Administrative and Maintenance Tools - vbStopForumSpam - known spammer lookup for new registrations

vbStopForumSpam

This provides access to a RBL type system for forum admins, listing known spam IP / email / usernames. The RBL database is provided by www.stopforumspam.com. You do NOT need an API key from the website in order to access the database. only to submit data if you should wish to do so.

At the point of user registration, the mod checks if the IP number / provided username / email addresses appear on a block list and can block the registration.

Whilst this isnt the most perfect way to stop all forum spam, its another step that spammers have to overcome.

VB4 here https://vborg.vbsupport.ru/showthrea...hreadid=230921
Its the same code, it works in 3.54 to 4.0


What it does

It checks with a remote database of known forum spammers. Their IP number, email address and forum username are tested and based on your configuration, you can reject / log / accept user registrations based on what you get back.

This version doesnt have
- whitelisting or the ability to submit users to the database but it will within the next week.
- automatic user deletion / post / PM purging. There are good tools out there already, this does something else.

Instructions are included in the installation.txt file - PLEASE read it first and dont forget to actually upload the files in the upload folder, otherwise it WILL kill your registration progress and you wont see the log file options in admincp. You do not need to download the product-vbstopforumspam-3.54.xml file unless you are using a vBulletin version older than 3.6.0

Changes to vB
- 3 new database tables
- 2 database table alternations
- No new templates.
- 2 Hook (register_addmember_process & register_addmember_complete)

Ive tested it but had feedback that it works with versions as old as 3.6.2... Support should go back to older versions, as long as they have hook support for register_addmember_process / register_addmember_complete

Known to work - tested by me
- vBulletin 3.6.8 on Apache 2.2 / PHP 5.1.2 on Linux using cUrl
- vBulletin 3.7 Gold on Apache 2.0 / PHP 4.4.3 on Windows without cUrl (template changes wont work on 3.7 - thats in the next version with auto template changes)

For code to submit spammers to the database, check this post for code changes
https://vborg.vbsupport.ru/showpost....&postcount=288

Reported in the thread to work
- 3.6.1, 3.6.2, 3.6.9, 3.6.10, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.74, 3.80, 3.81, 3.82, 3.83, 3.8.4, 4.0beta3

If you have 3.54, then you can use the product-vbstopforumspam-3.54.xml file attached instead of the one in the ZIP file, which will allow older vBulletin versions to access this mods' features. I personally havent tested this version, its a user contribution, thanks to Darrell Mobley, that changes the way the XML works when imported into older versions.

Installers should remember to refresh their ACP navigation window when they first install it so they can see the new log file menu item.

REQUIRES MySQL 4.1.1+

Future versions
- Automatic integration into vBulletin to add users to the stopForumSpam.com database from a form
- Whitelisting of username / IP / email addresses
- AJAX integration to allow for lookups from within the users profile
- Decreased remote query count from three per user to one per user.

Versions / Changes

0.1 Initial Release

0.2 pedigrees special brew birthday release.
- Small security update. If you have 0.1 installed, download 0.2 and replace your existing functions_vbsfs.php with the one in the archive. It just tests to see if its running inside the VB framework before anything else. This is what happens when you code at 2am after drinking wine

0.3
- stopped it processing valid registrations twice
- moved all non-function code into the plugin. Not a big one as 0.2 basically did that
- fixed a typo in the log pruner that stopped it working (404)
- removed unused fields from the database for people with mysql that doesnt support varchar > 255 (ie mySQL4). If you have 0.2 installed and dont need to prune your logs just yet, you dont really need to install this version but can instead wait for 1.0 unless of a massive security update.

0.4
- logs registrations that arent/wouldnt be blocked
- fixed XML errors when username has a space it in
- tightened up the cache so that it doesnt test a username against an email name to give a bypass result (for when a username is an email address that isnt banned where the email address is)
- fixed some basic logic errors in the PHP

0.6
- Should work on PHP 4.4 now - rewrote the XML with PHP4 in mind (tested on Apache2.0/PHP 4.4.3)
- Fixed a caching system where data wasnt being updated correctly which could cause a remote query when one wasnt needed
- Possible false negative situation when a spammer was blocked due to SFS.com being down who then visited again when it was up but within the cache expiry time
- Remote query failure when the result page isnt XML should work a bit better now. It does a very basic test for valid XML results.
- Fixed log purging (again) and it should actually work properly now.
- No longer requires PHP5
- The log viewer now links to a user profile when registration is allowed.

v0.61 - Removed a template change that was invalid vBulletin code. The package you download will still say its 0.60 however

NB : When upgrading from any version to 0.6, you must remove and then add the plugin due to changes in one of the database tables

You need to have an API key from www.stopforumspam.com in order to submit data, its free and easy to get... You DONT need an API key in order to use this mod however, only to submit spammer data.

Issues are
- The usergroup permissions / view details etc DONT work. I jumped the gun and put the permissions controls in there before I put the code in. Please delete the includes/xml/bitfield_vbstopforumspam.xml file and rebuild your postbit

Installation
- Follow the instructions in the zip file, that includes upload the correct folders
- ONLY download the 3.54 xml file if youre using a vbulletin version prior to 3.6.0. use this file to install the mod instead of the xml file in the zip file.

Please click Installed

[pedigree]

one or the other depending on the version

[edward hamilton]

First I'd like to thank you for taking the time to do this while you've obviously been busy at home.

I installed this mod easily this morning. Here is an excerpt from the log.

Quote:

horoscopey 2008-09-27 10:40:29 horoscopey@ebaysweep.com 71.239.75.95 Result on field ip - 71.239.75.95 [REMOTEERR] Unverfied but allowed by policy
horoscopey 2008-09-27 10:40:29 horoscopey@ebaysweep.com 71.239.75.95 Result on field email - horoscopey@ebaysweep.com [REMOTEERR] Unverfied but allowed by policy
horoscopey 2008-09-27 10:40:29 horoscopey@ebaysweep.com 71.239.75.95 Allowed registration

I have email and username set to enabled, but left ip disabled in the admincp vsStopForumSpam settings.

Since horoscopey is the spam lists, can anyone tell me what I might be doing wrong?

[Delphiprogrammi]

Quote:

Originally Posted by edward hamilton

First I'd like to thank you for taking the time to do this while you've obviously been busy at home.

I installed this mod easily this morning. Here is an excerpt from the log.


I have email and username set to enabled, but left ip disabled in the admincp vsStopForumSpam settings.

Since horoscopey is the spam lists, can anyone tell me what I might be doing wrong?

if you see "[REMOTEERR]" the stopforumspam service is down (or something has gone wrong while checking) in this case you need to set the option to block registeration on remote connection errors.

[IC3D]

Hello.

First off, the idea of this mod is absolutely amazing. Great work.

I'm having some issues running it on version 3.7.3 Patch Level 1.

The install went smooth as butter...hooks were placed...and etc. etc.

When I went to try and 'sign up' as a new user using one of the names off that site...I got the following:

Quote:

Warning: Unknown(includes/functions_vbsfs.php): failed to open stream: No such file or directory in [path]/register.php(385) : eval()'d code on line 3

Fatal error: (null)(): Failed opening required 'includes/functions_vbsfs.php' (include_path='.:/usr/local/lib/php:/usr/local/lib/php/PEAR:/usr/local/share/pear') in /hsphere/local/home/ic3dnet/forums.ic3donline.com/register.php(385) : eval()'d code on line 3

I am just starting out in VB...so kind of not sure what to do now. Can someone please help me? Thank you...I greatly appreciate it. I'll remove the product in the mean time.

[Delphiprogrammi]

Quote:

Originally Posted by IC3D

Hello.

First off, the idea of this mod is absolutely amazing. Great work.

I'm having some issues running it on version 3.7.3 Patch Level 1.

The install went smooth as butter...hooks were placed...and etc. etc.

When I went to try and 'sign up' as a new user using one of the names off that site...I got the following:



I am just starting out in VB...so kind of not sure what to do now. Can someone please help me? Thank you...I greatly appreciate it. I'll remove the product in the mean time.

your functions_vbsfs.php is missing you need to upload this file from the zip to your vBulletin /includes directory and this error will be gone

[pedigree]

heh, thanks for

a. The feedback
b. Delphi for the helping hand. This is what happens when you take your kids out to the beach - you miss these postings

When installing vBulletin mods, there is usually an "upload" folder. There are the files that you have to upload to the (usually) root of your forum (dont upload the upload folder itself, just its contents).

While lots of modders do try to keep PHP contained within the XML product plugin, its not always possible to do so, hence the extra files.

[Madmunki]

Well done. The last day or so I have been hit really hard by forum spammer, posting some pretty explicit sexual content. I been looking at this mod the last few days, and decided to give it a try, as I GOT to do something about this damn spam! It's been a few hours now, and it has blocked & logged over 10 registrations. By looking at the log, these its apparent that these are spammers, and not legit users (e.g username of FeMaleAnimeP0Rn, etc).

Thanks a lot for this mod!

[vics]

Must be a sensitive liberal!
LOL

Quote:

Originally Posted by StepOnFrog

WOW !!! That was an unnecessarily defensive reply to my post, for which mine was just helping one user be aware of the IP dynamics of t'internet.

------- Please skip past this thread if you don't like long posts -------

Pedigree, where in my post do you think I've attacked your creation?

Apologies to any users, including yourself, Pedigree, should you believe this post is 'Threadwaste/Postwaste', but surely some of you will have got to a point with users misunderstanding the context, or entirety of the posts you make - this is one of those very moments; I am really *sick* to the back teeth of posts not being read correctly, and then someone taking their hat off at some poor user about it.

I really do not see why you have come to be so defensive from what I have written, and so, I feel I should make myself much more clearly understood...


In fact, I do not *try* to *tell* you anything about flawed systems at other locations, and I certainly do not, at any point, comment on the level of quality your MOD provides.
I haven't complained about collateral damage. I haven't complained about any of my members not being able to register due to IP blocking. I did, however, directly inform a single user that IP blocking can be a problem for board registrations, other users will read the same post and understand the same. With regards the Conact Us page, should you happen to read any of the many quality articles that other experienced Bulletin Board Admins have written (not just vB), you may come to realise that when an internet user searches, and happens to come across a website, if the information they are seeking is not within the first several clicks, they are more likely to move onto another website; Contact Us, is no guarantee that you will keep a customer in your shop, so to speak. (this is not a criticism to your post, btw).
Now, that part of your post was, IMO, the only constructive part, in response to my post. Although, looking through your MOD listing description, at no point do you mention any switching of IP blocking facility, or any facilities, as I come to read the description again; only after looking at the second attached screenshot, do I spot a selection box showing ENABLE, and then one must logically assume there is a DISBLE selection too, though, unfortunately, this fact of logic may not be readily obvious to some (honestly, there are users that just don't know, we've all come across them, and we help them).
And, this does seem quite an over-defensive response to something I haven't written; your use of "*I* can" is what pushed me to write this lengthy tome. It appears, judging from your sentence, that you believe I have somehow attempted to stop you from preventing spammers..? Sorry, I fail to see where I have restricted your use of your MOD.
I haven't said that I don't like the idea of blocking 'some poor innocent person'. And, why should I code a MOD? I had come to this MOD thread to examine your MOD, to check whether it was the product for me. I did suggest an addition, not only to your MOD, but to any MOD that attempts to prevent spamming registrations by using the points I had listed so many times before, and herein.
You really have misunderstood the suggestions I have made....
You know, as well as I, that vB sets a cookie on your system (or spambot system) each and every visit to your vB board. So, if you record the cookie with each registration, then if that registration fails and another attempt is made with the same username/email, and the cookie is different the second time round, then your vB software will know that the registration MAY be a spambot. For this suggestion to work, you must assume that people are not THICK, and that they will try registering again within the same cookie session, should their first attempt 'balls up', somehow. Ergo, humans register and reregister in the same cookie session, whereas spambots go away and come back later to try again.
Exactly! So, why be so defensive?
It's nice to know some people care, and know perfectly well what they're on about...!

But, aside from clearing any misunderstandings, I would really like to hear your views on the suggestions I've provided, ie. the failed spambot registrations due to the image verification process.

I hope this has made things much clearer. However, please do not hesitate to contact me with regards any of the above.

Yours,

;-D

[unicorn2433]

nevermind ... found my answer

[pedigree]

you have to love liberals, makes the world a funnier place

unicorn - Im glad

Madmunki - thanks Its always good to hear positive feedback, unlike liberals