Spam in my new 4.2.2 Forums

[natsu287]

I just deleted my VB5.1.1 because of bugs, but now I installed 4.2.2 and within 10min I am starting to get spam? Help!

Please point me to #1 way to stop and block spam on VB

I enabled email verification, it's not coming in "for now" but I need to stop the spam permantly.

why does 4.2.2 have alot of spam?

[Max Taxable]

You talked about going to 3.8.8, but went with 4.2.2 instead? Version 4 is by far the most hacked and defaced vB version ever.

I wouldn't use anything above version 3.8.8, I would leave vB completely, first.

Spam proofing at link in my signature. Geez.

Read this as well.

[natsu287]

cuz the vbuelltin support staff recommended 4.2.2 over 3.8.8

[K4GAP]

Quote:

Originally Posted by natsu287

I just deleted my VB5.1.1 because of bugs, but now I installed 4.2.2 and within 10min I am starting to get spam? Help!

Please point me to #1 way to stop and block spam on VB

I enabled email verification, it's not coming in "for now" but I need to stop the spam permantly.

why does 4.2.2 have alot of spam?

You should always think ahead when making big changes like that. Site security should be of the up most concern.

IMHO, vb 4.2.2 is what you make of it. I have zero spam as I am using the add on in MAX's signature.

[natsu287]

Quote:

Originally Posted by K4GAP

You should always think ahead when making big changes like that. Site security should be of the up most concern.

IMHO, vb 4.2.2 is what you make of it. I have zero spam as I am using the add on in MAX's signature.

which add on's are u using?

[Max Taxable]

Quote:

Originally Posted by natsu287

cuz the vbuelltin support staff recommended 4.2.2 over 3.8.8

Of course. What would you expect?

[natsu287]

Quote:

Originally Posted by Max Taxable

Of course. What would you expect?

what does that mean?

[Skyrider]

Quote:

Originally Posted by natsu287

what does that mean?

It means that vBulletin (the staff) would always recommend one of the latest versions. It's their product, so it makes sense . I'm surprised they haven't mentioned vBulletin 5 though.

[Disco_Stu]

Spam in just 10 minutes?

I'm curious as to what precautions (if any) you are taking to stop spam?

Do you restrict access via htaccess? Do you update your list of banned ip's?

Is the target audience of your site the entire planet? If not do you ban specific countries via ip ranges and keep those ranges updated?

Do you monitor who is visiting your site? When I see suspicious activity I check Google for that ip and most times I find it listed on one blacklist or another. Then I immediately add it to my list of banned ip's in both the vBulletin internal list and my htaccess file as well. I maintain a list of all guest ip's and review that list throughout the day.

Do you use any security measures at the point of registration such as image verification or minimum time for the completion of the registration form? There's an excellent mod on this site for exactly that. It has stopped a large number of bots from getting on my site.

Have you removed the includes folder like you're supposed to?

What about ftp? Are you using strong passwords? Do you check server logs on a regular basis?

There are a number of mods available on this site that used together will block almost all of the spam.

Site security is a full time job. You cannot think of it as a set and forget.

[natsu287]

Quote:

Originally Posted by Disco_Stu

Spam in just 10 minutes?

I'm curious as to what precautions (if any) you are taking to stop spam?

Do you restrict access via htaccess? Do you update your list of banned ip's?
Restrict what via htacccess? How do I update my list of banned ips

Is the target audience of your site the entire planet? If not do you ban specific countries via ip ranges and keep those ranges updated?
i have not restrictied any countries yet

Do you monitor who is visiting your site? When I see suspicious activity I check Google for that ip and most times I find it listed on one blacklist or another. Then I immediately add it to my list of banned ip's in both the vBulletin internal list and my htaccess file as well. I maintain a list of all guest ip's and review that list throughout the day.
yes I monitor

Do you use any security measures at the point of registration such as image verification or minimum time for the completion of the registration form? There's an excellent mod on this site for exactly that. It has stopped a large number of bots from getting on my site.
Im using reCAPTCHA and I added a custom field, what mod do u recommended?

Have you removed the includes folder like you're supposed to?
VB only told me to remove the /install folder

What about ftp? Are you using strong passwords? Do you check server logs on a regular basis?
Yes I use powerful passwords for my Server

There are a number of mods available on this site that used together will block almost all of the spam.
Im currently using
- Rename register.php by BOP5
- Spambot Stopper - Prevent Spambots from Registering
- Ban Spiders by User Agent
(of course I installed this after I figured out I got spam

Site security is a full time job. You cannot think of it as a set and forget.
My spam has stopped for now, no spam since I installed those plugins, what do u recommended?

my answers are in bold