Go Back   vb.org Archive > vBulletin Modifications > vBulletin 4.x Modifications > vBulletin 4.x Add-ons

Reply
 
Thread Tools
vbStopForumSpam Details »»
vbStopForumSpam
Version: 0.61, by pedigree pedigree is offline
Developer Last Online: Nov 2013 Show Printable Version Email this Page

Category: Anti-Spam Options - Version: 4.0.0 Rating:
Released: 12-22-2009 Last Update: 12-26-2009 Installs: 1201
DB Changes Uses Plugins
Re-useable Code Additional Files  
No support by the author.

vbStopForumSpam

Mod of the month winner October 2009.... That cant be bad :up:


Apologies in advance, this is a copy of the 3.6/3.7/3.8 mod that has been verified to work in 4.0 (its so that I dont get a billion PMs asking if it works in 4.0)

This provides access to a RBL type system for forum admins, listing known spam IP / email / usernames. The RBL database is provided by www.stopforumspam.com. You do NOT need an API key from the website in order to access the database. only to submit data if you should wish to do so.

At the point of user registration, the mod checks if the IP number / provided username / email addresses appear on a block list and can block the registration.

Whilst this isnt the most perfect way to stop all forum spam, its another step that spammers have to overcome.

What it does

It checks with a remote database of known forum spammers. Their IP number, email address and forum username are tested and based on your configuration, you can reject / log / accept user registrations based on what you get back.

This version doesnt have
- whitelisting or the ability to submit users to the database but it will within the next week.
- automatic user deletion / post / PM purging. There are good tools out there already, this does something else.

Instructions are included in the installation.txt file - PLEASE read it first and dont forget to actually upload the files in the upload folder, otherwise it WILL kill your registration progress and you wont see the log file options in admincp.

Changes to vB
- 3 new database tables
- 2 database table alternations
- No new templates.
- 2 Hook (register_addmember_process & register_addmember_complete)

Ive tested it but had feedback that it works with versions as old as 3.6.2... Support should go back to older versions, as long as they have hook support for register_addmember_process / register_addmember_complete

For code to submit spammers to the database, check this post for code changes
https://vborg.vbsupport.ru/showpost....&postcount=288

Reported to work
- 3.6.1, 3.6.2, 3.6.9, 3.6.10, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.74, 3.80, 3.81, 3.82, 3.83, 3.8.4, 4.0beta3, 4.0 Gold
, 4.2pl1,2

Installers should remember to refresh their ACP navigation window when they first install it so they can see the new log file menu item.

REQUIRES MySQL 4.1.1+

There is a small mod, coded by Wired1 that will allow you to submit spammer details to the database from the admin control panel, here https://vborg.vbsupport.ru/showpost....&postcount=289 This relies 100% on javascript being enabled and makes no tests that it is enabled.

You need to have an API key from www.stopforumspam.com in order to submit data, its free and easy to get... You DONT need an API key in order to use this mod however, only to submit spammer data.

Issues are
- The usergroup permissions / view details etc DONT work. I jumped the gun and put the permissions controls in there before I put the code in. Please delete the includes/xml/bitfield_vbstopforumspam.xml file and rebuild your postbit

Installation
- Follow the instructions in the zip file, that includes the file upload the correct folders.

Please click Installed

The original thread is at https://vborg.vbsupport.ru/showthread.php?t=176481 where there is a wealth of knowledge about the mod, please ask questions in there.

Download Now

File Type: zip vbStopForumSpam_v0.61.zip (10.7 KB, 6715 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #482  
Old 01-08-2014, 10:45 AM
webmastersitesi webmastersitesi is offline
 
Join Date: Oct 2007
Location: Turkey
Posts: 103
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Itworx4me View Post
Open up product-vbstopforumspam.xml

Replace TYPE with ENGINE on line 22, 35, 45


Hope this helps.....

Itworx4me
thx i :up::up:was able to import
Reply With Quote
  #483  
Old 05-11-2014, 02:27 PM
gregmlb gregmlb is offline
 
Join Date: Dec 2007
Posts: 24
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Is anyone using this successfully with 4.2.2 PL1?
Reply With Quote
  #484  
Old 05-12-2014, 02:39 AM
Montagar Montagar is offline
 
Join Date: Jun 2011
Posts: 2
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by gregmlb View Post
Is anyone using this successfully with 4.2.2 PL1?
Yes, works fine for us.
Reply With Quote
  #485  
Old 05-12-2014, 03:06 PM
djbaxter djbaxter is offline
 
Join Date: Aug 2006
Location: Ottawa, Canada
Posts: 2,601
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Same here. Using it on 4 vb4.22pl1 forums.
Reply With Quote
  #486  
Old 06-05-2014, 10:31 PM
AusPhotography's Avatar
AusPhotography AusPhotography is offline
 
Join Date: Nov 2007
Location: Hobart & Adelaide .au
Posts: 521
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by djbaxter View Post
I can no longer recall the source either but here's what I have, adapted for vBulletin 4.x (up to and including 4.2.0 PL3).
I've updated this into a plugin, and fixed it for PHP 5.4 support (also vB4.2.2pl1)
Upload this via Admin CP - Plugins & Products - Download / Upload Plugins
Attached Files
File Type: xml vbstopforumspam_usergroup_6.xml (1.3 KB, 46 views)
Reply With Quote
Благодарность от:
djbaxter
  #487  
Old 06-18-2014, 01:31 AM
djvj djvj is offline
 
Join Date: May 2009
Posts: 45
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'm getting tons of emails a day on this addon and some legit users are not able to register:

Code:
Database error in vBulletin 4.2.2:

Invalid SQL:
INSERT INTO vbstopforumspam_log (date, ipaddress, email, username, message, blocked, userhash) VALUES (now(), '176.31.149.241' , 'kyqufijuwu72@list.ru', 'CXmu', 'Result on field username - CXmu [REMOTEERR] Unverfied and rejected by policy ', 1, '74207e52630b343fb9ff43f7cdbbfece');;

MySQL Error   : MySQL server has gone away
Error Number  : 2006
Request Date  : Tuesday, June 17th 2014 @ 06:05:12 PM
Error Date    : Tuesday, June 17th 2014 @ 06:07:28 PM
Script        : http://www.hyperlaunch.net/forum/regist.php?do=addmember
Referrer      : http://www.hyperlaunch.net/forum/regist.php?
IP Address    : 176.31.149.241
Username      : CXmu
Classname     : vB_Database_MySQLi
MySQL Version :
It appears to be working though:
Code:
vbStopForumSpam Log Viewer (page 1/73) | There are 1,092 total log entries.
When some users try to register, they say they get a database error.
Reply With Quote
  #488  
Old 06-19-2014, 10:56 PM
AusPhotography's Avatar
AusPhotography AusPhotography is offline
 
Join Date: Nov 2007
Location: Hobart & Adelaide .au
Posts: 521
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by djvj View Post
When some users try to register, they say they get a database error.
That happens when the connection to SFS website takes longer than your MySQL connection timeout.

We reduced the CURL timeout (8 seconds I think) in the SFS plugin code to get around it.

I assume your MySQL timeout is 30 seconds which most shared hosts setup.
Reply With Quote
Благодарность от:
djvj
  #489  
Old 06-21-2014, 02:51 AM
djvj djvj is offline
 
Join Date: May 2009
Posts: 45
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks for your response AusPhotography.

So I have since uninstalled this mod for the GlowHost version and all my db/sql errors have gone away. I still get the SBS support, so I will be sticking with that plugin.

Just for reference, I did contact GoDaddy, but they would not provide details on the server's settings and said I would need to buy a VPS service at least to get access. Obviously that's not an option as the cost is far more for that vs shared hosting.
Reply With Quote
  #490  
Old 09-12-2014, 01:17 PM
Paul. Paul. is offline
 
Join Date: Mar 2007
Location: ?ire
Posts: 78
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by djvj View Post
I'm getting tons of emails a day on this addon and some legit users are not able to register:

Code:
Database error in vBulletin 4.2.2:

Invalid SQL:
INSERT INTO vbstopforumspam_log (date, ipaddress, email, username, message, blocked, userhash) VALUES (now(), '176.31.149.241' , 'kyqufijuwu72@list.ru', 'CXmu', 'Result on field username - CXmu [REMOTEERR] Unverfied and rejected by policy ', 1, '74207e52630b343fb9ff43f7cdbbfece');;

MySQL Error   : MySQL server has gone away
Error Number  : 2006
Request Date  : Tuesday, June 17th 2014 @ 06:05:12 PM
Error Date    : Tuesday, June 17th 2014 @ 06:07:28 PM
Script        : http://www.hyperlaunch.net/forum/regist.php?do=addmember
Referrer      : http://www.hyperlaunch.net/forum/regist.php?
IP Address    : 176.31.149.241
Username      : CXmu
Classname     : vB_Database_MySQLi
MySQL Version :
It appears to be working though:
Code:
vbStopForumSpam Log Viewer (page 1/73) | There are 1,092 total log entries.
When some users try to register, they say they get a database error.
Quote:
Originally Posted by AusPhotography View Post
That happens when the connection to SFS website takes longer than your MySQL connection timeout.

We reduced the CURL timeout (8 seconds I think) in the SFS plugin code to get around it.

I assume your MySQL timeout is 30 seconds which most shared hosts setup.
I get that error, too.

AusPhotography, is that a solution to the error shown?
I have emailed to get the details checked so I can use StopForumSpam.
It's working perfectly on another forum we have.
This forum is new as the previous was messed up and got deleted. It worked there, too.
Reply With Quote
  #491  
Old 04-28-2015, 12:02 PM
thincom2000 thincom2000 is offline
 
Join Date: May 2006
Location: Bronx, NY
Posts: 1,205
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Regarding the "MySQL has gone away" errors and register.php requests being tied up for 2 minutes or more...

The CURL timeout in the plugin code is 5 seconds as far as I can tell.

I think the problem is that CURL has a connection error during that 5 seconds where it can't connect to stopforumspam.com


When this happens, it is treated as a normal CURL error and falls back to file_get_contents(url), which I don't think has a timeout. file_get_contents also has trouble connecting and waits a very long time to give up (until after the MySQL link is auto-closed).

If an attacker can detect this situation on your site, they would be able to perform an attack like Slow Loris against a vBulletin forum that uses this mod. It's actually easy to "detect" this situation. SFS limits you to 20,000 API lookups per 24 hours, then blocks your IP which will also cause a CURL connection error. Using only 14 requests per minute (so not really detectable by DOS prevention), an attacker can leverage this limit and trigger file_get_contents for every registration attempt after 20,000. Since your IP is blocked, every request will wait until PHP times out. You will run out of PHP child processes, and your forum will be inaccessible. To protect yourself, you should make the following change.

In includes/functions_vbsfs.php, find and remove all of these:
Code:
if (!($pageContent = @file_get_contents($url)))
I would suggest that the author of this mod also makes this change to prevent Slow Loris attacks, or implements stream wrappers with an appropriate timeout set if support for file_get_contents(url) is still needed.
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 11:17 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06473 seconds
  • Memory Usage 2,359KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (5)bbcode_code
  • (6)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (12)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (3)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (2)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete