You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2009-03-12 05:35:58
- Netdewt
- Member
- Registered: 2009-03-12
- Posts: 2
tons of spam and porn
I put up my forum and immediately started getting tons of spam and porn. I can't find any kind of validation or anything in the Admin section. Help me please!
Offline
#2 2009-03-12 05:42:04
- Tyler
- Member
- Registered: 2008-05-11
- Posts: 104
Re: tons of spam and porn
Put a bot check in the register.php.
Here's one:
Find:
require PUN_ROOT.'header.php';Add before:
$_1 = rand(0, 25); $_2 = rand(0, 25); $answer = ($_1 + $_2);
$equation = array($_1, $_2, $answer);Find:
// Check if someone else already has registered with that e-mail address
$dupe_list = array();
$result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE email=\''.$email1.'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
if ($pun_config['p_allow_dupe_email'] == '0')
message($lang_prof_reg['Dupe e-mail']);
while ($cur_dupe = $db->fetch_assoc($result))
$dupe_list[] = $cur_dupe['username'];
}Add after:
// Check the botcheck
if ($_POST['botcheck'] == '')
message('You didn\'t answer the bot check!');
if ($_POST['botcheck'] != $_POST['equation'])
message('Incorrect botcheck answer!');Find:
<div class="inform">
<fieldset>
<legend><?php echo $lang_prof_reg['Privacy options legend'] ?></legend>
<div class="infldset">
<p><?php echo $lang_prof_reg['E-mail setting info'] ?></p>
<div class="rbox">
<label><input type="radio" name="email_setting" value="0" /><?php echo $lang_prof_reg['E-mail setting 1'] ?><br /></label>
<label><input type="radio" name="email_setting" value="1" checked="checked" /><?php echo $lang_prof_reg['E-mail setting 2'] ?><br /></label>
<label><input type="radio" name="email_setting" value="2" /><?php echo $lang_prof_reg['E-mail setting 3'] ?><br /></label>
</div>
<p><?php echo $lang_prof_reg['Save user/pass info'] ?></p>
<div class="rbox">
<label><input type="checkbox" name="save_pass" value="1" checked="checked" /><?php echo $lang_prof_reg['Save user/pass'] ?><br /></label>
</div>
</div>
</fieldset>
</div>Add above:
<div class="inform">
<fieldset>
<legend>Bot Check</legend>
<div class="infldset">
<label><strong>What is <?php echo $_1.' + '.$_2.'? ?></strong><br />
<input name="botcheck" type="text">
<input name="equation" type="hidden" value="<?php echo $equation[2] ?>">
</div>
</fieldset>
</div>Simple as that. Good luck. 
Last edited by Tyler (2009-03-12 05:44:38)
Offline
#3 2009-03-12 11:07:54
- mad-wolfie
- Member
- From: Stoke on Trent (UK)
- Registered: 2008-08-10
- Posts: 36
- Website
Re: tons of spam and porn
i had the same problem with a forum i just put up for a new site i've built.... i did what i did with my other 1.2 forum, used the Anti-spam mod from Punres that also worked on pun 1.2
http://www.punres.org/desc.php?pid=503
all this does is ask the user questions you can set yourself, such as "what is 1+1?" added to the registration page to detect human or automated spam registration.. the Automated bots so far can't get past it.
Developers..
Is there any way this can be added to the next 1.2 update, as it seems Flux 1.2 is getting hammered with automated spammers at the moment when it comes to new installs, i recently updated my flux forum to the latest version on my main site & the spammers came until i added the human test mod & the site i just installed Flux1.2 on was a brand new site, but it only took a few hours for the spambots to find it to start registering.
Last edited by mad-wolfie (2009-03-12 11:12:19)
www.stokebikeruns.co.uk - Charity motorcycle runs
Offline
#4 2009-03-12 11:08:46
- FSX
- Developer
- From: NL
- Registered: 2008-05-09
- Posts: 805
- Website
Re: tons of spam and porn
You can also take a look at punres.org. There are some mods that could help you fight spam.
Offline
#5 2009-03-12 20:49:13
- MattF
- Member
- From: South Yorkshire, England
- Registered: 2008-05-06
- Posts: 1,230
- Website
Re: tons of spam and porn
Just on a slight side note regarding spam mods, I finally figured out howto refresh a captcha image without reloading any other part of the form, (it's amazing how much absolutely useless and broken code is on the net for supposedly doing that), hence leaving the password fields filled, (if already entered). Viewing the source of this page shows how.
http://forums.bauchan.org/devforum/register.php
The display_reload javascript function at the top of the page makes the reload input button visible when javascript is enabled, (it's set to display: none; in the CSS), so the reload button isn't visible when javascript is disabled. That function is called in the body tag.
Just thought it may come in useful for someone.
Screw the chavs and God save the Queen!
Offline
#6 2009-05-31 22:28:26
- joe.banana
- Member
- From: sun
- Registered: 2009-04-25
- Posts: 95
Re: tons of spam and porn
Allright! thanks for this one! dont like captcha plugins they dont look really good and their annoying i prefer questions related to my forum.
Offline
#7 2009-06-10 09:27:50
- JAcky
- Member
- Registered: 2009-06-09
- Posts: 26
Re: tons of spam and porn
i had the same problem with a forum i just put up for a new site i've built.... i did what i did with my other 1.2 forum, used the Anti-spam mod from Punres that also worked on pun 1.2
http://www.punres.org/desc.php?pid=503
I wrote that mod, thanks for the referral
I updated the mod yesterday to include the register.php file for PunBB 1.2.21. I am planning to download FluxBB 1.2.21 later today and check if there is a difference between register.php in PunBB 1.2.21 and FluxBB 1.2.21
I uploaded the 1.1 Release here
http://www.punres.org/desc.php?pid=503
and updated my own page with instructions for 1.2.21
http://www.network-technologies.org/Pro … mod_punbb/
Offline
Pages: 1