Is there anything specific on a site/forum that attracts spammers so much?

Discussion in 'Networking & Security' started by Red Squirrel, Aug 11, 2010.

  1. Red Squirrel

    Red Squirrel [H]ardForum Junkie

    Messages:
    9,211
    Joined:
    Nov 29, 2009
    My first site, which I still somewhat maintain, is a typical tech site with articles, a forum, and news postings from other sites that send mail to my news@ address. It's been around for almost 10 years.

    At one point, it got so infiltrated with spammers, I had to shut down forum registrations until I could get around to figuring something out. I'd wake up in the morning to find out the forum has been flooded with 100's of spam posts, all nonsense posts like thousands of links, or porno pictures etc. The site pretty much died off due to this.

    Anyway I decided it was time to revive that site. I made it so new users who register do not show up in the members list, or latest user (as to not clutter with names like fjds802th0yfy) and when they post, they can see their own post, but nobody else can. Their post does not show up in latest post, or any of those areas on the forum. When I go on the forum, if there's posts pending approval I see a list, and I can allow/deny. If I hit allow, then it lets it through, and further posts from that member will be allowed - at least till spammers figure this out, and make their first post legit, then I'll have to keep them in a validate status longer. If I hit deny, it deletes every post and thread (which are not yet visible to public) by that user, and deletes that user. Nobody ever saw the spam, so it was ineffective, which is the goal here.

    I opened registrations tonight and already got two spammers and I deleted their accounts right away since I happened to be in the admin cp. My system works, and nobody saw the spam. But point is, by tomorrow I'll probably have like 100 posts to validate.

    Is there anything specific on a website that makes it so attractive to spammers? Or is it just one of the downfalls of being highly visible on Google? (lot of common search terms lead to the site)

    It has not been updated in years, I'm wondering if just coding it from scratch, and giving it a new layout and general overhaul would do any good. I'm wondering if spammers keep a list of "run down" sites as targets, or something.
     
    Last edited by a moderator: Aug 11, 2010
  2. Berg0

    Berg0 [H]ard|Gawd

    Messages:
    1,038
    Joined:
    May 16, 2005
    use captchas on all web forms and don't use mailto: links, they get crawled and added to spam lists.
     
  3. Red Squirrel

    Red Squirrel [H]ardForum Junkie

    Messages:
    9,211
    Joined:
    Nov 29, 2009
    Yep I use captchas and don't use mailto links, though they are very generic, OCR enabled bots probably just read them. I need to make them more complicated but still easy on humans. I hate sites with captchas that are nearly impossible to read.

    I was thinking of maybe using audio captchas, but not everyone is in a situation to be able to use sound (ex: at work). May need to use a combination of things. Visual captcha, audio captcha, question, and maybe some weird process, like uploading a specific file or something. Don't want to make it TOO complicated either or some people might just get turned off by the process.
     
  4. limitedaccess

    limitedaccess [H]ardness Supreme

    Messages:
    7,479
    Joined:
    May 10, 2010
    Not sure if this will help, and some people probably hate it, but perhaps use a e-mail verification system that denies free/public services and combine that with manually approving new members?
     
  5. GJSNeptune

    GJSNeptune [H]ardForum Junkie

    Messages:
    12,377
    Joined:
    Mar 31, 2004
    Captchas can deter legitimate users as much as they deter spammers. If you're faced with a captcha to use the search function, or every time you want to post, it makes you lose interest. If you got a captcha to register, not a big deal. Mainly a one-time event.

    maw once told me about a simple trick to avoid spammers on his site. I don't know if it blocks all unwanted activity, but it should prevent a great deal of it. All you do is insert a hidden form input and hide it further with CSS. Only a bot will see it and fill it out. When you process the form, check for a value in that input. If it isn't blank, discard the form data.

    Something like this:
     
  6. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    We were getting pretty swamped over at Speedguide.Net....each morning I'd have at least 6-10 spammers to ban and delete their posts.

    I stumbled across this tool last January and had Philip implement the plugin for VBulletin..
    http://www.stopforumspam.com/

    It really helped! Down to like 1-2 per day...and on some days we'd get no spammers.
     
  7. cyr0n_k0r

    cyr0n_k0r [H]ardness Supreme

    Messages:
    5,358
    Joined:
    Mar 30, 2001
    just block all IP's from eastern Europe, Russia, and China. Problem solved.
     
  8. ElvisG

    ElvisG Limp Gawd

    Messages:
    326
    Joined:
    Sep 1, 2005
    I setup some code from phpbb that is called VIP on our forums. I put the numbered code on the front page of the website that all new registrations have to put and I haven't seen a bot in years. It's basically a Q & A response. You can put whatever question you want like "What is 2 + 2 or what is the numbered code on the front of the website?". The only thing about it is that the answer has to be one string like "4664 or dog" not like "who da man, 44 88, etc".

    Since the bots are not human they can't read and form logic. They only output what is programmed into it.
     
  9. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    The problem with the human verification codes....the spammers realize that a long long time ago. >50% of the spam is from humans now, so they fly right through the human tests.

    The common spam we see now is....someone will sign up and make several very generic posts...usually replying in existing threads. Then a few days later..they return, edit their signature and add affiliate links, or edit the posts they made and add links.
     
  10. ghost6303

    ghost6303 2[H]4U

    Messages:
    2,291
    Joined:
    Jul 24, 2004
    42 or so % of spam traffic comes from the US, so problem unsolved, and you just eliminated half your user base by doing that. not to mention how easy it is to bounce off a different server to get around the block.



    that is a neat trick. i like that.
     
  11. Red Squirrel

    Red Squirrel [H]ardForum Junkie

    Messages:
    9,211
    Joined:
    Nov 29, 2009
    Wow that stop forum spam site is interesting. So basically I can submit spammers there too? So everybody submits them, so it's like a large black list? I had thought of something like that a while back, glad to see it exists. I will look into that.

    I've also been thinking of blocking all the china IPs and stuff. Most of the time the spammers do originate from there. Some of them do use US proxies, but most don't bother. Though out of those IP ranges there's always the chance of blocking legit users, such as users that might be traveling in those areas and want to go on the site.

    I also like the idea of the hidden field, that is genius.

    Thanks for all the tips.

    So far my new system is holding up though. I actually did not even get any spammers today but it's probably a slow day. The thing with this system is I still have to validate the posts, so it's still lot of work. But if I use some of these tips before they even reach my system, then it will cut down on my work and filter em out before. The hidden field could also auto ban the IP. Just have to make sure that whatever I do to hide it works in all browsers.
     
  12. Nocturnal

    Nocturnal Gawd

    Messages:
    790
    Joined:
    Jul 20, 2006
    If you use outdated forum software then that will usually attract more spam than not.
     
  13. Nocturnal

    Nocturnal Gawd

    Messages:
    790
    Joined:
    Jul 20, 2006
    I did this when I ran a forum. I blocked everything from Russia.
     
  14. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    Yeah that's the idea of StopForumSpam..it's pretty much a community maintained blacklist. And it works very well. Seriously, it makes a huuuuuge dent in your amount of daily spam.

    I notice IP ranges from spammers commonly come from Vietnam, Thailand, China, India, and the UK.
     
  15. Red Squirrel

    Red Squirrel [H]ardForum Junkie

    Messages:
    9,211
    Joined:
    Nov 29, 2009
    Hmm good point, I use an ancient version of IPB. Is this because they are spam bots that know how to circumvent certain flaws? Or it knows the name of all the fields and just sends post packets?

    What I'm getting to is, if I change stuff like the way the captcha works, rename all the fields, will that help too?

    Eventually I will upgrade, just not sure to what, yet. They charge for IPB now. I was working on a custom forum software called SquirrelBBS at one point but got busy and never finished it. It's actually a code mess, it does not use any OOP since I was new to php at the time. :eek:
     
  16. ShadowStriker

    ShadowStriker [H]ard|Gawd

    Messages:
    1,669
    Joined:
    Oct 8, 2009
    You might also want to have a look at your meta data. There are sometimes keywords that spammers look for that are common on every webpage, and target that. Considering Google lets you search for metadata now among other things like specific things inside your webpage source. :p
     
  17. Red Squirrel

    Red Squirrel [H]ardForum Junkie

    Messages:
    9,211
    Joined:
    Nov 29, 2009
    Oh wow, I have not updated mine in so long, I'll have to check.