Spam problem: PHPFusion 6 Support

Home
Search

Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.

I've recently had literally thousands of spam messages posted as comments on my site. They have to have been generated by bots, no human could have posted so many messages.

The problem seems to be that the image validation code can be read by bots, is there any way to make it more challenging for them?

I've tried using email validation in the past, but that causes more problems than it solves. Many people who tried to register said they didn't receive the confirmation mail, and I suspect it's often ended up in people's spam bins without them noticing.

0 replies

Now they're doing my other sites....

Attempting to blacklist full range.. Anything that starts with =
61.55.
66.154.

0 replies

The same problem today... :@

0 replies

the website i'm workin on also just got attacked

what i did
- disable registration
- ban the members
- ban the ip address

the bad ip is 200.88.223.98

does anybody know how to hold the activation?
- because i need them to verify who they are
- by giving their fullname & address (for example)

Edited by HangJebat on 15-03-2007 08:19, 17 y

0 replies

Seems that alot of us are having this problem. I have the Unauthenticated Users Infusion installed, if you don't, I suggest you do. While some might slip through, my staff and I check this all day, and just today I deleted, and banned two. I might not solve the entire problem, but I'm finding that if solves most of it.

http://www.phpfusion-mods.com/forum/v...post_21642

0 replies

Until this is solved, my site will run without the link to PHPFusion.

It seems that they search for the POWERED BY link.

When there's a proper solution to this, I will put the link back on :)...

0 replies

Quote

Stefan wrote:
Until this is solved, my site will run without the link to PHPFusion.

It seems that they search for the POWERED BY link.

When there's a proper solution to this, I will put the link back on :)...

I agree, I'm going to do the same thing. I had several different sites attacked simultaneously, on two completely different servers at completely different URLs. The only thing that connects them is PHP Fusion, and the only way they could find this out with a bot is to look for the copyright message.

If the bug is fixed I'll put the link back.

Edited by tapaga on 14-03-2007 12:42, 17 y

0 replies

yes..happend to me, lol..this ppl are crazy? i desabled registration for the moment

0 replies

I have two ideas for a solution:

A) If a user tries to post a comment with 3 or more links, he/she will get a "Hell no you wont" message (or, something like that :D ), and the comment won't show.

B ) An Administrator must activate/accept the first 5 comments/Forum posts by a new user, before he/she can post like the rest of the users.

Edited by Stefan on 14-03-2007 14:46, 17 y

0 replies

Here's a few more IPs..

66.154.80.88
66.154.0.0
66.154.95.255
151.204.179.29
200.88.223.98
218.63.252.219

0 replies

69.61.55.51 - another one

0 replies

Quote

If a user tries to post a comment with 3 or more links, he/she will get a "Hell no you wont" message

I would actually like an option to ban all links in comments. None of my legitimate users ever leave links.

0 replies

Yup, loooks like crackers founded a some new bugs who allow to run a spam bots on php-f sites(thats are really big problem to default phpBB ), becouse even in few Lithuanian sites I saw today sth like:

Quote

david7416:
u74.4.379.david@cgwx.info

sarah7487:
u74.20.602.sarah@santa-clauss.info

All they had posted a spam in comments.
*On all these site were enabled the image code vertify system. :/

My option how to solve this problem is to change the files and db table variable(we did that, so we newer had sth like spam)

Edited by ozzWANTED on 14-03-2007 15:32, 17 y

0 replies

Quote

tapaga wrote:
Quote
If a user tries to post a comment with 3 or more links, he/she will get a "Hell no you wont" message

I would actually like an option to ban all links in comments. None of my legitimate users ever leave links.

You can disable links in comments:
Created new part of maincore.php - parsecbb:
there you all what will be similar with links(url and mail tags): you can change to sth like that:

Quote

<b>NOT ALLOWED</b>

It's easy to code it.

0 replies

Quote

ozzWANTED wrote:
All they had posted a spam in comments.
*On all these site were enabled the image code vertify system. :/

It change image on text.
It's obliged to help, i think so ;)

0 replies

Falk

answered 14 Mar 2007 at 02:59 PM

Super Admin

Looks like we need to change the verification image structure a bit, we'll look into it folks, no worries.

0 replies

Had one on my site as well:

200.88.223.98

Banned IP, email address and deleted user account.

Although there are no spam comments or any other spam that I can find.

Thanks for the warnings! :@

Edited by lsainsbury on 14-03-2007 16:25, 17 y

0 replies

Another: 60.244.124.101

0 replies

Falk

answered 14 Mar 2007 at 03:53 PM

Super Admin

Ok folks, if you'd like to try a new image validation routine, try this, open maincore.php, look for the validation code:

Code Download source

// Create Validation image if $vimage is set and die();
if (isset($vimage)) {
   $check_url = (isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : $_SERVER['SCRIPT_NAME']);
   if (eregi("register.php", $check_url) && preg_match("/^[0-9a-z]{32}$/", $vimage)) {
      $vres = dbquery("SELECT * FROM ".$db_prefix."vcode WHERE vcode_2='$vimage'");
      if (dbrows($vres)) {
         $vdata = dbarray($vres);
         $imf = rand(3,5); $imx = rand(15,40); $imy = rand(2,7);
         $im = ImageCreateFromJPEG("images/validate_bg.jpg");
         $tcolor = ImageColorAllocate($im, 40, 40, 40);
         Header("Content-type: image/jpeg");
         ImageString ($im, $imf, $imx, $imy, $vdata['vcode_1'], $tcolor);
         ImageJPEG($im, '', 80);
         ImageDestroy($im);
      }
   }
   die();
   break;
}

Replace the above with this code:

Code Download source

// Create Validation image if $vimage is set and die();
// colorful capcha image generator by amra (www.sumotoy.net)
$check_url = (isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : $_SERVER['SCRIPT_NAME']);
if (isset($vimage)) {
   if (eregi("register.php", $check_url) && preg_match("/^[0-9a-z]{32}$/", $vimage)) {
      function rgb_grayscale( $rgb ) {
         $color['r'] = 0.299 * $rgb['r'] + 0.587 * $rgb['g'] + 0.114 * $rgb['b'];
         $color['g'] = 0.299 * $rgb['r'] + 0.587 * $rgb['g'] + 0.114 * $rgb['b'];
         $color['b'] = 0.299 * $rgb['r'] + 0.587 * $rgb['g'] + 0.114 * $rgb['b'];
         return $color;
      }
      function rgb_complementary($rgb) {
         $color['r'] = 255 - $rgb['r'];
         $color['g'] = 255 - $rgb['g'];
         $color['b'] = 255 - $rgb['b'];
         return $color;
      }
      function rgb_rand($min=0,$max=255) {
         $color['r'] = rand($min,$max);
         $color['g'] = rand($min,$max);
         $color['b'] = rand($min,$max);
         return $color;
      }
      function rgb_create($r=0,$g=0,$b=0) {
         $color['r'] = $r;
         $color['g'] = $g;
         $color['b'] = $b;
         return $color;
      }
      function rgb_merge($lhs, $rhs ) {
         $color['r'] = ($lhs['r'] + $rhs['r']) >> 1;
         $color['g'] = ($lhs['g'] + $rhs['g']) >> 1;
         $color['b'] = ($lhs['b'] + $rhs['b']) >> 1;
         return $color;
      }
      $vres = dbquery("SELECT * FROM ".$db_prefix."vcode WHERE vcode_2='$vimage'");
      if (dbrows($vres)) {
         $vdata = dbarray($vres);
         //srand((double) microtime() * 1000000);
         $im = imagecreate(120,30);
         $strt = 0;
         $rgb = array();
         $rgb['background'] = rgb_rand(0,255);
         $rgb['foreground'] = rgb_grayscale(rgb_complementary($rgb['background']));
         if ( $rgb['foreground']['r'] > 127) {
            $strt = -127;
            $rgb['foreground'] = rgb_merge($rgb['foreground'],rgb_create(255,255,255));
            $rgb['shadow'] = rgb_merge(rgb_complementary($rgb['foreground']),rgb_create(0,0,0 ));
         } else {
            $strt = 0;
            $rgb['foreground'] = rgb_merge($rgb['foreground'],rgb_create(0,0,0));
            $rgb['shadow'] = rgb_merge(rgb_complementary($rgb['foreground']),rgb_create(255,255,255));
         }
         $color = array();
         foreach($rgb as $name => $value) {
            $color[$name] = imagecolorallocate($im,$value['r'],$value['g'],$value['b']);
         }
         imagefilledrectangle($im,0,0,120,30,$color['background']);
         for ($i = 0; $i < rand(5,9); $i++ ) {
            $x = rand(0,120);
            $y = rand(0,30);
            $f = rand(0,5);
            $c = rgb_grayscale(rgb_rand(127 - $strt,254 - $strt));
            $color[$i] = imagecolorallocate($im,$c['r'],$c['g'],$c['b']);
            imagestring($im,$f,$x,$y,$vdata['vcode_1'],$color[$i] );
         }
         $x = (120 - (ImageFontWidth(7) * strlen($vdata['vcode_1']))) >> 1;
         $y = (30 - ImageFontHeight(7)) >> 1;
         imagestring($im,7,$x + 1,$y + 1,$vdata['vcode_1'],$color['shadow'] );
         imagestring($im,7,$x,$y,$vdata['vcode_1'],$color['foreground'] );
         header('Content-type: image/png');
         imagepng($im);
         foreach($color as $name => $value) {
            imagecolordeallocate($im,$value);
         }
         ImageDestroy($im);
      }
   }
   die();
   break;
}

Please report back if this helps or not, thanks.

0 replies

I've been having the same problem, I've just implemented Digi's new code, now time will tell!

Adnan.

0 replies

Testing it...
Thanks Digi. ;)

Edited by NobNob on 14-03-2007 18:04, 17 y

0 replies

Category Forum

Official Core Support - 6

Labels

None yet

Statistics

Views 0 views
Posts 169 posts
Votes 0 votes
Topic users 55 members

0 participants

Notifications

Track thread

You are not receiving notifications from this thread.

Spam problem

169 posts

PHPFusion

Resources

Community

Development