YaBB Chat and Support Community - Fake Users Already?

(UTC)

Choose Language:

YaBB Chat and Support Community › YaBB Support › Anti Spam › Fake Users Already?

(Moderator Groups: YaBB Moderators, Development Team, Support Team)

‹ Previous Topic | Next Topic ›

Page Index Toggle

Pages: [1] 2

There are no actions to perform.

Very Hot Topic (More than 25 Replies)

Fake Users Already? (Read 10,905 times)

UVT YaBB Newcomer Offline Posts: 11 Location: USA	Fake Users Already? Mar 22^nd, 2012 at 9:25pm
	Hi, we have not yet exposed the board to the public, nor to the search engines and our board it is only accessable via our member-only area of a new community just started this weekend. Yet we are already getting people trying to fake us into approving them as a member. Does anyone know how and why this might be? is there a security flaw in yabb? Thank you.


	IP Logged

Bill Myers God Member Beta Testers Offline Posts: 1,866 Location: Los Angeles YaBB 2.4	Re: Fake Users Already? Reply #1 - Mar 23^rd, 2012 at 1:09am
	I don't believe this is a security flaw in YaBB. Instead, I'm pretty sure that spammers look for standard forum names, and the YaBB.pl file is easy to find. Thankfully, it's pretty easy to keep spammers from registering. Edited: By the way, your forum looks very nice.
	« Last Edit: Mar 23^rd, 2012 at 1:14am by Bill Myers »
	Morning, noon, or night, have a great one! Note: Like most others, this forum doesn't allow us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.
	WWW Facebook IP Logged

Dandello Da WebKitty YaBB Administrator YaBB Next Team Operations Team Beta Testers Support Team Offline Posts: 3,375 Location: Earth YaBB 2.6.1	Re: Fake Users Already? Reply #2 - Mar 23^rd, 2012 at 3:06am
	There aren't that many forum software packages - so all they have to do is look for the main file name associated with that forum. I have one site that has only two inbound links and the moment those links went up my forum got hit with 200+spam registration attempts a day. (I have all the anti-spam stuff already in place so that takes care of a lot of it, but I'm still looking at 200+ attempts to register with bad info every day.) I was getting 50 attempts a day before the site even got those links. (what mystifies me is technically it was an 'orphan directory'- unattached to anything else on the internet and they still found it.
	« Last Edit: Mar 23^rd, 2012 at 3:09am by Dandello »
	If you only have one solution to a problem you're not trying hard enough!
	WWW IP Logged

westwegoman Ex Member None	Re: Fake Users Already? Reply #3 - Mar 23^rd, 2012 at 6:11am
	I would strongly recommend the spam fruits mod or the Anti-Spam Question V0.2 for YaBB 2.5. Since I’ve installed the Anti-Spam question mod with a question on my local area, it has stopped them in their tracks. Before that, I was ready to give up. They were driving me nuts.


	IP Logged

Bill Myers God Member Beta Testers Offline Posts: 1,866 Location: Los Angeles YaBB 2.4	Re: Fake Users Already? Reply #4 - Mar 23^rd, 2012 at 6:22am
	If you're using YaBB 2.4 as I am, you can easily stop spammers without installing any mods by following these instructions. We're now averaging around 500 attempted spam registrations about every hour or so, and not a single spammer has been able to successfully register. Edited: The same here. The number of spam registration attempts that show up in my error log do not show up in the registration log. Dandello wrote on Mar 23^rd, 2012 at 2:50pm: I should add that the number of spam registration attempts in the 'orphan site' is what shows up in my error log, not the registration log. ... Sweet! To those of you who are working on the next version of YaBB, I'm hoping you'll incorporate the anti-spam mods that seem to be working for YaBB 2.5; you know; provide us with those options in the Admin Center. Edited: More accurately, the approximately 500 spam registration attempts made each hour of the day or so are repeated attempts by much fewer spam-bots, i.e., each respective spam-bot makes repeated attempts that fail each time. Human bots, or *"hu-bots"* as I think JonB coined the term in this post (the first time I've known anybody to use that terminology), are easily stopped by implementing admin approval for registrations.
	« Last Edit: Mar 23^rd, 2012 at 4:24pm by Bill Myers »
	Morning, noon, or night, have a great one! Note: Like most others, this forum doesn't allow us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.
	WWW Facebook IP Logged

BloodyRue Junior Member Offline Posts: 83 None	Re: Fake Users Already? Reply #5 - Mar 23^rd, 2012 at 12:32pm
	Within a few days of my initial setup I was getting spammers. Most of that seemed to be coming from Yandex with people searching for "Powered by YaBB"


	WWW Facebook IP Logged

Dandello Da WebKitty YaBB Administrator YaBB Next Team Operations Team Beta Testers Support Team Offline Posts: 3,375 Location: Earth YaBB 2.6.1	Re: Fake Users Already? Reply #6 - Mar 23^rd, 2012 at 2:50pm
	I should add that the number of spam registration attempts in the 'orphan site' is what shows up in my error log, not the registration log. One gets through to admin approval about once a month - which is about the same for my other sites. Between stopforumspam and the antispam quiz with custom questions, not many get through to need my attention.

	If you only have one solution to a problem you're not trying hard enough!
	WWW IP Logged

BloodyRue Junior Member Offline Posts: 83 None	Re: Fake Users Already? Reply #7 - Mar 23^rd, 2012 at 8:48pm
	If you make YAMMS a registration requirement it definitely knocks them off your board. StopForum Spam mod by Derek will nix almost all of them if you don't do the above. The Xcapban mod I am working on kills a huge pile of xrumer users. Placing: KKman and Xpymep in the admin guardian harvester ban section works great also. The most effective thing I found was adding an entire set of China, and Russia IP blocks to my htaccess file. I have 8 other spammers that actually registered manually and attempted to spam my board but were stopped by YaBB's speed posting admin settings. I have yet to see an actual spam message placed on my boards since installing YaBB, whereas, my wwwboard setups had thousands posted. I don't need anything else probably, but I know spamfruits and the other anti-spam mods will work also.


	WWW Facebook IP Logged

Bill Myers God Member Beta Testers Offline Posts: 1,866 Location: Los Angeles YaBB 2.4	Re: Fake Users Already? Reply #8 - Mar 24^th, 2012 at 2:25am
	Obviously depending on how much legitimate traffic from China you may want to have on your site (& in your forum), even from Russia, you may want to be careful about banning entire blocks of IP addresses. In the entertainment industry, for instance, China is the fastest growing market out there, and potentially very lucrative. The irony about banning IP addresses is that they are virtually limitless, so as long as you implement effective spam blocking, what's the real point of banning IP addresses en masse?

	Morning, noon, or night, have a great one! Note: Like most others, this forum doesn't allow us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.
	WWW Facebook IP Logged

BloodyRue Junior Member Offline Posts: 83 None	Re: Fake Users Already? Reply #9 - Mar 24^th, 2012 at 2:28am
	Pointless bandwidth and efforts on my part vetting them all.


	WWW Facebook IP Logged

Bill Myers God Member Beta Testers Offline Posts: 1,866 Location: Los Angeles YaBB 2.4	Re: Fake Users Already? Reply #10 - Mar 24^th, 2012 at 2:51am
	That's the great thing about YaBB's spam blocking mods, or however else you automatically stop the spam, there's virtually no vetting to do. But unless it's automated, attending to IP addresses takes a lot of vetting, which I prefer not to do. As for bandwidth, I believe this is dependent on the amount of spam attempts that hit your forum. Whether or not spam is blocked, the bandwidth should roughly be the same. Spammers will still generate bandwidth. But what do I know? The only thing I know for sure with our forum is that banning IP addresses did virtually nothing to stop spammers from attempting to register. Sure, banned IP addresses as I once entered them by the dozens each and every day blocked them from registering, but these same spammers simply used other IP addresses, which are virtually limitless for them. But after we implemented some easy-to-edit anti-spam captcha changes, we no longer had to ban IP addresses, not did we have to clear them from our registration log.

	Morning, noon, or night, have a great one! Note: Like most others, this forum doesn't allow us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.
	WWW Facebook IP Logged

UVT YaBB Newcomer Offline Posts: 11 Location: USA	Re: Fake Users Already? Reply #11 - Apr 6^th, 2012 at 12:13am
	Many thanks Bill. Followed your spam hack below to the T and after upload we no longer could access our board. Placed back our saved copies and forum is back live. Any idea why your changes killed the YaBB.pl access?


	IP Logged

Bill Myers God Member Beta Testers Offline Posts: 1,866 Location: Los Angeles YaBB 2.4	Re: Fake Users Already? Reply #12 - Apr 6^th, 2012 at 3:30am
	UVT wrote on Apr 6^th, 2012 at 12:13am: Many thanks Bill. Followed your spam hack below to the T and after upload we no longer could access our board. Placed back our saved copies and forum is back live. Any idea why your changes killed the YaBB.pl access? Just to be clear, credit for this anti-spam hack should go to ggn (referenced here). I'm simply a big supporter of it because of how well it's worked for me. Edited: Edited to input the correct address for the full, and more accurate instructions for implementing ggn's anti-spam hack to stop spam bots cold! Evidently it only takes one mistake to mess up a forum. I'm only guessing, but maybe there was an error in the text that you changed. Or maybe the uploading of the edited files were uploaded in ASCII text. I think that's how those files are supposed to be uploaded. Edited: Yes, those edited files should be uploaded in ASCII - no binary. In any case, maybe you can just edit the Register.lng file, and see how that works. If that works, then one file at the time until all are uploaded. For future reference, ideally, I think one of the anti-spam mods is the best way to go if you know how to install mods, which I haven't yet learned. By the way, I'm really glad that you had backups available to use. *Very wise!*
	« Last Edit: Apr 6^th, 2012 at 7:31am by Bill Myers »
	Morning, noon, or night, have a great one! Note: Like most others, this forum doesn't allow us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.
	WWW Facebook IP Logged

Bill Myers God Member Beta Testers Offline Posts: 1,866 Location: Los Angeles YaBB 2.4	Re: Fake Users Already? Reply #13 - Apr 6^th, 2012 at 4:52am
	Regarding the possible editing mistake that you may have made, my gut is telling me that instead of typing <br /> you may have typed <br/> without the necessary space between r and /. This would be an error that could cause your forum to stop working. Unfortunately, this forum doesn't allow us to make corrections or updates to our posts, so I'm not able to more correctly describe in this post what might help to make things more clear. Edited: Edited to update a post address here in this forum that has better information. As such, please make a careful note of the following code so that you can duplicate it exactly as it should be written: Code 'casewarning' => 'Please type exactly what text appears in the image.<br />The characters must be typed in the same order,<br />and they are case-sensitive.', Change to: 'casewarning' => 'Please type exactly what text appears in the image,<br />without the first two and last two characters.<br />The characters must be typed in the same order,<br />and they are case-sensitive.', By the way, subsequent to the editing that I did with this anti-spam hack, I decided I wanted to add bold type to without the first two and last two characters. I did this so people could see this important instruction better. If you want bold to show up, then the following text is what you'll want to use: Code 'casewarning' => 'Please type exactly what text appears in the image,<br /><strong>without the first two and last two characters.</strong><br />The characters must be typed in the same order,<br />and they are case-sensitive.', The result of the code below will be as follows on the registration page: Your Verification Code is: Please type exactly what text appears in the image, without the first two and last two characters. The characters must be typed in the same order, and they are case-sensitive. Good luck. Edited: Edited to add an update code with an explanation.
	« Last Edit: Apr 6^th, 2012 at 5:23pm by Bill Myers »
	Morning, noon, or night, have a great one! Note: Like most others, this forum doesn't allow us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.
	WWW Facebook IP Logged

UVT YaBB Newcomer Offline Posts: 11 Location: USA	Re: Fake Users Already? Reply #14 - Apr 6^th, 2012 at 2:25pm
	Hi Bill, thanks again. Ok so we tried just the Register.lng and added the code just as it is...this is the error we got... Untrapped Error : syntax error at ./Languages/English/Register.lng line 180, near ");" Compilation failed in require at ./Sources/Subs.pl line 1660. Compilation failed in require at YaBB.pl line 147. Sorry to be a pain but this seems to not work for some reason.


	IP Logged

Page Index Toggle

Pages: [1] 2

There are no actions to perform.

‹ Previous Topic | Next Topic ›

« Board Index ‹ Board Top

Top

YaBB Chat and Support Community » Powered by YaBB 2.6.11!
YaBB Forum Software © 2000-2016. All Rights Reserved.

Valid XHTML

Valid CSS

Powered by Perl

Source Forge