Moho Forum

EDS wrote:you could either require mod approval if not too many people join every day(this is a serious art tool forum so people would be more apt to wait around a little bit) or if the transfer is not very long you could just shut down new membership. that last one was pretty obscene, and these are automatic programs doing it

forums that require a human for membership have a generated string of characters and automatic programs have never broken that method so its still used.

At the present time, the moderators don't have authority to approve or disapprove new memebrship. That right is held by the forum administrator.

The best solution to stop the automated posters is to require new members to validate thier email address: Since 99% of these machines can't, it prevents spam posting.

In the forum setup, the admin sets the authorisation from [none] to [user]. It can be set to [admin] but that then means the admin has to filter every application and at present, the application message system makes it not easy to obviously see a potential spammer.

I have this [user] authorisation set on my own forum and it works well.

Rhoel

Another interesting idea for blocking automated registration, that I saw today, is to add a list of simple questions; then the registrant is presented with one or two simple questions from this list. According to what I read those using this have reported zero automated spam.

Two caveats; no 'yes' or 'no' answers and have to change the list of questions once in a while.

For example "What shape is the earth?" possible answers sphere,round, circle

or maybe ..

"The sky and the ocean are generally this color"

Anyway the simpler solutions would be email validation or giving admin rights to one or two more people - I know that's scarey. When I used Ezboard back in the day you could also allow moderators to delete members, move posts etc without giving them all admin rights.

i have never come across a forum which has such a problem with spam adverts as this one


it really should be addressed immediately before the day comes when the forum is 1% genuine content and 99% shite

Is it possible to impliment an extra button for marking posts as spam? One that sits beside the quote button? It's easy to ignore the Spam threads but when they start posting inside legitamite threads it's a real problem.

Spam is posting inside mature posts of regular forum users:

http://www.lostmarble.com/forum/viewtop ... 1462#31462

Not sure if it will do any good, or if you are interested but it makes me feel a bit better. I've begun reporting the porno spam posts here

http://www.obscenitycrimes.org/complain ... on=IOCForm

Most of the others I am aware of are for search engine spam -not specifically for forum posts- I sent some anyway, just not sure if they'll do something or not (like dump their web site listings) but if you are interested ...

http://www.google.com/contact/spamreport.html
http://add.yahoo.com/fast/help/us/ysear ... searchspam

If you are aware of any other web forms that can be used to report spammers maybe list them here. Maybe I can find someone with PHP experience to create a form to submit the spam report to multiple organizations that have spam reporting forms as well as the ISP -assuming the IP info is valid. Might at least make it painful enough that they'll go elsewhere.

You can enter the domain name portion of the link being advertised or the IP in some sites to find out who owns the domain and often times contact info by using these sites.

http://www.completewhois.com/
http://www.geektools.com/qwhois.php
http://www.netdemon.net/tools.html
http://www.fr1.cyberabuse.org/whois/?page=whois_server

Obviously false WhoIs information is a violation of ICANN regulations and can be reported here and can result in them losing their domain name.

http://wdprs.internic.net/

Info on this ICANN policy can be found here http://www.icann.org/registrars/wdrp.htm

Most of us are too busy to go to war but if any of these guys annoys you enough you may consider filling out a form here and there.

This is from:
http://www.phpbb.com/phpBB/viewtopic.ph ... sc&start=0

[citation start:
It is a simple fix, but I will not post it as a regular MOD, because customization is the key here. The RegBots work by going directly to the submission of the form information, bypassing the various agreement screens by simply setting "agreed=true". Fortunately, web form variables are CasE-sEnsiTivE, so simply changing the all-lower-case name "agreed" to mixed-case will still allow manual registrations to work, but will simply present a bot's request with the COPPA form, and not make any entries into your users table.

The affected files are:

admin/admin_users.php
includes/usercp_avatar.php
includes/usercp_register.php

With a text editor, search for "agreed", and replace it with your own choice of mixed case, or even something like "IAmInAgreement". As long as all references to this variable are identical, registration and profile changes work as before... except for those trying to bypass the system.

Note to those using VI to do this on a Linux/Unix box... VI will only replace the FIRST occurance of a string on a line when using ":%s/agreed/AgReEd", and there are some instance where "agreed" occurs twice on the same line. Do the replace twice to make sure all occurances are changed.
citation end]

Maybe this is worth a try for Adminstrator, it takes about 15 minutes to try out and with a backup of the three files its undone in 5 minutes...

Jimmy

Just add image verification on user registration, PHPBB has a mod for it, Jus search for image verification
Or simply have it to were a admin has to validate new user accounts....Unless admins arent on that much, Then peeps might be waiting a while for activation.

Jus_Me wrote:Just add image verification on user registration, PHPBB has a mod for it, Jus search for image verification

IIRC that is already in place. Hackers just circumvent that and use the loopholes that are available in an unpatched version of phpBB.

Jus_Me wrote:Or simply have it to were a admin has to validate new user accounts....Unless admins arent on that much, Then peeps might be waiting a while for activation.

Well, that would be a good solution. There are forums that do this kind of ballot. However, if a hacker can enter the system without the registration procedure, this will fail as well.

Simply patch the d**n thing, Lost Marble!

Rasheed wrote:Simply patch the d**n thing, Lost Marble!

I don't think anyone is listening. We haven't had a "visitation" for a while...

There's another AS forum over at efrontier. Maybe they post over there. I haven't read anything on it because it is really hard to read... like black background with white type and NO CATEGORIES.

I hope it has skins the users can change because if the "Moho" forum becomes WHITE text on a GRAY background and I can't change it I will stop posting. I can't stand that look. Hurts my eyes...

.. REVERSED TYPE IS HARD TO READ ON SCREEN! Good Lord they did studies on it and everything! With like... scientists!

-vern

heyvern wrote:There's another AS forum over at efrontier. Maybe they post over there. I haven't read anything on it because it is really hard to read... like black background with white type and NO CATEGORIES.

I hope it has skins the users can change because if the "Moho" forum becomes WHITE text on a GRAY background and I can't change it I will stop posting. I can't stand that look. Hurts my eyes...

.. REVERSED TYPE IS HARD TO READ ON SCREEN! Good Lord they did studies on it and everything! With like... scientists!

-vern

LMFAO...."With like ....scientist"...funny

I'm new on the board but I've been a Moho owner from a couple years.

I had a lot of trouble with forum spam signups on my phpbb boards until I built my own spiffy animated captcha for the registration process. Since I installed it, I haven't had a single phoney registration. Don't know what the future holds but, for right now, it's given me a great deal of relief from the nonsense.

You can see an example of it here on my under-construction web comic site:

http://forum.changedearth.com/profile.p ... greed=true

(Look for the cute girl.)

It's basically a jpg source file for the background, a jpeg 'font' file with a grid containing the little 'buttons,' a rewritten /includes/usercp_confirm.php and the installation of a little unix utility for constructing animated gifs. It's not an official patch so it probably won't survive an upgrade without being recopied into the appropriate spots, but it really confuses the decepticons.

If any admins are interested in something similar for Lost Marble, feel free to contact me and I'll be happy to help. (Perhaps in a mutually beneficial fashion.)

Hi Vern,

I've just promoted you to moderator status. Feel free to start purging SPAM!

-Mike

YEEEEHHAAAA!!!

I think I am like the only time zone that is missed.

I bet you people will miss learning about Britney's sex life, and where to find "soft cracks"...

uh... oh grief... have to delete my own stuff now.

-vern