just curious and will let to hear what you guy used to prevent spam and hack attempt
for spam attempt i find a few good one here like spam o matic but for hack the only few i knew is cloudflare then recently found zb block seem to work with php script not yet tryed so far

KeyCAPTCHA and Spam-o-matic for us...

The first one stops 99.5% of them at registration. For the .5% that do get through, we have Spam-o-matic with it's handy Quick Cleanup option to wipe out the spammer and all its posts, pm's, etc. with a couple of clicks :)

yes same here i just added them today as well using the free version one keycaptcha
for spam o matic i just started using but i did see it blocking some spam post which was good

some update regard the zb block i just installed finally manage to install it today ,well it does block alot so maybe it include some inoccent user i didnt yet to knew to config it fully but for those who looking some free script firewall i think it a good alt for dnp firewall as zb block still updating often

We use these:

A series of 6 random Q&A Human Verification Options (industry related to forum purpose)
VB Bad Behavior (checks for mischievous scripts)
Spambot Stopper (if a bot fills it out too fast, it will reject)
Glowhost Spam-O-Matic (Checks email and IP against known spammer blacklists. Make sure you DONT have the username checking enabled)
Mandatory custom fields (industry related, for verification)
Once email verified, they're moved to a temporary group. Then the mods manually move them to their final security group, and send them a personal welcome email. (based on membership status to our trade org)


The above tools stop 99.9% of them.

However, I'm here tonight looking for info because someone DID get through somehow. They were able to make an account without answering the mandatory profile fields, and I'm baffled at how this was possible. Any ideas? I checked all the files and none were suspect, I repaired/optimized tables, have didnt see anything odd in the server logs. This one has be concerned and puzzled. The IP was from Spain and their email, account name, and ip are not on stopforumspam.com

It has to have been by direct injection then!, you must have a suspect or insecure php script or a query that hasn't been cleaned which has allowed sql injection but it's odd to only have one???

I'm keeping a watchful eye on it, because that's what I'm worried about. Anything I have added is a current version.

That doesn't mean to say that things have been escaped or cleaned properly in the coding!

A series of 6 random Q&A Human Verification Options (industry related to forum purpose)
VB Bad Behavior (checks for mischievous scripts)
Spambot Stopper (if a bot fills it out too fast, it will reject)
Glowhost Spam-O-Matic (Checks email and IP against known spammer blacklists. Make sure you DONT have the username checking enabled)
Mandatory custom fields (industry related, for verification)
Once email verified, they're moved to a temporary group. Then the mods manually move them to their final security group, and send them a personal welcome email. (based on membership status to our trade org)

just my opinion it better to add more random question if you use question alone without captcha ,but that are nice list out there for defend against spam ,well even vbulletin is secure and tested against variety of attack it still better to add one or two defend for hacking attempt as well


Mandatory custom fields (industry related, for verification)
Once email verified, they're moved to a temporary group. Then the mods manually move them to their final security group, and send them a personal welcome email. (based on membership status to our trade org)

sound like nice trick that i can consider trying to add to my forum as well i think you did pretty much well on defend against spam but there will still be cases when pple do the spamming manaully by hand for those who didnt have the tool so one or two case of bypass is normal so no worry bro :)


not sure if it useful but so far i follow some tip in removing forum version as people will check for specific possible attempt on google depend on your version ,and secondly i changes the admin and mod cp path

I thought captcha was beat last year, and no longer used? Did they fix that/improve it?

The rotation of Q&A are industry related to the purpose of the forum. It's unlikely that a spammer would know any of the correct answers. :)

I havent had any other mysterious accounts yet, from the above concern, but will be keeping an eye on it. There are remnants of a couple old scripts with some files left behind, which I will purge today - just in case one of those is the culprit.

I thought captcha was beat last year, and no longer used? Did they fix that/improve it?

yes i read some news regard it as well but i then i just added it for extra defense

reCaptcha (the one where you have to re-type a couple of random words) = yep, has been hacked some time ago.

KeyCaptcha (where you have to assemble a jigsaw puzzle of a random picture) to my knowledge hasn't been hacked yet. It's not a built in part of the human verification of VB like reCaptcha however... you have to sign up on the KeyCaptcha website to get your keys, then install the add-on. So far it seems to be working pretty well :)

I think I may have a clue how the individual registered without answering the mandatory field questions. I believe they used ForumRunner to complete the registration.

I have since disabled ForumRunners ability to allow registrations.

There is also a mysterious entry in the server error log at the same minute of the registration, which is raising an eyebrow. I believe this is a reference to spambot stopper from KH99, and its check of new registrations.

[02-Aug-2013 15:42:10] PHP Fatal error: Call to undefined function kh99_sbs_process() in /home/??blankedout??/public_html/forumrunner/include/login.php(386) : eval()'d code on line 8

Harmless error?