Go Back   vb.org Archive > vBulletin Modifications > vBulletin 4.x Modifications > vBulletin 4.x Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
vbStopForumSpam Details »»
vbStopForumSpam
Version: 0.61, by pedigree pedigree is offline
Developer Last Online: Nov 2013 Show Printable Version Email this Page

Category: Anti-Spam Options - Version: 4.0.0 Rating:
Released: 12-22-2009 Last Update: 12-26-2009 Installs: 1201
DB Changes Uses Plugins
Re-useable Code Additional Files  
No support by the author.

vbStopForumSpam

Mod of the month winner October 2009.... That cant be bad :up:


Apologies in advance, this is a copy of the 3.6/3.7/3.8 mod that has been verified to work in 4.0 (its so that I dont get a billion PMs asking if it works in 4.0)

This provides access to a RBL type system for forum admins, listing known spam IP / email / usernames. The RBL database is provided by www.stopforumspam.com. You do NOT need an API key from the website in order to access the database. only to submit data if you should wish to do so.

At the point of user registration, the mod checks if the IP number / provided username / email addresses appear on a block list and can block the registration.

Whilst this isnt the most perfect way to stop all forum spam, its another step that spammers have to overcome.

What it does

It checks with a remote database of known forum spammers. Their IP number, email address and forum username are tested and based on your configuration, you can reject / log / accept user registrations based on what you get back.

This version doesnt have
- whitelisting or the ability to submit users to the database but it will within the next week.
- automatic user deletion / post / PM purging. There are good tools out there already, this does something else.

Instructions are included in the installation.txt file - PLEASE read it first and dont forget to actually upload the files in the upload folder, otherwise it WILL kill your registration progress and you wont see the log file options in admincp.

Changes to vB
- 3 new database tables
- 2 database table alternations
- No new templates.
- 2 Hook (register_addmember_process & register_addmember_complete)

Ive tested it but had feedback that it works with versions as old as 3.6.2... Support should go back to older versions, as long as they have hook support for register_addmember_process / register_addmember_complete

For code to submit spammers to the database, check this post for code changes
https://vborg.vbsupport.ru/showpost....&postcount=288

Reported to work
- 3.6.1, 3.6.2, 3.6.9, 3.6.10, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.74, 3.80, 3.81, 3.82, 3.83, 3.8.4, 4.0beta3, 4.0 Gold
, 4.2pl1,2

Installers should remember to refresh their ACP navigation window when they first install it so they can see the new log file menu item.

REQUIRES MySQL 4.1.1+

There is a small mod, coded by Wired1 that will allow you to submit spammer details to the database from the admin control panel, here https://vborg.vbsupport.ru/showpost....&postcount=289 This relies 100% on javascript being enabled and makes no tests that it is enabled.

You need to have an API key from www.stopforumspam.com in order to submit data, its free and easy to get... You DONT need an API key in order to use this mod however, only to submit spammer data.

Issues are
- The usergroup permissions / view details etc DONT work. I jumped the gun and put the permissions controls in there before I put the code in. Please delete the includes/xml/bitfield_vbstopforumspam.xml file and rebuild your postbit

Installation
- Follow the instructions in the zip file, that includes the file upload the correct folders.

Please click Installed

The original thread is at https://vborg.vbsupport.ru/showthread.php?t=176481 where there is a wealth of knowledge about the mod, please ask questions in there.

Download Now

File Type: zip vbStopForumSpam_v0.61.zip (10.7 KB, 6715 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #372  
Old 10-30-2012, 08:27 AM
tambo's Avatar
tambo tambo is offline
 
Join Date: Aug 2008
Posts: 47
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Based on testing that I've done with this and other boards, the false-positive rate is a little too high (somewhere in the region of 20-25% of all flagged email/IPs). These figures were ascertained by conducting a cohort study where we tested people's IPs/emails and allowed them to register anyway, extracted the logfile, then followed them to see if they were ultimately banned for spamming. Obviously, your mileage may vary according to your users, but that is our experience.

If we implemented this mod on a reasonably busy board (100-150 registrations per day), we would expect to have a significant number of genuine people denied registration to our site. While the benefits may lead some to conclude that it's a sacrifice worth making, I'm a little less willing to break more eggs than necessary when making this omelette.

As a matter of good 'customer service', we would be prepared to whitelist IPs and emails from people who got in contact with us, then instruct them to try again.

I realise that others have suggested manually creating user accounts for people who fail the SFS check, but on a busy board that would eat up any labour-saving efficiencies that this mod brings. It's also impractical to be disabling and re-enabling the mod to permit people to get through.

I'm not the only one asking for this, which leads me to believe that either we're all misunderstanding the nature of the mod or that we're all seeing a fairly obvious gap - as did the original author when coding for v0.7.
Reply With Quote
  #373  
Old 10-30-2012, 06:15 PM
TheSupportForum TheSupportForum is offline
 
Join Date: Jan 2007
Posts: 1,158
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by tambo View Post
Based on testing that I've done with this and other boards, the false-positive rate is a little too high (somewhere in the region of 20-25% of all flagged email/IPs). These figures were ascertained by conducting a cohort study where we tested people's IPs/emails and allowed them to register anyway, extracted the logfile, then followed them to see if they were ultimately banned for spamming. Obviously, your mileage may vary according to your users, but that is our experience.

If we implemented this mod on a reasonably busy board (100-150 registrations per day), we would expect to have a significant number of genuine people denied registration to our site. While the benefits may lead some to conclude that it's a sacrifice worth making, I'm a little less willing to break more eggs than necessary when making this omelette.

As a matter of good 'customer service', we would be prepared to whitelist IPs and emails from people who got in contact with us, then instruct them to try again.

I realise that others have suggested manually creating user accounts for people who fail the SFS check, but on a busy board that would eat up any labour-saving efficiencies that this mod brings. It's also impractical to be disabling and re-enabling the mod to permit people to get through.

I'm not the only one asking for this, which leads me to believe that either we're all misunderstanding the nature of the mod or that we're all seeing a fairly obvious gap - as did the original author when coding for v0.7.
the problem is if you think there are false positives, then report them to their DNSBL provider, the IP address can be removed but it takes 24hr to propagate for removal
this mod is not responsible for the false positives, its the users reporting them to SFS
Reply With Quote
  #374  
Old 10-30-2012, 06:31 PM
ShannonA ShannonA is offline
 
Join Date: Apr 2002
Posts: 63
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Turned this on yesterday and it's blocked over 15,000 registrations in something less than 24 hours. (I assume many of these would have been blocked already with our human verification options, but many would have gotten through too, so this is a big plus.)

However, we've also had one real user (presumably) mail us saying he couldn't create an account. So what do you do to get a real user access?
Reply With Quote
  #375  
Old 10-30-2012, 07:49 PM
TheSupportForum TheSupportForum is offline
 
Join Date: Jan 2007
Posts: 1,158
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ShannonA View Post
Turned this on yesterday and it's blocked over 15,000 registrations in something less than 24 hours. (I assume many of these would have been blocked already with our human verification options, but many would have gotten through too, so this is a big plus.)

However, we've also had one real user (presumably) mail us saying he couldn't create an account. So what do you do to get a real user access?
its easy to get their IP removed, first of all i can help you with that PM me and i'll send you details on how to get his IP unblocked
Reply With Quote
  #376  
Old 10-30-2012, 07:54 PM
ShannonA ShannonA is offline
 
Join Date: Apr 2002
Posts: 63
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Great! Will do. (I'm currently waiting to get info on who he is back, so I can correlate that with the blocking info in the log.)
Reply With Quote
  #377  
Old 10-31-2012, 04:23 PM
Ski4People Ski4People is offline
 
Join Date: Aug 2011
Location: Italy
Posts: 12
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ShannonA View Post
Turned this on yesterday and it's blocked over 15,000 registrations in something less than 24 hours. (I assume many of these would have been blocked already with our human verification options, but many would have gotten through too, so this is a big plus.)

However, we've also had one real user (presumably) mail us saying he couldn't create an account. So what do you do to get a real user access?
I think you should use just the IP and email check, no username check, it works for me
Reply With Quote
Благодарность от:
djbaxter
  #378  
Old 10-31-2012, 04:53 PM
djbaxter djbaxter is offline
 
Join Date: Aug 2006
Location: Ottawa, Canada
Posts: 2,601
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by LukeNet View Post
I think you should use just the IP and email check, no username check, it works for me
Yes. You will get a LOT of false positives if you enable name check.
Reply With Quote
Благодарность от:
AusPhotography
  #379  
Old 10-31-2012, 06:00 PM
GamerPerfection's Avatar
GamerPerfection GamerPerfection is offline
 
Join Date: Feb 2006
Posts: 389
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I agree, only use IP and email check. never use username check.
Reply With Quote
  #380  
Old 11-02-2012, 04:32 PM
ShannonA ShannonA is offline
 
Join Date: Apr 2002
Posts: 63
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well, things worked great for a bit less than 4 days, then I started getting:
Quote:
Result on field email - XXXX@gmail.com [REMOTEERR] Unverfied but allowed by policy
And all the spam is flooding in again. What happened!?
Reply With Quote
  #381  
Old 11-02-2012, 04:37 PM
TheSupportForum TheSupportForum is offline
 
Join Date: Jan 2007
Posts: 1,158
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ShannonA View Post
Well, things worked great for a bit less than 4 days, then I started getting:

And all the spam is flooding in again. What happened!?
you need to update the api address from stopforumspam.com to api.stopforumspam.com the aapi is no longer updated from stopforumspam.com
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:35 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08097 seconds
  • Memory Usage 2,364KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (6)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (2)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (12)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (3)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (1)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete