The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
vbStopForumSpam - known spammer lookup for new registrations Details »» | |||||||||||||||||||||||||||
vbStopForumSpam - known spammer lookup for new registrations
Developer Last Online: Nov 2013
vbStopForumSpam This provides access to a RBL type system for forum admins, listing known spam IP / email / usernames. The RBL database is provided by www.stopforumspam.com. You do NOT need an API key from the website in order to access the database. only to submit data if you should wish to do so. At the point of user registration, the mod checks if the IP number / provided username / email addresses appear on a block list and can block the registration. Whilst this isnt the most perfect way to stop all forum spam, its another step that spammers have to overcome. VB4 here https://vborg.vbsupport.ru/showthrea...hreadid=230921 Its the same code, it works in 3.54 to 4.0 What it does It checks with a remote database of known forum spammers. Their IP number, email address and forum username are tested and based on your configuration, you can reject / log / accept user registrations based on what you get back. This version doesnt have - whitelisting or the ability to submit users to the database but it will within the next week. - automatic user deletion / post / PM purging. There are good tools out there already, this does something else. Instructions are included in the installation.txt file - PLEASE read it first and dont forget to actually upload the files in the upload folder, otherwise it WILL kill your registration progress and you wont see the log file options in admincp. You do not need to download the product-vbstopforumspam-3.54.xml file unless you are using a vBulletin version older than 3.6.0 Changes to vB - 3 new database tables - 2 database table alternations - No new templates. - 2 Hook (register_addmember_process & register_addmember_complete) Ive tested it but had feedback that it works with versions as old as 3.6.2... Support should go back to older versions, as long as they have hook support for register_addmember_process / register_addmember_complete Known to work - tested by me - vBulletin 3.6.8 on Apache 2.2 / PHP 5.1.2 on Linux using cUrl - vBulletin 3.7 Gold on Apache 2.0 / PHP 4.4.3 on Windows without cUrl (template changes wont work on 3.7 - thats in the next version with auto template changes) For code to submit spammers to the database, check this post for code changes https://vborg.vbsupport.ru/showpost....&postcount=288 Reported in the thread to work - 3.6.1, 3.6.2, 3.6.9, 3.6.10, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.74, 3.80, 3.81, 3.82, 3.83, 3.8.4, 4.0beta3 If you have 3.54, then you can use the product-vbstopforumspam-3.54.xml file attached instead of the one in the ZIP file, which will allow older vBulletin versions to access this mods' features. I personally havent tested this version, its a user contribution, thanks to Darrell Mobley, that changes the way the XML works when imported into older versions. Installers should remember to refresh their ACP navigation window when they first install it so they can see the new log file menu item. REQUIRES MySQL 4.1.1+ Future versions - Automatic integration into vBulletin to add users to the stopForumSpam.com database from a form - Whitelisting of username / IP / email addresses - AJAX integration to allow for lookups from within the users profile - Decreased remote query count from three per user to one per user. Versions / Changes 0.1 Initial Release 0.2 pedigrees special brew birthday release. - Small security update. If you have 0.1 installed, download 0.2 and replace your existing functions_vbsfs.php with the one in the archive. It just tests to see if its running inside the VB framework before anything else. This is what happens when you code at 2am after drinking wine 0.3 - stopped it processing valid registrations twice - moved all non-function code into the plugin. Not a big one as 0.2 basically did that - fixed a typo in the log pruner that stopped it working (404) - removed unused fields from the database for people with mysql that doesnt support varchar > 255 (ie mySQL4). If you have 0.2 installed and dont need to prune your logs just yet, you dont really need to install this version but can instead wait for 1.0 unless of a massive security update. 0.4 - logs registrations that arent/wouldnt be blocked - fixed XML errors when username has a space it in - tightened up the cache so that it doesnt test a username against an email name to give a bypass result (for when a username is an email address that isnt banned where the email address is) - fixed some basic logic errors in the PHP 0.6 - Should work on PHP 4.4 now - rewrote the XML with PHP4 in mind (tested on Apache2.0/PHP 4.4.3) - Fixed a caching system where data wasnt being updated correctly which could cause a remote query when one wasnt needed - Possible false negative situation when a spammer was blocked due to SFS.com being down who then visited again when it was up but within the cache expiry time - Remote query failure when the result page isnt XML should work a bit better now. It does a very basic test for valid XML results. - Fixed log purging (again) and it should actually work properly now. - No longer requires PHP5 - The log viewer now links to a user profile when registration is allowed. v0.61 - Removed a template change that was invalid vBulletin code. The package you download will still say its 0.60 however NB : When upgrading from any version to 0.6, you must remove and then add the plugin due to changes in one of the database tables You need to have an API key from www.stopforumspam.com in order to submit data, its free and easy to get... You DONT need an API key in order to use this mod however, only to submit spammer data. Issues are - The usergroup permissions / view details etc DONT work. I jumped the gun and put the permissions controls in there before I put the code in. Please delete the includes/xml/bitfield_vbstopforumspam.xml file and rebuild your postbit Installation - Follow the instructions in the zip file, that includes upload the correct folders - ONLY download the 3.54 xml file if youre using a vbulletin version prior to 3.6.0. use this file to install the mod instead of the xml file in the zip file. Please click Installed Show Your Support
|
2 благодарности(ей) от: | ||
Nassou, rpgamersnet |
Comments |
#872
|
|||
|
|||
You dont have to disable IP checking, you can drop its threshold to 5 days or something like that.
How about posting the IP numbers youre seeing as polluted so that I can check them out. |
#873
|
|||
|
|||
Quote:
If someone finds their IP number on the database, they can remove it themselves. So far, Ive seen no one come and say "this IP is listed and shouldnt be, its Sun" - give me the IP and I can look into it but anything past that and I dont have the time to start scanning CIDR networks for something that might not even be there. You had the time to contact Sun but not stopforumspam? I am in the process of coding a reputation system for inclusion in the results but as I code the website in my spare time, its slow progress. |
#874
|
|||
|
|||
Quote:
Quote:
mine by arguing with me or acting as if you know more than people you disagree with. All you are going to accomplish is to alienate me because you disagree. So be it. I don't like your combative tone. You can't accept a different view because you are so attached to your work. You act like it is perfectly acceptable for a professional at Sun to be locked out frustrated and that he must spend time to contact a crappy database because the database is so polluted. Nonsense, IMHO. You are free to have a less respectful opinion about your potential forum members The only reason our admins (including me) got involved was because the user was kind enough to contact us (very unhappy and frustrated three times) and ask.... Why Is Your Site Blocking Us??? We apologized and disabled IP checking. I doubt we will turn it on again, and may consider de-installing the mod. False positive blocks are not acceptable to us. The Stop Forum Spam db is polluted. |
#875
|
||||||
|
||||||
That IP address 192.18.8.1 is in the StopForum database only once so a frequency filter would have prevented this from registering for site admins that are more sensitive to the risk of a "false positive"
That being said, a quick Google search on 192.18.8.1 makes it very clear that IP address, while it may be registered to Sun MicroSystems, is not being used just for business purposes. Given the multiple users that appear to be posting from that IP address to various social forums, my guess was that it is a Proxy server or shell server. Then I started looking into some of the posts: Luzhou Guestbook Spam Quote:
Quote:
Quote:
Quote:
And in case you're wondering *why* or *how* this could be happening to an IP address that is registered by Sun MicroSystems and whose employees confirm this? That is because this is a shell server that was compromised in November 2009 and access to various "Premium Accounts" on it are being sold online to spammers, including the root account. http://www.neararsan.org/karisik-pre...-t266276.html? Quote:
Quote:
That being said, it is a community of Admins. It is give and take. For the thousands of spammers that don't make it on your site (and the time you save not having to clean up their mess) we ask that you add spammers that do make it back to the database. While there are other sources of the data (honeypots, etc) If Admins deinstalled the mod every time a spammer wasn't in the database the service would shut down and the spammers will have won (oh the humanity!). The same is true for invalid IP addresses in the database (should there be any). If an admin identifies an erroneous IP, the hope is that they should report it back to Stop Forum Spam to help clean the database up for everyone. While we're working to make that an easier process (and automated validation, etc), again the time you save NOT having to clean up thousands of spammers should more than make up for the time it takes to report a false positive. |
#876
|
|||
|
|||
Do us both a favor, stop using the database and uninstall the mod because I certainly have better things to do that listen to you rant in whatever thread you decide to post in and I certainly dont have time to drop whatever Im doing to help fix your problem.
That IP looks like a real false positive, I mean, there is no way that a IP allocated to Sun could ever spam right? All those people that reported that box mustve been reporting it as part of some vindictive plan to undermine Sun. I dont like your attitude, the way that you complain in most threads and the way that you think the world owes you attention. I hope you uninstall my mod and never visit this thread again. Im sure Im not the only one that would be happier not to see you around as well. Mod of the month, 2000+ installs, and Im sure that there are a lot of happy people, some that have PMed me asking (nicely) for help, whom Ive spent hours with. You however are better off without the support of the community that attempts to help others. Next time, i suggest typing an IP into google. I mean, with your "15 years of anti-spam" experience.... I hope you dont charge by the hour... |
#877
|
|||
|
|||
Quote:
Quote:
Im going to quote this, for future reference, should imported_silkroad decide to edit his post... = |
#878
|
|||
|
|||
Pedigree, you can't win against these so-called "experts." Just because someone works at Sun doesn't make him some sort of god. The Sun IP address is being used for nefarious purposes and your plugin did EXACTLY WHAT IT'S SUPPOSED TO DO. This isn't a question of a different view, as Silkroad states... The facts speak for themselves.
|
#879
|
|||
|
|||
You can only hold your hand out to offer help so many times before something with rabies goes in for a bite. Ive had to deal with many so called "self appointed experts" before in my full time job. Having to endure someone from IBM, charging $1700 a day, coming in to provide vendor support for IBM websphere and having to show them how to do things. They are everywhere
http://www.googleisyourfriend.net/ |
#880
|
|||
|
|||
Quote:
We talked to the person directly and they are definitely a legitimate Sun employee. Pedigree can "Google for two minutes" all day long and still not be accurate. StopForumSpam blocks perfectly good people from registering. Why do you argue that point like a child with Google in your hand? |
#881
|
|||
|
|||
Quote:
Your product blocks professionals at Sun. Your "two minute Google analysis" proves nothing. We spoke directly to the Sun Employee and he is not a spammer and your software blocked him. Why argue this point? |
Thread Tools | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|