Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.6 > vBulletin 3.6 Add-ons
vbStopForumSpam - known spammer lookup for new registrations Details »»
vbStopForumSpam - known spammer lookup for new registrations
Version: 0.61, by pedigree pedigree is offline
Developer Last Online: Nov 2013 Show Printable Version Email this Page

Category: Administrative and Maintenance Tools - Version: 3.6.1 Rating:
Released: 04-17-2008 Last Update: 01-26-2010 Installs: 1986
DB Changes Uses Plugins Auto-Templates
Additional Files Translations Is in Beta Stage  
No support by the author.

vbStopForumSpam

This provides access to a RBL type system for forum admins, listing known spam IP / email / usernames. The RBL database is provided by www.stopforumspam.com. You do NOT need an API key from the website in order to access the database. only to submit data if you should wish to do so.

At the point of user registration, the mod checks if the IP number / provided username / email addresses appear on a block list and can block the registration.

Whilst this isnt the most perfect way to stop all forum spam, its another step that spammers have to overcome.

VB4 here https://vborg.vbsupport.ru/showthrea...hreadid=230921
Its the same code, it works in 3.54 to 4.0


What it does

It checks with a remote database of known forum spammers. Their IP number, email address and forum username are tested and based on your configuration, you can reject / log / accept user registrations based on what you get back.

This version doesnt have
- whitelisting or the ability to submit users to the database but it will within the next week.
- automatic user deletion / post / PM purging. There are good tools out there already, this does something else.

Instructions are included in the installation.txt file - PLEASE read it first and dont forget to actually upload the files in the upload folder, otherwise it WILL kill your registration progress and you wont see the log file options in admincp. You do not need to download the product-vbstopforumspam-3.54.xml file unless you are using a vBulletin version older than 3.6.0

Changes to vB
- 3 new database tables
- 2 database table alternations
- No new templates.
- 2 Hook (register_addmember_process & register_addmember_complete)

Ive tested it but had feedback that it works with versions as old as 3.6.2... Support should go back to older versions, as long as they have hook support for register_addmember_process / register_addmember_complete

Known to work - tested by me
- vBulletin 3.6.8 on Apache 2.2 / PHP 5.1.2 on Linux using cUrl
- vBulletin 3.7 Gold on Apache 2.0 / PHP 4.4.3 on Windows without cUrl (template changes wont work on 3.7 - thats in the next version with auto template changes)

For code to submit spammers to the database, check this post for code changes
https://vborg.vbsupport.ru/showpost....&postcount=288

Reported in the thread to work
- 3.6.1, 3.6.2, 3.6.9, 3.6.10, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.74, 3.80, 3.81, 3.82, 3.83, 3.8.4, 4.0beta3


If you have 3.54, then you can use the product-vbstopforumspam-3.54.xml file attached instead of the one in the ZIP file, which will allow older vBulletin versions to access this mods' features. I personally havent tested this version, its a user contribution, thanks to Darrell Mobley, that changes the way the XML works when imported into older versions.

Installers should remember to refresh their ACP navigation window when they first install it so they can see the new log file menu item.

REQUIRES MySQL 4.1.1+

Future versions
- Automatic integration into vBulletin to add users to the stopForumSpam.com database from a form
- Whitelisting of username / IP / email addresses
- AJAX integration to allow for lookups from within the users profile
- Decreased remote query count from three per user to one per user.

Versions / Changes

0.1 Initial Release

0.2 pedigrees special brew birthday release.
- Small security update. If you have 0.1 installed, download 0.2 and replace your existing functions_vbsfs.php with the one in the archive. It just tests to see if its running inside the VB framework before anything else. This is what happens when you code at 2am after drinking wine

0.3
- stopped it processing valid registrations twice
- moved all non-function code into the plugin. Not a big one as 0.2 basically did that
- fixed a typo in the log pruner that stopped it working (404)
- removed unused fields from the database for people with mysql that doesnt support varchar > 255 (ie mySQL4). If you have 0.2 installed and dont need to prune your logs just yet, you dont really need to install this version but can instead wait for 1.0 unless of a massive security update.

0.4
- logs registrations that arent/wouldnt be blocked
- fixed XML errors when username has a space it in
- tightened up the cache so that it doesnt test a username against an email name to give a bypass result (for when a username is an email address that isnt banned where the email address is)
- fixed some basic logic errors in the PHP

0.6
- Should work on PHP 4.4 now - rewrote the XML with PHP4 in mind (tested on Apache2.0/PHP 4.4.3)
- Fixed a caching system where data wasnt being updated correctly which could cause a remote query when one wasnt needed
- Possible false negative situation when a spammer was blocked due to SFS.com being down who then visited again when it was up but within the cache expiry time
- Remote query failure when the result page isnt XML should work a bit better now. It does a very basic test for valid XML results.
- Fixed log purging (again) and it should actually work properly now.
- No longer requires PHP5
- The log viewer now links to a user profile when registration is allowed.

v0.61 - Removed a template change that was invalid vBulletin code. The package you download will still say its 0.60 however

NB : When upgrading from any version to 0.6, you must remove and then add the plugin due to changes in one of the database tables

You need to have an API key from www.stopforumspam.com in order to submit data, its free and easy to get... You DONT need an API key in order to use this mod however, only to submit spammer data.

Issues are
- The usergroup permissions / view details etc DONT work. I jumped the gun and put the permissions controls in there before I put the code in. Please delete the includes/xml/bitfield_vbstopforumspam.xml file and rebuild your postbit

Installation
- Follow the instructions in the zip file, that includes upload the correct folders
- ONLY download the 3.54 xml file if youre using a vbulletin version prior to 3.6.0. use this file to install the mod instead of the xml file in the zip file.

Please click Installed

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
2 благодарности(ей) от:
Nassou, rpgamersnet

Comments
  #922  
Old 02-06-2010, 07:08 AM
pedigree pedigree is offline
 
Join Date: Jul 2005
Posts: 370
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

What I might be able to do is leave blacklisted cache hits, in the cache for 24 or 48 hours, and "no result" hits for 30 minutes. That would help that a bit.
Reply With Quote
  #923  
Old 02-06-2010, 11:39 AM
websissy websissy is offline
 
Join Date: Sep 2003
Location: Socorro, NM USA
Posts: 42
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by pedigree View Post
What I might be able to do is leave blacklisted cache hits, in the cache for 24 or 48 hours, and "no result" hits for 30 minutes. That would help that a bit.
I don't mean to be argumentative, pedigree, but what you seem to be saying is my estimates of central database load and the percentage of queries being blocked by the local cache are wrong somehow. You're the expert. There's no denying that. But I don't see where I went wrong. With an average of 120 blocked bot registration attempts a day (1,200 bot registrations blocked in 10 days) on my site, that's an average of about 5 bot registration attempts per hour or 2.5 every 30 minutes. If those numbers are right, and based on my log file, they certainly seem to be, how can that 30 minute local cache be blocking very many bots? :erm:

I don't get it. What have I overlooked? Is the problem that bot registration attempts tend to be concentrated (and thus are much higher) at certain times of the day? Is THAT where my logic went wrong?

Thanks!
Reply With Quote
  #924  
Old 02-06-2010, 11:49 AM
denman75 denman75 is offline
 
Join Date: Aug 2006
Location: Netherlands
Posts: 228
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i just want to say thank you pedigree
its awsome ,i got it running some moths and not ONE spammer came past them dogs
big big thank you ,its a true time saver
Reply With Quote
  #925  
Old 02-06-2010, 12:33 PM
websissy websissy is offline
 
Join Date: Sep 2003
Location: Socorro, NM USA
Posts: 42
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You're right, denman. This product is an absolutely great tool.
Reply With Quote
  #926  
Old 02-07-2010, 01:06 PM
pedigree pedigree is offline
 
Join Date: Jul 2005
Posts: 370
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Searching back through logs = extending cache times but without the headache of parsing another table when I have the mechanism in place already.

Were working an the figures on about 6000 unique IPs generating 600,000 api calls per day. Most arent cached like my mod does. Im only aware of two that are, mine and First defense against spam for wordpress.

At the moment, Im concentrating on finishing the almost total recode of the website, api etc.
Reply With Quote
  #927  
Old 02-07-2010, 03:02 PM
websissy websissy is offline
 
Join Date: Sep 2003
Location: Socorro, NM USA
Posts: 42
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Okay. I get it. I think you're saying there's no need to add a log scan when you already have the cache scan working and can easily increase the cache time. Makes sense. Also makes sense to only keep not found items in the cache for 30 minutes or so but keep the found (blacklisted) items in the cache longer. Again, the goal is to reduce the central server load. Why waste its time and energy checking on a bot it rejected an hour or two ago trying to join the same site?

Gotcha. Over time, perhaps you should consider dynamically adjusting the size / duration of the local cache size based on time or the volume of requests processed by that site. That way smaller sites with lower volumes might be able to cache 24 or 48 hours of requests and drastically cut their reliance on the central server while larger / busier sites would not be penailzed because they receive more requests but might rely more heavily on the central server instead. For instance, you might cap the size of local cache at say 300 / 600 entries or 24 / 48 hours whichever came first. It's a thought.

600,000 calls per day is 25,000 calls per hour or 417 calls per minute. With that volume of requests, it's no wonder you're having DNS server outages and server/DB overload problems. I'll bet you cut that load in half by increasing the local server cache time to 12, 24 or 48 hours.

I'll bet Floris and other busy site operators like him would approve of this approach and small site guys (like me) will get better performance and less service outages too.

Good solution! Hope my thinking about this helped.
Reply With Quote
  #928  
Old 02-08-2010, 12:21 PM
ascender ascender is offline
 
Join Date: Feb 2007
Posts: 16
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by emtdbj View Post
Trying to get this working on 3.8.4 and all I get is 'invalid file specified' when trying to import it in the AdminCP. Have uploaded the files a second time with no luck. Never had any previous versions of this file installed.

Any ideas?
Exact same problem here on v3.8.4 patch level 2.

Have tried browsing to the file from my local machine as well as uploading direct from server.
Reply With Quote
  #929  
Old 02-08-2010, 12:46 PM
djbaxter djbaxter is offline
 
Join Date: Aug 2006
Location: Ottawa, Canada
Posts: 2,601
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by emtdbj View Post
Trying to get this working on 3.8.4 and all I get is 'invalid file specified' when trying to import it in the AdminCP. Have uploaded the files a second time with no luck. Never had any previous versions of this file installed.

Any ideas?
Quote:
Originally Posted by ascender View Post
Exact same problem here on v3.8.4 patch level 2.

Have tried browsing to the file from my local machine as well as uploading direct from server.
Why not try the 3.8x version? https://vborg.vbsupport.ru/showthread.php?t=222536
Reply With Quote
  #930  
Old 02-08-2010, 01:14 PM
ascender ascender is offline
 
Join Date: Feb 2007
Posts: 16
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by djbaxter View Post
Exact same problem I'm afraid. Sorry, no idea how I ended up in this thread, thanks for the heads-up.
Reply With Quote
  #931  
Old 02-09-2010, 11:59 AM
pedigree pedigree is offline
 
Join Date: Jul 2005
Posts: 370
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The 3.6 and 3.8 versions are exactly the same and the only difference between them and the 4.0 version is that the 4.0 version has a slightly different mod ID as the forums here dont allow ID duplicates.

Ive never been able to reproduce the invalid file on import as I always import

product-vbstopforumspam.xml

And I have it running myself on 3.8.4 PL2
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 05:45 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.09076 seconds
  • Memory Usage 2,327KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (3)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (2)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete