phpBB bot signup

  • Tchuki
  • Mastermind
  • Mastermind
  • Tchuki
  • Posts: 1774
  • Loc: Edinburgh

Post 3+ Months Ago

Hey folks,

One of my mates has a popular phpBB board which is being "attacked" by bots signing up and leaving unappropriate messages on the forum [ drugs, growth hormones, you get the idea ].

He has visual confirmation enabled but they still appear to be able to sign up.

Does anyone know of a fix for this ?

Thanks.
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • PolishHurricane
  • Mastermind
  • Mastermind
  • User avatar
  • Posts: 1585

Post 3+ Months Ago

How many are there? I mean it's totally possible that it was a real person unless there are a bunch of them. If there are a bunch of them, I know PHP scripts that can read images, but they aren't too advanced. Or it's an exploit in PHPbb that bypasses the image verification system.
  • Tchuki
  • Mastermind
  • Mastermind
  • Tchuki
  • Posts: 1774
  • Loc: Edinburgh

Post 3+ Months Ago

I dont know how many there are but it is certainly not a person doing this. Too many for it to be people and too often aswell.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

It's a known issue with phpBB boards. Bot signups and spam have greatly increased at incremental values since July. I've seen it happen at my own place.

I know Bigweb altered the way the captcha works at OZZU and it apears to have helped some. Not sure if he wants to release his method or not. He explained it to me once but I didn't even really understand it.

Bottom line is it's a problem for most phpbb forum owners
  • Tchuki
  • Mastermind
  • Mastermind
  • Tchuki
  • Posts: 1774
  • Loc: Edinburgh

Post 3+ Months Ago

Found this whilst trawling the net:

http://www.matthewleverton.com/howto/ph ... ptcha.html

Read a few reviews and other sites and they all appear to link back to this one tutorial. Think I will suggest this one to my mate.

Posted link just incase anyone else is having a similar issue or anything.
  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9086
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

The default PHPBB CAPTCHA system can, and has been read by bots for many months now. That is why when you use it you are still getting many bots signing up spamming your forum. The best way to limit the spammers is to customize your CAPTCHA system so its not using the default phpBB CAPTCHA system anymore. By having something unique your chances of being read by spammers are much lower since its doubtful spammers will want to spend the time to crack every unique CAPTCHA system. They targetted PHPBB because there are hundreds of thousands of PHPBB boards who all use the same CAPTCHA system. Doing the work once to break it allows them to spam all over the place, unless you have something other than a default PHPBB captcha system.

So this is what I did for ozzu, I replaced the default CAPTCHA system with my own that I can always tweak later if spammers break the current version of it. It will not stop all spam, as there are actual human spammers all over the place too, but it should stop all of the automated computer spam bots. I have used my system on a few other smaller PHPBB forums that I run, and before they were getting 5-15 spammers a day signing up and posting. In the last few months exactly 0 spammers have signed up, so its doing its job.

And if any of you ask if you can have ozzu's CAPTCHA system, the answer is no. Please see the link Tchuki posted above so that you can create your own unique CAPTCHA system.
  • PolishHurricane
  • Mastermind
  • Mastermind
  • User avatar
  • Posts: 1585

Post 3+ Months Ago

Yeah if only one knows about it best, it's gotta be this guy ^. :wink:
  • joebert
  • Fart Bubbles
  • Genius
  • User avatar
  • Posts: 13502
  • Loc: Florida

Post 3+ Months Ago

Bigwebmaster wrote:
And if any of you ask if you can have ozzu's CAPTCHA system, the answer is no.


I learned this on xkcd a few weeks ago.

Sudo give me ozzus' CAPTCHA
  • Tchuki
  • Mastermind
  • Mastermind
  • Tchuki
  • Posts: 1774
  • Loc: Edinburgh

Post 3+ Months Ago

joebert wrote:
Bigwebmaster wrote:
And if any of you ask if you can have ozzu's CAPTCHA system, the answer is no.


I learned this on xkcd a few weeks ago.

Sudo give me ozzus' CAPTCHA


eh ?
  • joebert
  • Fart Bubbles
  • Genius
  • User avatar
  • Posts: 13502
  • Loc: Florida

Post 3+ Months Ago

Sorry Tchuki,
http://www.gratisoft.us/sudo/
http://xkcd.com/c149.html
  • Tchuki
  • Mastermind
  • Mastermind
  • Tchuki
  • Posts: 1774
  • Loc: Edinburgh

Post 3+ Months Ago

Lol.

When you mentioned SUDO first thing that came into my head was Linux.

That comic strip appears quite funny. :D

Post Information

  • Total Posts in this topic: 11 posts
  • Users browsing this forum: No registered users and 4 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.