Spamming attacks

[Kiwi]

Over the last couple of days, it appears the forum has been subject to a series of spam attacks. Some of you will have probably noticed that a few of these user accounts have managed to post some pretty graphic content, not suitable for a R13 forum. Firstly I'll apologise to any of you who stumbled across this content while browsing. Secondly it looks like they might be using a bot to register up to 15 user accounts each day and make posts. I have already left a message with Phatmonkey about the possibility of introducing some kind of Captcha facility at registration in the hope we can make it more difficult for bogus accounts to be registered.

Finally not all of it is graphic in nature, but if you could notify a mod the instant you spot anything we'd be grateful. Until we get some additional security measures in place we're going to have to fight this using the Admin equivalent of hand to hand combat. Unfortunately its almost unavoidable that some spam from the more plausible looking accounts is bound to get through.

[jakenewmanbass]

I've noticed 2 so far Kiwi, the first one I reported to BOD2 it was extremely graphic porn. I will keep my eyes open as I'm sure will everybody and let you know if I see owt
Jake

[Kiwi]

thanks Jake We have to edit their user accounts as the bot seems to be placing links in their signatures. So deleting all the posts isn't enough. At least they're following the forum policies!

EDIT: Looks like Captcha has been invoked in the forum settings. Maybe a bot isn't responsible after all...

[Galilee]

Those b*****ds can ruin a forum very quickly if it gets out of hand.

[Kev]

i bloody hated this when i ran my forums, bloody annoying, most of it was kept under check by my moderators, but still there must be some way to block the f***ers

[Kiwi]

I've just done a search on Google for one of the account IP addresses registered today which was 200.63.42.85 and it looks like there are a whole load of forums under attack today, not just Basschat. You can look the IP up yourself and see the dates the accounts were created on any one of these other forums.

[Platypus]

[quote name='Galilee' post='297678' date='Oct 2 2008, 04:18 PM']Those b*****ds can ruin a forum very quickly if it gets out of hand.[/quote]

That may be so, though their Viagra prices were very competitave indeed

[Kiwi]

Update: Its now a known issue according to Invision and a fix is available:

[url="http://forums.invisionpower.com/index.php?showtopic=277539"]http://forums.invisionpower.com/index.php?showtopic=277539[/url]

Normal service will resume shortly.

[Hamster]

Another one just appeared in repairs/tech- reported to mods

[bass_ferret]

Its probably our fault for having so much porn on the site

[warwickhunt]

Does anyone know if this spamming of BassChat could explain why access by me, of the forum, is suddenly blocked at my work (my personal account not a public/pupil accessible account I hasten to add), as I've been able to access BC prior to a couple of days ago!

[Hamster]

[quote name='warwickhunt' post='297964' date='Oct 2 2008, 08:29 PM']Does anyone know if this spamming of BassChat could explain why access by me, of the forum, is suddenly blocked at my work (my personal account not a public/pupil accessible account I hasten to add), as I've been able to access BC prior to a couple of days ago![/quote]

If your connection is through a corporate firewall, the sexual swear words and references might have tripped the content filter and banned access to Basschat

Happened to me with Bassworld - couldn't view it for over 18 months until it went offline and got re-incarnated.

[Kiwi]

OK Phatmonkey has updated the forum software, so we shouldn't be getting any more bogus account sign ups. However there may still be validated accounts that we're not aware of yet.

Many thanks to the people who have already PM'd Ped and I with spam posts.

[warwickhunt]

[quote name='Crazykiwi' post='298005' date='Oct 2 2008, 09:02 PM']OK Phatmonkey has updated the forum software, so we shouldn't be getting any more bogus account sign ups. However there may still be validated accounts that we're not aware of yet.

[b]Many thanks to the people who have already PM'd Ped and I with spam posts.[/b][/quote]

No, I think you'll find we need to thank you guys.

[Prosebass]

[quote name='warwickhunt' post='298105' date='Oct 2 2008, 10:41 PM']No, I think you'll find we need to thank you guys. [/quote]

+1 on that

I'd be lost every morning tucking into my bacon butts without basschat....

[Paul Cooke]

[quote name='Crazykiwi' post='298005' date='Oct 2 2008, 09:02 PM']OK Phatmonkey has updated the forum software, so we shouldn't be getting any more bogus account sign ups. However there may still be validated accounts that we're not aware of yet.

Many thanks to the people who have already PM'd Ped and I with spam posts.[/quote]

there's a fresh run of spam posts this morning. I'm at work, otherwise I'd have actually opened them and reported them.

[Machines]

I think I got them all.. in Introductions anyway.

[Kiwi]

[quote name='Paul Cooke' post='298246' date='Oct 3 2008, 07:34 AM']there's a fresh run of spam posts this morning. I'm at work, otherwise I'd have actually opened them and reported them.[/quote]
Yes, looks like Phatmonkeys work hasn't finished. In the meantime the we will try to stem the flood as best we can. Thanks again for your patience guys.

[geilerbass]

Damn the bastards!

Good work on stemming the flow guys - must be a real nightmare.

I don't think it would be unreasonable for authorities to publish the home addresses of known spammers on the internet, so that disgruntled recipients can go round their houses and cram the spammers' letter boxes full of pages from porn mags and flyers for viagra.

[Kiwi]

The main way I'm telling the bogus accounts is by google-ing their IP numbers, most of them are logged already in other forums and spambot attack sites.

I'm going to take an executive decision here and subject all new account registrations to both Admin and User approval for the time being, at least until Phatmonkey has had an opportunity to see what else needs to be done.

EDIT: Invision have released a completely new version of the forum software this morning, Phatmonkey will be upgrading this afternoon so Basschat may be offline temporarily so he can apply the upgrade.

[tauzero]

[quote name='geilerbass' post='298279' date='Oct 3 2008, 08:41 AM']I don't think it would be unreasonable for authorities to publish the home addresses of known spammers on the internet, so that disgruntled recipients can go round their houses and cram the spammers' letter boxes full of pages from porn mags and flyers for viagra.[/quote]
I think that's far too kind and advocate [url="http://www.tauzero.co.uk/other/spamurai.html"]harsher punishment for spammers[/url].

[geilerbass]

[quote name='tauzero' post='298319' date='Oct 3 2008, 09:32 AM']I think that's far too kind and advocate [url="http://www.tauzero.co.uk/other/spamurai.html"]harsher punishment for spammers[/url].[/quote]



Harsh. Harsh, but fair.

[BassBum]

[quote name='Crazykiwi' post='297613' date='Oct 2 2008, 03:03 PM']Over the last couple of days, it appears the forum has been subject to a series of spam attacks. Some of you will have probably noticed that a few of these user accounts have managed to post some pretty graphic content, not suitable for a R13 forum. Firstly I'll apologise to any of you who stumbled across this content while browsing. Secondly it looks like they might be using a bot to register up to 15 user accounts each day and make posts. I have already left a message with Phatmonkey about the possibility of introducing some kind of Captcha facility at registration in the hope we can make it more difficult for bogus accounts to be registered.

Finally not all of it is graphic in nature, but if you could notify a mod the instant you spot anything we'd be grateful. Until we get some additional security measures in place we're going to have to fight this using the Admin equivalent of hand to hand combat. Unfortunately its almost unavoidable that some spam from the more plausible looking accounts is bound to get through.[/quote]

Hi Guys.
I also run a forum using IPB. I followed the instruction of updating the patch but the site was still getting spammed. I then added a new field to the registration form which seems to have stopped them. If you havnt found the instructions they are ont the IPB forum site ......oh hang on......


Got it! This worked for me.

Navigate your way here...

Admin CP > Management > Users And Groups > Custom Profile Fields > Add New >

And enter the following information...

Field title > Anti-Spam Check Question

Description > Is snow hot or cold? (Answer in lower case)

Field Type > Text Input

Maximum Input > 100

Display order > 1

Expected Input > cold

Include on registration page? > Yes

Field must be completed? > Yes

Can be edited by member? > No

Make private profile field? > Yes

Admin and moderator editable only> Yes

[Kiwi]

Thanks Bassbum, I'll see if Phatmonkey can add the extra field.

[BassMunkee]

+1 on keeping this under control.
Seriously, this is such a well run forum - (and I'm not being cheesy or sarcastic)
Nice work all.

Yay!