &$sParams, 'sCustomHtmlBefore' => &$sCustomHtmlBefore, 'sCustomHtmlAfter' => &$sCustomHtmlAfter, 'aAuthTypes' => &$aAuthTypes));
    $oAlert->alert();

    $sFormCode = '<div style="text-align: center; margin-top: 8px;"><a href="modules/?r=deanos_facebook_connect/login_form"><img border="0" src="' . BX_DOL_URL_ROOT . 'modules/deano/deanos_facebook_connect/templates/base/images/fbconnectbut.png"></a></div>' . $oForm->getCode();
   
    $sJoinText = (strpos($sParams, 'no_join_text') === false) ?
        '<div class="login_box_text">' . _t('_login_form_description2join', BX_DOL_URL_ROOT) . '</div>' :
        '';
   
    return $sCustomHtmlBefore . $sFormCode . $sCustomHtmlAfter . $sJoinText;
}

//block registrations using specific email providers
function ForbidenEmailProvider($Email)

     {  
       $ForbidenEmailProvider[] = "@163.com";
       $ForbidenEmailProvider[] = "@sohu.com";
       $ForbidenEmailProvider[] = "@21cn.com";
       $ForbidenEmailProvider[] = "@gmx.com";
       $ForbidenEmailProvider[] = "@126.com";
       $ForbidenEmailProvider[] = "@qq.com";
       $ForbidenEmailProvider[] = "@yahoo.cn";
       $ForbidenEmailProvider[] = "@mx8168.net";
       $ForbidenEmailProvider[] = "@110mail.net";
       $ForbidenEmailProvider[] = "@buybrandshop.info";
       $ForbidenEmailProvider[] = "@lenfos.com";
       $ForbidenEmailProvider[] = "@mailinator.com";
       $ForbidenEmailProvider[] = "@tom.com";
       $ForbidenEmailProvider[] = "@hotmilitararygirls.com";
       $ForbidenEmailProvider[] = "@speaktolearn.net";
       $ForbidenEmailProvider[] = "@qtyhosting.com";
       $ForbidenEmailProvider[] = "@12gohere.net";
       $ForbidenEmailProvider[] = "@boxedchristmascards.ne";
       $ForbidenEmailProvider[] = "@yeah.net";
       $ForbidenEmailProvider[] = "@free-medicine.net";
       $ForbidenEmailProvider[] = "@satiny.co.uk";
       $ForbidenEmailProvider[] = "@energyforthehome.com";
       $ForbidenEmailProvider[] = "@dunkssb.net";
       $ForbidenEmailProvider[] = "@pumpkincarving.org";
       $ForbidenEmailProvider[] = "@theory-test-practice.co.uk";
       $ForbidenEmailProvider[] = "@cooljordanshoestore.com";
       $ForbidenEmailProvider[] = "@betfairmethods.com";
   
       foreach($ForbidenEmailProvider as $key => $value)
          {
          if ( strpos("zyx".$Email,$value) > 0 )
             return false;
          } 

       return true;

     }

bx_import('BxDolAlerts');     
$oZ = new BxDolAlerts('system', 'design_included', 0);
$oZ->alert();

if ((int)$_GET['idAff'])
    BxDolService::call('inviter', 'accept_affiliate', array());

?>

 

Then also follow the other steps from Prolaznik:-

Step2.

in administration / builders / profile fields (join form)
edit the email field click on advanced and replace 

return (bool) preg_match('/^([a-z0-9\+\_\-\.]+)@([a-z0-9\+\_\-\.]+)$/i', $arg0);

WITH THIS

return ( ForbidenEmailProvider($arg0) and preg_match('/^([a-z0-9\+\_\-\.]+)@([a-z0-9\+\_\-\.]+)$/i', $arg0) );

Step3.

in administration / settings / languages settings look for 

_FieldError_Email_Check 

and edit the error msg. that's displayed, the default one is (please enter correct email) change to something like this

Invalid email address / or the email provider you are using is blacklisted.

or whatever you like.

That's it  you can add more email providers or remove some

$ForbidenEmailProvider[] = "@someprovider.";

3 Jan 2012

 

I was having this issue, everyday 10 to 15 sign ups with nothing important or meaningful on my site, just a bare site and yet these sign ups from the crappy spam stuff.

Anyway, no more.

What happened, I had my splash page installed and template. The splash has all the standard questions to register (username, pwd, confirm pwd and email).

Then system takes you to a 2nd page of registration where you have to click on User Terms and their is a Captcha.

That is it.

Now I noticed no more spam sign ups. Zero.

Why am i telling you this? So that you too can avoid the same problem. I am not sure which portion of the sign up process has worked, but it has and it is such a joy.

 That's good, but, I do think it effects SEO to use a splash page, the jury is still out on this one.

ManOfTeal.COM a Proud UNA site, six years running strong!
3 Jan 2012

 

 That's good, but, I do think it effects SEO to use a splash page, the jury is still out on this one.

 

Yeah, if the splash page knocked him so far down in the SERPs that not even the spammers could find him I wouldn't consider that a "fix" lol.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
3 Jan 2012

For the splash page if it is set well and without limiting the entry at the site contents has no problems.. my site on Google with SEO is almost at the top..

i use the block for Spammers email that I have posted time ago in this forum, and block after 5 attempts to wrong password for 5-hour and i solved the problem of spam, from 3 months, 0 Spammers and 3000 real user..

Templates and Modules for Dolphin 7.3 http://www.boonex.com/market/posts/Giovanni_m
9 Jan 2012

 Splash pages do not affect SERP, it all depends on how you set it up. At the end of the day, you can have the best SEO site with no members and you will not show.

SEO is not just about keywords, titles and content on page. You need hits as well and many other factors that we do not realize.

I would rather have a site with good number of members and have an average SEO, then the other way around.

Don't forget that the splash page is not the only page you SEO. You have many internal pages that also come into play that need to be SEO.

 

 

 That's good, but, I do think it effects SEO to use a splash page, the jury is still out on this one.

 

Yeah, if the splash page knocked him so far down in the SERPs that not even the spammers could find him I wouldn't consider that a "fix" lol.

 

9 Jan 2012

I have a splash page and my spam is dropped to 0 a big ZERO. Don't know exactly what part work the best but i think that my join.php is no more usable so maybe thats the reason or maybe recaptcha. But no bot or spammers. I am getting more signups due to the page looks like fb. lol

so much to do....
9 Jan 2012

 So there you go, another living proof. Perhaps we should find out about users that have splash and don't and see which ones get more spam. not only that it may have something to do with the join page.

I have a splash page and my spam is dropped to 0 a big ZERO. Don't know exactly what part work the best but i think that my join.php is no more usable so maybe thats the reason or maybe recaptcha. But no bot or spammers. I am getting more signups due to the page looks like fb. lol

 

9 Jan 2012

join.php is like a big fat magnet to spammers. Usually, they are going to run http://biglistopfdomainnames.com/join.php to find the pages to attack with spam maybe?

By adding a splash page, you've introduced a second step their scripts aren't prepared for?

http://towtalk.net ... Hosted by Zarconia.net!
9 Jan 2012

It looks like bots are used to search and join Dolphin sites. If site have some non standard features bots fail, some of the noticed features to prevent bots are:

- splitting join form into steps

- splash screen (I think splash involves hiding real join form too)

Rules → http://www.boonex.com/terms
10 Jan 2012

A little heads up. For all of you that have made use of these changes. Updating to 7.08 completely replaces the inc/design.inc.php file....

AAAARGH!

http://towtalk.net ... Hosted by Zarconia.net!
16 Jan 2012

i've done those changes but i still get like alots of spam suers registered from hotmail and gmail! this is not the way! cant we replace this chapta thing with rechapta or something more powerful?

5 Feb 2012

 

i've done those changes but i still get like alots of spam suers registered from hotmail and gmail! this is not the way! cant we replace this chapta thing with rechapta or something more powerful?

 I still get the spammer accounts as well but no posting of blogs because of the spam tools provided.

Have you "enabled" the spam tools in your admin section, do you have your askimet key installed?

It's best to fine tune these settings along with using this added filter.

ManOfTeal.COM a Proud UNA site, six years running strong!
5 Feb 2012

 

 

 So what did you do on your site? May I view it please? Thanks

 

Hey newton27, 

Thanks for the link, man it worked. the difference is day and night.

from getting 20 to 30 spam a day to getting 1 spam with the last 4 days.. 

works!!

http://www.boonex.com/forums/topic/China-is-invading-help-me-with-form-field-validation.htm

 

Thanks

R

 

 

This is a follow up to this post because of some PM's I've received; I realized I didn't actually post how I added this math question, so here it is.

Go to admin-->builders-->profile fields  || drag a new item/block up

click on block and add 

System Name  --> MathQuestion

Caption --> What is 5+5?

Description--> To complete the join form, you must prove your human.

select "Text" from drop down at the bottom,

Then click on Advanced tab on top, check off mandatory and set min value to 1 and max value to 10 

In the "check" field put this; 

return strtolower($arg0) == '10';

 

Click save.. Make new language key for block name .

This is actually an edit of

rhimpr

post from another topic, http://www.boonex.com/forums/topic/China-is-invading-help-me-with-form-field-validation.htm

ManOfTeal.COM a Proud UNA site, six years running strong!
6 Feb 2012

I love this thread and hopefully it has helped a lot of people.. hopefully it will also make Boonex realize they REALLY needs some sort of pagination for this forum. This page is huggggggge lol.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
6 Feb 2012

Son, I am dissapoint.


 CRTL + F , "cloudflare" ... nothing..

I have one word for you all, "cloudflare". 

6 Feb 2012

 

I love this thread and hopefully it has helped a lot of people.. hopefully it will also make Boonex realize they REALLY needs some sort of pagination for this forum. This page is huggggggge lol.

 There's a bigger one. Just check out Ilbellodelwebs IBDW support thread.

http://towtalk.net ... Hosted by Zarconia.net!
6 Feb 2012

Its nothing fancy but I had 1 to 5 spam accounts a day signing up on the site. It was getting exhausting. I added a new question to the join form and maybe see one account a month now. Example "If you are human enter the number 1 in the box". Use the built in matching boonex already has and if the number one is not entered then the form does not go through and no membership created. This works because these memberships are automated bots and not actually real people. My site is great now!

Create a New field in the Join Form

Builders- Profile Fields- Join Form

  • GENERAL TAB
  1. System Name "RUHUMAN"
  2. Caption: Enter the number "1" here to prove you are human.
  3. Description: Enter the number "1" to prove you are human and not an automated robot.
  4. Type: Number
  • ADVANCED TAB
  1. Mandatory: Yes
  2. Min Value: 1
  3. Max Value: 1
  4. Default Value: 0
  5. Anything not mentioned for this section leave it blank
  • Messages
  1. Mandatory Error Messages: You must type the number 1 in this field to prove you are human.
  2. Enter this same message in both the Minimum and Maximum blocks and leave the rest blank.

NOW CLICK SAVE

Just drag and drop the "RUHUMAN" block where you want it to show up on your join form. Unless someone enters the number "1" the form should not process. That should stop most automated registrations. It did for me. I dont think I forgot anything. That should be all you have to do.

6 Feb 2012

I have added the 5+5 question and changed the join.php to register.php and now waiting for the effect it shows. What you think should i need something else?

so much to do....
8 Feb 2012

@

8 Feb 2012

 

Its nothing fancy but I had 1 to 5 spam accounts a day signing up on the site. It was getting exhausting. I added a new question to the join form and maybe see one account a month now. Example "If you are human enter the number 1 in the box". Use the built in matching boonex already has and if the number one is not entered then the form does not go through and no membership created. This works because these memberships are automated bots and not actually real people. My site is great now!

Create a New field in the Join Form

Builders- Profile Fields- Join Form

  • GENERAL TAB
  1. System Name "RUHUMAN"
  2. Caption: Enter the number "1" here to prove you are human.
  3. Description: Enter the number "1" to prove you are human and not an automated robot.
  4. Type: Number
  • ADVANCED TAB
  1. Mandatory: Yes
  2. Min Value: 1
  3. Max Value: 1
  4. Default Value: 0
  5. Anything not mentioned for this section leave it blank
  • Messages
  1. Mandatory Error Messages: You must type the number 1 in this field to prove you are human.
  2. Enter this same message in both the Minimum and Maximum blocks and leave the rest blank.

NOW CLICK SAVE

Just drag and drop the "RUHUMAN" block where you want it to show up on your join form. Unless someone enters the number "1" the form should not process. That should stop most automated registrations. It did for me. I dont think I forgot anything. That should be all you have to do.

 

I tried this 2 days ago and it looks like it has stopped those bots

THANKS!!!!

9 Feb 2012

 

 

Its nothing fancy but I had 1 to 5 spam accounts a day signing up on the site. It was getting exhausting. I added a new question to the join form and maybe see one account a month now. Example "If you are human enter the number 1 in the box". Use the built in matching boonex already has and if the number one is not entered then the form does not go through and no membership created. This works because these memberships are automated bots and not actually real people. My site is great now!

Create a New field in the Join Form

Builders- Profile Fields- Join Form

  • GENERAL TAB
  1. System Name "RUHUMAN"
  2. Caption: Enter the number "1" here to prove you are human.
  3. Description: Enter the number "1" to prove you are human and not an automated robot.
  4. Type: Number
  • ADVANCED TAB
  1. Mandatory: Yes
  2. Min Value: 1
  3. Max Value: 1
  4. Default Value: 0
  5. Anything not mentioned for this section leave it blank
  • Messages
  1. Mandatory Error Messages: You must type the number 1 in this field to prove you are human.
  2. Enter this same message in both the Minimum and Maximum blocks and leave the rest blank.

NOW CLICK SAVE

Just drag and drop the "RUHUMAN" block where you want it to show up on your join form. Unless someone enters the number "1" the form should not process. That should stop most automated registrations. It did for me. I dont think I forgot anything. That should be all you have to do.

 

I tried this 2 days ago and it looks like it has stopped those bots

THANKS!!!!

 Your welcome Tony! Just make sure you are able to still sign up with a legitimate account. Create a test account to make sure it works as it should. Try the wrong numbers a few times and then the right one to make sure it will still create new accounts. Hey my first instruction mod! Glad it helped. Ive seen where where other people have done it to their installations but I never yet seen where someone broke it down step by step and tell you how to do it. Maybe they have though. I am a skim reader sometimes and a lot of information on here I have not seen yet. Wink

9 Feb 2012

5 + 5 could possibly be perceived as a question a bot could answer at some point. This idea has been around for a small amount of time and it is one most bot creators aren't tackling yet.

That is the secret word though .... yet.

5 plus five would be better than 5+5 in my book. Just a thought...

http://towtalk.net ... Hosted by Zarconia.net!
10 Feb 2012

This seems like a deja vu :) I’ve been using Dolphin for about 5 years now. And the most critical issues I’ve been encountering with Dolphin has been with SECURITY.  My Blogs were getting approved somehow without my approval, things were getting published on my site without my approval -  at one point, I had to shutdown my site because it looked like a Marketing Hub for China :-)  My Dolphin sites have been consuming so much resources on my dedicated server to the point where it brought down my whole server. As result, I paid the consequences..

Long story short: Get hold of Mr. MSCOTT  at:  
http://www.boonex.com/mscott
 - I can assure you that you will be happy with the results..

It took me 5 years of headaches with some Chinese & Russian SPAMMERS, and now for the last 7 months after I applied some security Mods with the help of MSCOTT -  I can focus on my business in hopes to make some revenues and not spend my wheels chasing CHINA ! 

Mr. MSCOTT  has saved me all the security headaches I encountered for the last 5yrs. He installed Mod_security and CSF firewall and he added some custom security work that he put together for his sites/clients, and he configured everything for me properly. I just can’t thank him enough for the great assistance and the extra efforts he has done for me to make my Dolphin sites as stable as they are today and most importantly.  Today, I have NO more SPAMs, no more fake emails, and no more intrusions :-)


To see what I am talking about, here are some Alerts/Hackers from China & Russia I’ve been getting and were STOPPED promptly before they could harm my system:

IP: 222.186.24.25 (CN/China/-)
Failures: 3 (mod_security)
Interval: 300 seconds
Blocked: Permanent Block

IP: 188.143.232.8 (RU/Russian Federation/-)
Failures: 3 (mod_security)
Interval: 300 seconds
Blocked: Permanent Block

I would highly recommend MSCOTT to any one who is or has been having security issues with his Dolphin sites, you will be happy with his services indeed. I am :-)

Regards,

11 Feb 2012
 Hello @Morocco, I'm using mod_security too and splitting join form. Today, I have no more spammers' registrations. But I have a member who is often banned by csf and mod_security and who is not a spammer. I don't understand why this member is always banned and I don't find the rule which ban my member. Is it possible that you give me your mod_security rules ? Thank you.
Alex.
12 Feb 2012

@Aleka2a: Any time mod_sec bans someone is lists a rule number in the email it sends you. Just take that rule number and search for it in /usr/loacal/apache/conf/modsec2.user.conf

 

The only rule I have ever had problems with when using Dolphin is #950004, it thinks the smileys :-) are XSS attempts and blocks the person. Was the person you mentioned using smileys in their description?

 

@Morocco, thanks bro!!!

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
12 Feb 2012

 

@Aleka2a: Any time mod_sec bans someone is lists a rule number in the email it sends you. Just take that rule number and search for it in /usr/loacal/apache/conf/modsec2.user.conf

 

The only rule I have ever had problems with when using Dolphin is #950004, it thinks the smileys :-) are XSS attempts and blocks the person. Was the person you mentioned using smileys in their description?

 

@Morocco, thanks bro!!!

 mscott,

I installed the module mod_evasive; helps protect the server from DDOS attacks and mod_security; helps protect the server from attacks right?

I find that when uploading music now I get a 403 forbidden error on pages, am I blocking myself?

I'm new to server's, this one has been running for couple years without these installed; I decided to install to be safer. Here is a link to my server phpinfo http://www.duvallocals.info/phpinfo.php

I might add, after uploading a music file is when I get a temp ban, then am able to view pages again. Is this normal? I don't want members to see these blocks. I have no problems with spam now that I did the math question, I just thought I'd add extra security..

I followed this http://www.linuxlog.org/?p=135 to do the install.

I guess the question I want to ask is, can this be "loosened" some?

Thanks in advance Undecided

ManOfTeal.COM a Proud UNA site, six years running strong!
13 Feb 2012

I've never used mod_evasive before. I looked into it at one point but I found lots of people who weren't really happy with it plus I had never really had a problem wtih DDOS attacks.  

 

To figure out what's blocking you look in your error log (usr/local/apache/logs/error_log) right after you try and upload a song. If it was mod_evasive you can change the settings in http.conf. I found these through Google, but like I said I've never used it so this is just a shot in the dark:

 

<IfModulemod_evasive20.c> 

DOSHashTableSize 4096 

DOSPageCount 5 

DOSSiteCount 50 

DOSPageInterval 2 

DOSSiteInterval 2 

DOSBlockingPeriod 25 

DOSEmailNotify email@site.com 

</IfModule>

 

After you change the settings don't forget to restart apache.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
13 Feb 2012

Thanks, I seen that during the install. Increasing these numbers might help?

I found that no media will play now, audio or video, you tube embeds play fine.

I guess I will try to back out the install.

ManOfTeal.COM a Proud UNA site, six years running strong!
14 Feb 2012

If it's mod_security blocking the media from playing it will add a line in /usr/local/apache/logs/error_log everytime it happens. If you don't see anything in there it must be something else.

 

You can also install this free mod_sec control panel that will let you turn it on and off easily:

http://configserver.com/cp/cmc.html

 

If you turn mod_sec off and the media still doesn't play then something else is causing it.

 

If you add that email line to the mod_evasive config in http.conf it should email you every time it blocks something.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
14 Feb 2012

 

@Aleka2a: Any time mod_sec bans someone is lists a rule number in the email it sends you. Just take that rule number and search for it in /usr/loacal/apache/conf/modsec2.user.conf

 

The only rule I have ever had problems with when using Dolphin is #950004, it thinks the smileys :-) are XSS attempts and blocks the person. Was the person you mentioned using smileys in their description?

 

@Morocco, thanks bro!!!

 

Hello mscott,

I did not know that CSF could send an email to each banishment. Thank you for the info and sorry for the late reply (internet access problem).

The person I mentioned doesn't use smileys in his description.

Alex.
14 Feb 2012

 Yes, it sends an email for each one to the email address for the root account.

 

If you aren't getting the emails just check the Apache error log and the rule numbers are listed there too.

 

 

@Aleka2a: Any time mod_sec bans someone is lists a rule number in the email it sends you. Just take that rule number and search for it in /usr/loacal/apache/conf/modsec2.user.conf

 

The only rule I have ever had problems with when using Dolphin is #950004, it thinks the smileys :-) are XSS attempts and blocks the person. Was the person you mentioned using smileys in their description?

 

@Morocco, thanks bro!!!

 

Hello mscott,

I did not know that CSF could send an email to each banishment. Thank you for the info and sorry for the late reply (internet access problem).

The person I mentioned doesn't use smileys in his description.

 

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
14 Feb 2012

I was out messing around on another site and I spotted something that intrigued me.

When they created their bot question, they just left it blank. Right next to it was the caption (Bot trap, please leave blank)

It must work. I can see a bot trying to put something in the box.

http://towtalk.net ... Hosted by Zarconia.net!
5 Mar 2012

Seems like a good idea.

ManOfTeal.COM a Proud UNA site, six years running strong!
5 Mar 2012

Thank you all for your posts. I have added both the blank field and the "enter number" field to my join page. We'll see what happens.

7 Mar 2012

This topic needs to be put on the active topics list so it remains at the top. As far as I am concerned, it is the single best thread on this site for information on how to solve spam issues. Since so many of you seem to be burning up the forum with the spam question again, I thought I'd make it easier to find....

I'm just sayin....Cool

http://towtalk.net ... Hosted by Zarconia.net!
3 Oct 2012

 

Thank you all for your posts. I have added both the blank field and the "enter number" field to my join page. We'll see what happens.

 If you need to you can do the split of the join form making it a two step process which is the best block for bots.

"Split Join Form

You are able to split the Join form into the several pages, just "transfer" some blocks to the next pages: Click on Join block title in join area and in an opened window of its properties choose Join Page different from "0", and Save. That's all. The new Join page is created and your block is transferred to this page."

Look at the bottom of this image...

 

http://www.boonex.com/trac/dolphin/wiki/ProfileFieldsBuilder

ManOfTeal.COM a Proud UNA site, six years running strong!
4 Oct 2012

https://www.projecthoneypot.org/

Csampson
4 Oct 2012

Since I have allowed registrations from US IP addresses only, and at the same time integrated Maxmind's proxy detection service, which blocks access to the join form via US based anonymous proxy servers, I  have not had a single spammer registration  in two years.  I don't use any of the built in anti spam tools  Prior to that, it was about a dozen a day.  If your site has a local focus, this is a highly effective way to stop spammer registrations. 

Spammers outside the US don't seem to care if you can trace their origin.  Spammers inside the US however, don't seem to want anyone to track them down, so they ALL appear to work through anonymous proxies, and the Maxmind service is excellent for this. In the unlikely event you get a spammer registration from an IP that can be associated with an individual, you have ways to make their pathetic life miserable. Maxmind has an excellent service...not sure why I'm the only one here that uses it.

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
4 Oct 2012

 

https://www.projecthoneypot.org/

 I use this as well.

ManOfTeal.COM a Proud UNA site, six years running strong!
4 Oct 2012

the math addition question and split join pages has worked 100% for me

and yes blocking china too lol

4 Oct 2012

Thanks to everyone for sharing. Yesterday, I used the step by step instructions given by above and it worked 100%. I came in today to find no spammer where normally I would have had up to 30 new members! Thanks to Boonex for providing this platform even though they fall short in offering the necessary tutorials themselves.

New at this but getting there
12 Oct 2012
18 Dec 2012
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.