[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4183: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3493)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4185: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3493)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4186: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3493)
[phpBB Debug] PHP Notice: in file /includes/functions.php on line 4187: Cannot modify header information - headers already sent by (output started at /includes/functions.php:3493)
TFBW's Forum • View topic - Widespread and Systematic Forum Abuse (Forum Spam)

TFBW's Forum

Discuss
It is currently Sat Aug 15, 2020 5:03 am

All times are UTC




Post new topic Reply to topic  [ 51 posts ]  Go to page Previous  1, 2, 3
Author Message
 Post subject:
PostPosted: Sat Mar 31, 2007 2:31 am 
Offline
Your Host

Joined: Mon Jul 10, 2006 6:57 am
Posts: 204
Location: Sydney, Australia


Top
 Profile  
 
 Post subject:
PostPosted: Sat Apr 21, 2007 5:52 pm 
Offline
Recognised Remarker

Joined: Sat Apr 21, 2007 5:42 pm
Posts: 1
Just wanted to say thanks for the description you made about using Javascript to fight forum spam. I took your idea and modified it a little and thought I'd share it. The major difference is that my method only works if registrations are required. This was already setup on my forum so I could take advantage of the email verification stuff. I think my approach might work really well because the javascript that sets the cookie isn't run just by loading the page, you have to click on the registration link. Additionally registered users don't have to keep Javascript on.


Around line 238 in templates/subSilver/overall_header.tpl modify the existing line to add the javascript.

<!-- BEGIN switch_user_logged_out -->
&nbsp;<a href="{U_REGISTER}" class="mainmenu" onClick="document.cookie = 'auth=abc123;PATH=/'"><img src="templates/subSilver/images/icon_mini_register.gif" width="12" height="13" border="0" alt="{L_REGISTER}" hspace="3" />{L_REGISTER}</a>&nbsp;
<!-- END switch_user_logged_out -->


Around line 79 includes/usercp_register.php add the following new lines.

if ($mode == 'register' && !isset($_COOKIE["auth"]))
{
message_die(GENERAL_MESSAGE, 'Javascript required to register');
}



Edit: everyone that does this should change the cookie name from "auth" to something unique so there is no one standard cookie name for spammers to submit.


Top
 Profile  
 
 Post subject:
PostPosted: Sun Apr 22, 2007 4:58 am 
Offline
Your Host

Joined: Mon Jul 10, 2006 6:57 am
Posts: 204
Location: Sydney, Australia
So, if I understand that correctly, your forum only allows posts by registered users, and you are requiring active Javascript only at the point of registration. That seems reasonable, if the "registered users only" aspect isn't an issue. Personally I hate having to sign up when I encounter a forum as a result of a search and want to post a comment on it -- that's why I allow guest posting here.


Top
 Profile  
 
 Post subject:
PostPosted: Mon Apr 23, 2007 4:49 pm 


Top
  
 
 Post subject:
PostPosted: Wed Apr 25, 2007 7:09 pm 


Top
  
 
 Post subject:
PostPosted: Thu Apr 26, 2007 7:21 pm 
Offline
Your Host

Joined: Mon Jul 10, 2006 6:57 am
Posts: 204
Location: Sydney, Australia


Top
 Profile  
 
 Post subject: just a small comment about spiders and POST
PostPosted: Fri Apr 27, 2007 9:30 pm 


Top
  
 
 Post subject:
PostPosted: Mon Apr 30, 2007 4:02 am 
Offline
Your Host

Joined: Mon Jul 10, 2006 6:57 am
Posts: 204
Location: Sydney, Australia
My comment was that any sensibly-programmed site would not require POST operations for simple reading. I concede that there are a large number of websites which are not sensibly programmed. This is easily demonstrated in a slightly different way: any site that requires a particular make of browser (usually Internet Explorer) is designed contrary to the general principles of the web.

Writing a web-spider which included the ability to perform POST operations would pose a difficulty in that you'd have to be careful not to perform any such operations which make unwanted changes to the site content. Such abuse would get your user-agent or IP address banned pretty rapidly! The only safe way I can think of enabling POST operations in a spider would be to do it on a special case basis.


Top
 Profile  
 
 Post subject:
PostPosted: Tue Jul 10, 2007 12:15 pm 


Top
  
 
 Post subject:
PostPosted: Wed Jul 11, 2007 11:35 am 
Offline
Your Host

Joined: Mon Jul 10, 2006 6:57 am
Posts: 204
Location: Sydney, Australia
I'm not sure whether that would have the desired effect. I'm pretty sure that a lot of the automated forum spamware knows the correct URL for submitting posts simply because phpBB is widely used. This would apply to pretty much any widely used forum software: if you know the base URL of the forum, you probably know the URL for posting.

On the other hand, if you changed the URL for posting, you'd probably disable a lot of automated attempts even without using Javascript. I'd investigate that, but I've killed the spam problem in this forum so effectively with existing measures that I have no motivation to try it out. If someone else wants to give it a try, though, let us know how it goes.


Top
 Profile  
 
 Post subject:
PostPosted: Thu Jul 12, 2007 1:17 pm 
Right. I was actually thinking about it as a general technique - for known forum software it would probably be ineffective.


Top
  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 51 posts ]  Go to page Previous  1, 2, 3

All times are UTC


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group