Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.6 > vBulletin 3.6 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
vbStopForumSpam - known spammer lookup for new registrations Details »»
vbStopForumSpam - known spammer lookup for new registrations
Version: 0.61, by pedigree pedigree is offline
Developer Last Online: Nov 2013 Show Printable Version Email this Page

Category: Administrative and Maintenance Tools - Version: 3.6.1 Rating:
Released: 04-17-2008 Last Update: 01-26-2010 Installs: 1986
DB Changes Uses Plugins Auto-Templates
Additional Files Translations Is in Beta Stage  
No support by the author.

vbStopForumSpam

This provides access to a RBL type system for forum admins, listing known spam IP / email / usernames. The RBL database is provided by www.stopforumspam.com. You do NOT need an API key from the website in order to access the database. only to submit data if you should wish to do so.

At the point of user registration, the mod checks if the IP number / provided username / email addresses appear on a block list and can block the registration.

Whilst this isnt the most perfect way to stop all forum spam, its another step that spammers have to overcome.

VB4 here https://vborg.vbsupport.ru/showthrea...hreadid=230921
Its the same code, it works in 3.54 to 4.0


What it does

It checks with a remote database of known forum spammers. Their IP number, email address and forum username are tested and based on your configuration, you can reject / log / accept user registrations based on what you get back.

This version doesnt have
- whitelisting or the ability to submit users to the database but it will within the next week.
- automatic user deletion / post / PM purging. There are good tools out there already, this does something else.

Instructions are included in the installation.txt file - PLEASE read it first and dont forget to actually upload the files in the upload folder, otherwise it WILL kill your registration progress and you wont see the log file options in admincp. You do not need to download the product-vbstopforumspam-3.54.xml file unless you are using a vBulletin version older than 3.6.0

Changes to vB
- 3 new database tables
- 2 database table alternations
- No new templates.
- 2 Hook (register_addmember_process & register_addmember_complete)

Ive tested it but had feedback that it works with versions as old as 3.6.2... Support should go back to older versions, as long as they have hook support for register_addmember_process / register_addmember_complete

Known to work - tested by me
- vBulletin 3.6.8 on Apache 2.2 / PHP 5.1.2 on Linux using cUrl
- vBulletin 3.7 Gold on Apache 2.0 / PHP 4.4.3 on Windows without cUrl (template changes wont work on 3.7 - thats in the next version with auto template changes)

For code to submit spammers to the database, check this post for code changes
https://vborg.vbsupport.ru/showpost....&postcount=288

Reported in the thread to work
- 3.6.1, 3.6.2, 3.6.9, 3.6.10, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.74, 3.80, 3.81, 3.82, 3.83, 3.8.4, 4.0beta3


If you have 3.54, then you can use the product-vbstopforumspam-3.54.xml file attached instead of the one in the ZIP file, which will allow older vBulletin versions to access this mods' features. I personally havent tested this version, its a user contribution, thanks to Darrell Mobley, that changes the way the XML works when imported into older versions.

Installers should remember to refresh their ACP navigation window when they first install it so they can see the new log file menu item.

REQUIRES MySQL 4.1.1+

Future versions
- Automatic integration into vBulletin to add users to the stopForumSpam.com database from a form
- Whitelisting of username / IP / email addresses
- AJAX integration to allow for lookups from within the users profile
- Decreased remote query count from three per user to one per user.

Versions / Changes

0.1 Initial Release

0.2 pedigrees special brew birthday release.
- Small security update. If you have 0.1 installed, download 0.2 and replace your existing functions_vbsfs.php with the one in the archive. It just tests to see if its running inside the VB framework before anything else. This is what happens when you code at 2am after drinking wine

0.3
- stopped it processing valid registrations twice
- moved all non-function code into the plugin. Not a big one as 0.2 basically did that
- fixed a typo in the log pruner that stopped it working (404)
- removed unused fields from the database for people with mysql that doesnt support varchar > 255 (ie mySQL4). If you have 0.2 installed and dont need to prune your logs just yet, you dont really need to install this version but can instead wait for 1.0 unless of a massive security update.

0.4
- logs registrations that arent/wouldnt be blocked
- fixed XML errors when username has a space it in
- tightened up the cache so that it doesnt test a username against an email name to give a bypass result (for when a username is an email address that isnt banned where the email address is)
- fixed some basic logic errors in the PHP

0.6
- Should work on PHP 4.4 now - rewrote the XML with PHP4 in mind (tested on Apache2.0/PHP 4.4.3)
- Fixed a caching system where data wasnt being updated correctly which could cause a remote query when one wasnt needed
- Possible false negative situation when a spammer was blocked due to SFS.com being down who then visited again when it was up but within the cache expiry time
- Remote query failure when the result page isnt XML should work a bit better now. It does a very basic test for valid XML results.
- Fixed log purging (again) and it should actually work properly now.
- No longer requires PHP5
- The log viewer now links to a user profile when registration is allowed.

v0.61 - Removed a template change that was invalid vBulletin code. The package you download will still say its 0.60 however

NB : When upgrading from any version to 0.6, you must remove and then add the plugin due to changes in one of the database tables

You need to have an API key from www.stopforumspam.com in order to submit data, its free and easy to get... You DONT need an API key in order to use this mod however, only to submit spammer data.

Issues are
- The usergroup permissions / view details etc DONT work. I jumped the gun and put the permissions controls in there before I put the code in. Please delete the includes/xml/bitfield_vbstopforumspam.xml file and rebuild your postbit

Installation
- Follow the instructions in the zip file, that includes upload the correct folders
- ONLY download the 3.54 xml file if youre using a vbulletin version prior to 3.6.0. use this file to install the mod instead of the xml file in the zip file.

Please click Installed

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
2 благодарности(ей) от:
Nassou, rpgamersnet

Comments
  #892  
Old 02-01-2010, 06:20 PM
JamesC70 JamesC70 is offline
 
Join Date: Jun 2007
Posts: 219
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by imported_silkroad View Post
As I said, we have disabled IP checking in this mod and may disable the entire mod if we see more false positive complaints from our user base.
It seems that you completely missed (or ignored) post #875 in this thread, where someone else took the time to research the IP in question. Post #875's author not only provided proof of spamming by that IP going back to January 18, 2010, but they also gave you the Google link so that you could see it for yourself.

Therefore, the listing for that IP in the Stop Forum Spam database is a legitimate entry. Your concerns should be taken to Stop Forum Spam, not hashed with the author of this add-on.

Also, the add-on has the capability to allow or deny registration based on whether the registering person/bot is listed in the database:

If "check database for username" is selected:
Username found in database: allow or deny registration?

If "check database for email address" is selected:
Email address found in database: allow or deny registraton?

If "check database for IP address" is selected:
IP address found in database: allow or deny registration?

Pedigree specifically wrote these options so that you could configure this add-on to settings that matter to you. If you don't want to check IP, then don't check it. Same with username or email address. It's not Pedigree's fault that you selected options that were later found to be restricting registrations to your forum.

(And personally, if someone told me they were using their employer's "internal server" to access the Internet, I'd smell a fish. Isn't the whole point of an internal server to keep it isolated from the external Internet? How did a server that is isolated from the external Internet manage to reach your forum?

All this person had to do was register from their home IP, this would get them around the Sun IP ban, and then they could use your forum from work. Unless they're a spammer who's using the Sun IP as a relay -- in which case, the database worked as intended, wouldn't you agree?)
Reply With Quote
  #893  
Old 02-02-2010, 06:08 PM
eoc_Jason's Avatar
eoc_Jason eoc_Jason is offline
 
Join Date: Dec 2001
Location: Houston, TX
Posts: 493
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

While I don't use this mod (I coded my own), I do use the stopforumspam website and have been extremely pleased with its results.

I'm actually able to catch 99.9% of the bots before I even check the SFS website. I'm not going to post exactly how because then a spammer might decide to fix their code. However I *do* double-check with the SFS website.

If a certain threshold of matches exist, the user gets auto-banned. If only one or two things match, then they go to the coppa/moderation group. In which case I look over the account manually and see what hit and make a determination from there...

I don't know why someone is whining about a SUN IP address... Is it not beyond possibility that a user's computer there has been compromised? When I worked for Verizon, there were people there that should have never been allowed to touch a computer. They would get them infected with all sorts of crap on a weekly basis (and the IT people would be cussing and swearing as they would walk down the halls)...

I often get hack attemps and port scanning from Amazon IPs... Is Amazon doing it? No... But people paying for their cloud computing services is...

*sigh*
Reply With Quote
  #894  
Old 02-03-2010, 10:03 AM
thbertram thbertram is offline
 
Join Date: Sep 2006
Location: Arkansas US
Posts: 18
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Ra (aka Silkroad, aka the Sun god) got an irate email from one potential member. So what? If your time is SO bloody valuable that you can't deal with a blocked user, why are you out here arguing whether or not this mod, and the associated database, works properly? Can't you get it through your head that an IP being used to attack our board is a BAD THING? If it wasn't for the fact that this mod did work, I wouldn't have the spare time to be out here making comments.

If I was getting spammed from an IP address, I wouldn't care if it was Sun, the White House, or Bill Gates himself, that IP would get blacklisted. I've been running this mod for about two years now and have never had a single legitimate user blocked. More than 95% of the attempts to register on my board are spammers. I have a real job and don't have time to deal with that mess. This mod has made it possible for me to do both.

Is this mod perfect? No...I know of NO software that is perfect. I would dare say that most of us do not run boards for a living. The way you talk, it's important enough for you that you're concerned, and I'd guess that you're being paid to deal with it.

It doesn't work for you? You claim to be some kind of expert...what it the solution, then? You MUST have a viable solution! If you're not part of the solution, as they say, you're part of the problem.
Reply With Quote
  #895  
Old 02-03-2010, 04:04 PM
Barteh Barteh is offline
 
Join Date: Aug 2006
Posts: 113
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Silkroad, you're mentioning "professional" and "Sun Microsystems" in every post... I'd hate to point it out but it may work the exact opposite on us mere mortals after a couple of times. Putting so much emphasis on it makes it sound like you're actually the janitor

Anyway, standard practice for "professionals" (just as with mailserver blacklisting): contact the server owner, let them know their machine has been blacklisted and may have been compromised. *They* can -and have to if they want it to operate normally- deal directly with stopforumspam.com about their machine being blacklisted. And in your case it seems that thing really has been compromised, if it were mine I'd really appreciate someone telling me.
Complaining about either the forum that runs the mod, or the mod that queries the database, doesn't do anyone any good
Reply With Quote
  #896  
Old 02-03-2010, 06:23 PM
mattyk72 mattyk72 is offline
 
Join Date: Mar 2004
Posts: 89
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Love, love, love, this mod. Installed a few weeks ago and it does a great job. Much thanks to the developer.
Reply With Quote
  #897  
Old 02-03-2010, 07:56 PM
eoc_Jason's Avatar
eoc_Jason eoc_Jason is offline
 
Join Date: Dec 2001
Location: Houston, TX
Posts: 493
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Is the http://www.stopforumspam.com/ website down for anyone else? I can't connect via web browser, ping, reverse lookup, nothing!
Reply With Quote
  #898  
Old 02-04-2010, 12:34 AM
djbaxter djbaxter is offline
 
Join Date: Aug 2006
Location: Ottawa, Canada
Posts: 2,601
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by eoc_Jason View Post
Is the http://www.stopforumspam.com/ website down for anyone else? I can't connect via web browser, ping, reverse lookup, nothing!
It's coming up normally for me.
Reply With Quote
  #899  
Old 02-04-2010, 06:39 AM
Maxima Maxima is offline
 
Join Date: Sep 2009
Posts: 15
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Me it's giving me : [REMOTEERR] Unverfied and rejected by policy

and rejecting ALL my "normal" registrations... is their server down?
Reply With Quote
  #900  
Old 02-04-2010, 08:40 AM
RitaW RitaW is offline
 
Join Date: Aug 2009
Location: Ireland
Posts: 17
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Great mod. Just installed it this morning and it's working already!
Reply With Quote
  #901  
Old 02-04-2010, 08:41 AM
pedigree pedigree is offline
 
Join Date: Jul 2005
Posts: 370
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It wasnt down but GoDaddy (who, in my opinion are the internets biggest joke) decided to drop all the DNS for our domain and restarted returning NXDOMAIN for all queries (thats Non-existent Domain)

Its not the first time they decided to randomly screw with us and we are going to move the domain reg off NoDaddy to some company that isnt sh*t (in my opinion)

Quote:
Originally Posted by Maxima View Post
Me it's giving me : [REMOTEERR] Unverfied and rejected by policy

and rejecting ALL my "normal" registrations... is their server down?
You might want to change the policy to log and accept on connection errors.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 12:17 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.07919 seconds
  • Memory Usage 2,340KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (3)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (2)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete