Page 1 of 2

We've hit the big time, the forum was spammed

Posted: Mon Apr 13, 2009 9:33 am
by TheCollector
Yep, looks like we've grown big enough to attract the attention of the spammers.

If I ever catch one of these guys I'm going to take a hot poker and shove it in their..... well no need to go further with that thought :evil:

Anyway, I've deleted the offending accounts and removed their posts. The following security is already in place

1) people must register before they can post
2) I have one of those "type the letters you see in the box" to avoid bott registration
3) You must click on a registration e-mail to activate the account

I can get more draconian on registration / postings if needed, but not without affecting the ease of normal people to post. I've increased the complexity of step #2 for new users.

We'll see how it goes, if anyone has some suggestions let me know.

Re: We've hit the big time, the forum was spammed

Posted: Mon Apr 13, 2009 6:29 pm
by jhanic
Tomas, It looks like someone hit us again. Check out the newest posting in the What Do You Want thread. B$%^ards!

John

Re: We've hit the big time, the forum was spammed

Posted: Mon Apr 13, 2009 8:33 pm
by TheCollector
Looks like i forgot that one.. must have clicked on it at some point so it wasn't "new" which were the posts I was looking for. It's deleted now, thanks for the heads up.

Re: We've hit the big time, the forum was spammed

Posted: Wed Apr 15, 2009 7:44 am
by TheCollector
OK the smaller security measure wasn't working, so now I'm temporarily setting the new user registration to admin approval.

If these spammers are taking the time out to create a unique e-mail and going back to activiate it, I'm not 100% sure I'll be able to filter out the stuff effectivly but we'll see. The downside is new people will have to wait for my approval to sign up.

But I think it's either that or be spammed.

Re: We've hit the big time, the forum was spammed

Posted: Thu Apr 16, 2009 4:28 am
by jhanic
I doubt any legitimate user will mind too much if they have to wait for your approval.

I HATE SPAMMERS!

John

Re: We've hit the big time, the forum was spammed

Posted: Thu Apr 16, 2009 7:22 am
by TheCollector
Another day another spammer.... Looks like I may have to go in and remove all the already inactive accounts and assume they're spammers that will eventually get around to activating and then spamming the board.

I hesitate to do that, as there may be actual users who have registered but never posted.... I'll have to see if they show up as "inactive" as well.

Re: We've hit the big time, the forum was spammed

Posted: Tue Apr 21, 2009 3:11 am
by The_Blight
Well, I'm happy I signed up before this reworking of the signup process...

Re: We've hit the big time, the forum was spammed

Posted: Thu Feb 05, 2015 8:44 pm
by arham
Hey
You have guest posting enabled - disable this for every from from the acp->forums->permisions (or something like that) - ensure guests only have read only access (or no access) and no more than that.

Re: We've hit the big time, the forum was spammed

Posted: Fri Feb 06, 2015 8:12 am
by TheCollector
arham wrote:Hey
You have guest posting enabled - disable this for every from from the acp->forums->permissions (or something like that) - ensure guests only have read only access (or no access) and no more than that.
Oh, thanks! that must have switched during one of the phpbb back end upgrades. I'll get that locked down.

EDIT: Just took a look, they were all locked down to read only for guests, except for this technical issues section. That's on purpose so folks can post if they're having problems registering/seeing the site, etc.

Re: We've hit the big time, the forum was spammed

Posted: Sat Feb 06, 2016 9:13 am
by TheCollector
Hey guys, we got hit by our first spammer in quite some time. I've deleted his account, posts, and banned the IP range. Hopefully that'll be the end of it. I see he somehow also PM'd forum members with the same generic spam message...that's new, it's always been limited to just posts on the forum before.

I found a settings that lets registered users send PM's to an unlimited amount of other registered users and changed it to allowing a maximum of 3 people at once. If you guys use PM for more than 3 people at once, let me know and we can talk about what an appropriate number would be....But that should stop any more mass PM's from coming across.

Likely upgrading to the latest release wouldn't hurt. Ill look into that.