Please upgrade here. These earlier versions are no longer being updated and have security issues.

Can't Stop Spammers

DenisSDenisS My brain hurts Buriram ✭✭

Ver 2.0.18.8 I have upgraded but not online with 2.1.6 yet. But my old ver is still live.
Over the last week I have been the target of spammers registering and post spam. It started with 5 or 10 at first and has risen to 220 last night. When it was about 30 or so set the "Stop Forum Spam" settings very low, never helped. I set the forum settings to "New Members Must be approved" no help. There is no new members on the activity list. Is there anyway of stopping them? have anybody had the same problem. It seems
that they are mostly Russian or Eastern Europe.

meetdilip
«1345

Comments

  • peregrineperegrine MVP
    edited December 2014

    try to push forward on the 2.1.6 install and don't worry as much if you can't get a particular plugin working.
    If you the have the basic 2.1.6 working use the bittersweet theme and fix your other theme when you can.

    then use the plugins here..

    http://vanillaforums.org/discussion/comment/220830/#Comment_220830

    despite what you think some of the ips and maybe all (at least the ones I checked in your image) are actually from the U.S with fake russian e-mail addresses. I would trust the ip over the email :)

    or if you can;t move to 2.1 (which you actually could if you wanted to accept a different theme or limited plugins)

    block the troublesome repeat ip cidr ranges with .htaccess

    you can google how to do this with .htaccess.

    I don't know who your audience is, but ...

    e.g.

    order deny,allow
    deny from 63.141.0.0/16
    deny from 86.136.0.0/16
    deny from 192.227.0..0/16
    deny from 138.228.0..0/16
    allow from all
    

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

    vrijvlinder
  • Also if you have approval registration, don't use confirm e-mail and it will save you some grief as well.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

    vrijvlinder
  • vrijvlindervrijvlinder Papillon-Sauvage MVP
    edited December 2014

    compare IP with http://www.russianbrides.com well maybe not, those women are something else... could they be looking for rich expats with sheltered us tax dough?

    Check them out before you try http://www.russian-dating-scams.com/scams/first_things_to_know.htm

    I have learned that it is best to meet them first......... :'(

    http://en.wikipedia.org/wiki/Bride_scam

    http://www.womenrussia.com/blacklist.htm <<<<does not mean they are black women

    peregrinejackmaessen
  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    These people need a new forum.. no wonder they got hacked it is horrible, nonetheless it is about victims of russian bride scams in case you need support..

    http://scamvictimsunited.com/phpBB2/viewtopic.php?f=21&t=3359&start=15

  • DenisSDenisS My brain hurts Buriram ✭✭
    edited December 2014

    These post are mostly informational about skin care, herpes and stuff some would be helpful but when so many it's a pain. I did have the bride thing but it's changed this week. How do they join & post? I have set up an IP ban but like today maybe 90 different IP's it's almost impossible. an extra function on the user file " ban IP " would be great, maybe I won't get this with the upgrade, in about two weeks. I have un-checked confirm e-mail, see what happens tonight. Cheers

    vrijvlinder
  • DenisSDenisS My brain hurts Buriram ✭✭

    Well that didn't work just had another 50 new "members" and posts.

  • whu606whu606 I'm not a SuperHero; I just like wearing tights... Moderator

    @DenisS‌

    What are your current anti-spam methods?

    I use registration approval with Add Registration Question and Registration Restrict Logger, and don't get any spam applicants anymore.

    If you make your registration question specific to your site user interests, the odds of a spambot hacking it successfully will be pretty remote.

    peregrineBleistivtvrijvlinder
  • peregrineperegrine MVP
    edited December 2014

    @DensiS said: Well that didn't work just had another 50 new "members" and posts.

    well it might help you if you upgrade to 2.1.6 asap and do what whu606 said.

    the un checking of unconfirm e-mail helps in that the spammers have to be approved by you, and can't become members and spam your discussions. They can only spam the registration process and you can solve that via what whu606 said worked for him and what is mentioned previously in the FAQ.

    the problem is, once you experience what you have it is only going to get worse, until you implement some measures as suggested.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

    vrijvlinder
  • cbunting99cbunting99 Texas New
    edited December 2014

    I ran Vanilla on boi-infinity.com and couldn't stop spammers.. There is also a loophole somewhere that I never found that allows sql injections to gain access to the admin account and also to make posts in the forums that replaced other forum user's posts..

    I don't think the Vanilla developers or anyone on the forums run the type of site to know exactly what security issues exist with Vanilla, but it's too much of a hassle to try running it just to report everything..

    I've been there.. Good luck fighting the spam!

    BTW: I see someone else had the problems I once did, This was happening like 6 months ago, But I saw the post, http://vanillaforums.org/discussion/28555/vanilla-2-1-6-released however, I am still not sure about trying Vanilla again.. I wish I knew it was really secure now, Because I run IPB and have the same spam issues, but IPB doesn't have anything to fight spam.

    hgtonight
  • BleistivtBleistivt MVP
    edited December 2014

    @cbunting99 said:
    I ran Vanilla on boi-infinity.com and couldn't stop spammers..

    What did you try?

    There is also a loophole somewhere that I never found that allows sql injections to gain access to the admin account and also to make posts in the forums that replaced other forum user's posts..

    This is most likely because you were using vulnerable plugins or an outdated version of vanilla.
    If that was a core issue, thousands of forums would be hacked and reports about that would pile up here and on github.

    I don't think the Vanilla developers or anyone on the forums run the type of site to know exactly what security issues exist with Vanilla, but it's too much of a hassle to try running it just to report everything..

    It's the same software vanillaforums.com uses to run large forums (e.g. http://forums.penny-arcade.com/ or http://forums.thesims.com/)

    What special type of site do you run?

    My themes: pure | minusbaseline - My plugins: CSSedit | HTMLedit | InfiniteScroll | BirthdayModule | [all] - PM me about customizations

    • Vanilla APP » Learn more «
    • iOS & Android App for Vanilla - White label app for your forum
    vrijvlinderperegrinehgtonight
  • peregrineperegrine MVP
    edited December 2014

    @cbunting99 said:
    I ran....

    to be fair the op is using 2.0.18.8

    six new versions of 2.0.18 have been released since 2.0.18.8

    and 2.1.6 has been released as well along with a number of plugins that are compatible with 2.1 that help solve issue.

    and when you "ran", you had been using an older version than currently available, correct?

    some solutions also require making wise decisions in terms of the vanilla setup, using the most current version available and making sure database structure user roles and permissions are set correctl, and the proper plugins for the problem.

    the best questions are the one that relate to the current recommended version of vanilla, and posting issue at the time and letting people try to assist, and following suggestions.

    if we are talking historical anecdotes it is one thing, if we are talking current issues, it is another.

    security issues can also be a result of web host not upgrading operating system software as well.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • DenisSDenisS My brain hurts Buriram ✭✭
    edited January 2015

    Thanks for all the comments and help everyone
    I have up-dated sorry Installed a fresh 2.1.6, but still testing everything out i don't want to launch it until it's ready as had many problems, most are sorted now but it's a seems worlds apart from 2.018.8 it was not a straight update. The spam has tailed off now only 3 today. I be glad when i can work only with 2.1.6. I am also thinking of moving hosting I been with Bluehost since 2007, anyone have any redecorations I need to be able to have 3 domains and at least 10 sub domains.

  • DenisS good idea to be aware of security updates. I'm not talking about major releases, but the incremental security updates.

    grep is your friend.

  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    I have been Using FatCow since 2004 , Most services are the same they offer the same things and you pay more or less depending on what you get.

    I would pay extra for things such as backups and restoring in case things go bad. It may cost a bit more but is worth it.

    http://www.fatcow.com

  • LincLinc Director of Development Detroit Vanilla Staff

    Personally, I strongly recommend getting Akismet and banning @mail.ru addresses unless you actually get legit members from it. I'd also switch to Approval registration method when having a spam wave.

  • DenisSDenisS My brain hurts Buriram ✭✭
    edited January 2015

    Thanks, I have switch to Approval Registration, There are many Russian expats in Thailand so i can't really ban all. I'll have a look at Fatcow hosting, thanks for the answers.

  • DenisSDenisS My brain hurts Buriram ✭✭

    Bleistivt: My forums are all expats I put 7 regional sites up to start with 18 months ago so to cover the area of isaan which is vast and then as the membership grew, I redirected to 2 forums my first year saw 700+ members, only about 20 active the rest browsers. 250,000+ pages views. But I install 2.1.6 to change directions to a New news forum all sites funnelling into it then slowly close the forums, as bored with all the back biting. ;-) That's why it's taking so long to set up my 2.1.6 ver.
    I have a property website "osclass" , which is very user friendly and cross promote.
    I have also had problems with spammers on that, it seems to go in waves on both sites. I think they must go around the globe targeting countries.

  • AnonymooseAnonymoose ✭✭
    edited January 2015

    Use a question-on-registration that people involved in your forum's topic know the answer to, but spammers, not only bots, but paid-to-post human operations, are too lazy to find out.

    peregrine
  • DenisSDenisS My brain hurts Buriram ✭✭

    I have questions, activar, set for admin approval, they are not joining they are coming through without joining and posting, even in activity they don't show. I had another 50 today.

  • peregrineperegrine MVP
    edited January 2015

    are you using confirm email. if so don't if you have confirm e-mail set up they don't need to be approved. hence your issue.

    and you probably want to upgrade to 2.0.8.14 if you can't seem to get 2.1.6 just yet.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

Sign In or Register to comment.