vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB4 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=251)
-   -   Spam in my new 4.2.2 Forums (https://vborg.vbsupport.ru/showthread.php?t=312051)

natsu287 06-11-2014 12:28 AM
Spam in my new 4.2.2 Forums
 
I just deleted my VB5.1.1 because of bugs, but now I installed 4.2.2 and within 10min I am starting to get spam? Help!

Please point me to #1 way to stop and block spam on VB

I enabled email verification, it's not coming in "for now" but I need to stop the spam permantly.

why does 4.2.2 have alot of spam?

Max Taxable 06-11-2014 12:44 AM
You talked about going to 3.8.8, but went with 4.2.2 instead? Version 4 is by far the most hacked and defaced vB version ever.

I wouldn't use anything above version 3.8.8, I would leave vB completely, first.

Spam proofing at link in my signature. Geez.

Read this as well.

natsu287 06-11-2014 01:21 AM
cuz the vbuelltin support staff recommended 4.2.2 over 3.8.8

K4GAP 06-11-2014 01:21 AM
Quote:
Originally Posted by natsu287 (Post 2501440)
I just deleted my VB5.1.1 because of bugs, but now I installed 4.2.2 and within 10min I am starting to get spam? Help!

Please point me to #1 way to stop and block spam on VB

I enabled email verification, it's not coming in "for now" but I need to stop the spam permantly.

why does 4.2.2 have alot of spam?
You should always think ahead when making big changes like that. Site security should be of the up most concern.

IMHO, vb 4.2.2 is what you make of it. I have zero spam as I am using the add on in MAX's signature.

natsu287 06-11-2014 01:30 AM
Quote:
Originally Posted by K4GAP (Post 2501446)
You should always think ahead when making big changes like that. Site security should be of the up most concern.

IMHO, vb 4.2.2 is what you make of it. I have zero spam as I am using the add on in MAX's signature.
which add on's are u using?

Max Taxable 06-11-2014 02:04 AM
Quote:
Originally Posted by natsu287 (Post 2501445)
cuz the vbuelltin support staff recommended 4.2.2 over 3.8.8
Of course. What would you expect?

natsu287 06-11-2014 02:11 AM
Quote:
Originally Posted by Max Taxable (Post 2501449)
Of course. What would you expect?
what does that mean?

Skyrider 06-11-2014 04:45 AM
Quote:
Originally Posted by natsu287 (Post 2501451)
what does that mean?
It means that vBulletin (the staff) would always recommend one of the latest versions. It's their product, so it makes sense :). I'm surprised they haven't mentioned vBulletin 5 though.

Disco_Stu 06-11-2014 02:07 PM
Spam in just 10 minutes?

I'm curious as to what precautions (if any) you are taking to stop spam?

Do you restrict access via htaccess? Do you update your list of banned ip's?

Is the target audience of your site the entire planet? If not do you ban specific countries via ip ranges and keep those ranges updated?

Do you monitor who is visiting your site? When I see suspicious activity I check Google for that ip and most times I find it listed on one blacklist or another. Then I immediately add it to my list of banned ip's in both the vBulletin internal list and my htaccess file as well. I maintain a list of all guest ip's and review that list throughout the day.

Do you use any security measures at the point of registration such as image verification or minimum time for the completion of the registration form? There's an excellent mod on this site for exactly that. It has stopped a large number of bots from getting on my site.

Have you removed the includes folder like you're supposed to?

What about ftp? Are you using strong passwords? Do you check server logs on a regular basis?

There are a number of mods available on this site that used together will block almost all of the spam.

Site security is a full time job. You cannot think of it as a set and forget.

natsu287 06-11-2014 02:29 PM
Quote:
Originally Posted by Disco_Stu (Post 2501496)
Spam in just 10 minutes?

I'm curious as to what precautions (if any) you are taking to stop spam?

Do you restrict access via htaccess? Do you update your list of banned ip's?
Restrict what via htacccess? How do I update my list of banned ips

Is the target audience of your site the entire planet? If not do you ban specific countries via ip ranges and keep those ranges updated?
i have not restrictied any countries yet

Do you monitor who is visiting your site? When I see suspicious activity I check Google for that ip and most times I find it listed on one blacklist or another. Then I immediately add it to my list of banned ip's in both the vBulletin internal list and my htaccess file as well. I maintain a list of all guest ip's and review that list throughout the day.
yes I monitor

Do you use any security measures at the point of registration such as image verification or minimum time for the completion of the registration form? There's an excellent mod on this site for exactly that. It has stopped a large number of bots from getting on my site.
Im using reCAPTCHA and I added a custom field, what mod do u recommended?

Have you removed the includes folder like you're supposed to?
VB only told me to remove the /install folder

What about ftp? Are you using strong passwords? Do you check server logs on a regular basis?
Yes I use powerful passwords for my Server

There are a number of mods available on this site that used together will block almost all of the spam.
Im currently using
- Rename register.php by BOP5
- Spambot Stopper - Prevent Spambots from Registering
- Ban Spiders by User Agent
(of course I installed this after I figured out I got spam

Site security is a full time job. You cannot think of it as a set and forget.
My spam has stopped for now, no spam since I installed those plugins, what do u recommended?
my answers are in bold

Disco_Stu 06-11-2014 02:32 PM
This mod will check the time taken to complete the registration form. If it's less that the minimum time you specify then it will block the registration and send you an email with the ip

https://vborg.vbsupport.ru/showthread.php?t=244746

--------------- Added [DATE]1402500937[/DATE] at [TIME]1402500937[/TIME] ---------------

To set up a banned ip list internal to vBulletin go to

Admincp>Options>User Banning Options and there you will have an option to enter a list of ip's you want to ban from your site

--------------- Added [DATE]1402501096[/DATE] at [TIME]1402501096[/TIME] ---------------

There are many options to use an htaccess file to ban users. I suggest you Google this and learn how to use htaccess files

--------------- Added [DATE]1402503887[/DATE] at [TIME]1402503887[/TIME] ---------------

--------------- Added [DATE]1402503938[/DATE] at [TIME]1402503938[/TIME] ---------------

Quote:
Originally Posted by natsu287 (Post 2501499)
my answers are in bold
I meant the install folder. NEVER remove the includes folder. My fault. This is what happens when you don't get enough sleep.:D

tpearl5 06-11-2014 05:18 PM
Quote:
Originally Posted by Disco_Stu (Post 2501501)
I meant the install folder. NEVER remove the includes folder. My fault. This is what happens when you don't get enough sleep.:D
You technically can, just make sure you put it back if you want your forum to work :)

I can vouch for spam-o-match and vb bad behavior as well.


All times are GMT. The time now is 04:54 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01128 seconds
  • Memory Usage 1,749KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (8)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (12)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete