Ban IP page has disappeared

We have been getting bombarded with requests to join our forum from obvious hacker type attacks on the registration system. We are using Captcha but that is not stopping the registration requests. I started to look at the IP addresses of these IDs and then looking at the results of Whois and banning the entire range of IPs for whatever their apparent host is. That has slowed the onslaught. But now when I try to add more addresses to the list I get an error that says the web page is not there.

I presume that I either overloaded it and it corrupted or my “friends” have found a way to get into our server and blew it away.

We can’t be the only ones suffering from these mass attacks so I would think there would be some universal way of combatting it other than doing what I was doing.

Our Forum was inactive for quite awhile and when we went back in we found a lot of approved users who had no business being there. Changing our admin password, cleaning them (and their messages) out and then blocking the IP addresses I was able to, stopped that from happening (so far) but they are still getting past the CAPTCHA script for registration.

???

-Barry

Unfortunately there is no universal way to stop forum spam. There are programs like All Submitter and Xrumer for automated submissions, and they can resolve simple captcha protection. For more complicated text modification (such as reCaptcha) there are services for spammers, where hundreds of people sit and recognize captcha for as low as $1 per 1000 captcha codes! It is hard to believe, but it is true. This is a black/gray SEO, and it’s a huge industry.
Blocking IP is a good solution to protect your forum from newbie spammers. But mature spammer will proxy servers! A lot of proxies. There are thousands of free proxies available, and there are services where you can rent proxy ID for small fee.

Ask yourself what attract spammers to your website? Ability to post their LINKS! They fight to place their backlinks on your forum, even for a very short time (they know their profile will be banned and all the posts deleted). Search engines like popular forums and their crawlers index new posts on such forums very fast, so if you delete spam post in a hour after it was posted, the chances are that this post is already indexed by googlebot - that’s enough for spammers. They will return to your site again and again.
If your forum have high google PR, and/or have a large and loyal audience - you need to pay much attention to any links (both in profiles and posts), and to any suspicious posts. Say if someone has registered on your forum just to say:

Hello[url=http://www.phphelp.com/forum/index.php/board,12.0.html],[/url] what a great website! [url=http://www.phphelp.com]:)[/url]
don't let them fool you - check if there is a link behind the SMILE icon, or a link behind point/exclamation/comma etc. (I actually posted links in the example above, to demonstrate how you can miss this). You may think this is not a big deal - people do not see these link, but Search Engines DO! And that's make your forum a target for Spam.

Here are several tips how to stop forum spam and make your website less attractive for spammers.
You may or may not find a corresponding mod/plugin to implement these features on your forum script, or hire php programmer to make customization to your forum script.

[ul][li]Use reCaptcha or other human verification procedure on new member registrations or guest’s posts[/li]
[li]Disallow indexing forum memberlist by search engines (you can do this by adding rel=“nofollow” attribute in the script code, or by adding directives to robots.txt)[/li]
[li]Set permissions to allow posting URLs only after NN days from user registration, and/or after they have XX posts (this will make your website less user friendly, but less attractive to spammers too)[/li]
[li]Disallow links in forum signature for new members (again, make it available only after user have XX posts, and/or NN days since their registration on the forum[/li]
[li]Disallow editing posts for new members and limit post edit time for any other member (some clever spammers will return to edit their old posts to insert links)[/li]
[li]Use stop words list to censor repeating spam posts (since spammers use an automated posting software, sometimes stop words list help to filter a lot of spam posts promoting the same service/product/website)[/li][/ul]

Hope this helps.

Thanks for the quick answer. Not the answer I was hoping for but it sounds like we just keep doing more of the same and live with it.

I still can’t get to the Ban IP Address page though so if anyone has an answer for that part I would like to get some advice on that.

Thanks

-Barry

I guess we are unique.

-Barry

iptables and request limit + you can block user name types like block users with 4 numbers after their name kuz the look like a bot, theres tons of things you can do :slight_smile:

Sponsor our Newsletter | Privacy Policy | Terms of Service