| View previous topic :: View next topic |
| Author |
Message |
AbyssUnderground
-
Joined: 31 Dec 2004
Posts: 3855
|
 Posted: Thu Oct 27, 2005 1:21 pm Post subject: User constantly logged in... |
 |
|
Has anyone noticed that the user "ukana" is constantly logged in? For the last 3 days at least this user has been logged in EVERY time I have been and I doubt it is just coincidence.
Aprelium, this could be a bandwidth hogger or something. They must be constantly refreshing the page to stay logged in.
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
| Back to top |
   |
 |
MonkeyNation
-
Joined: 05 Feb 2005
Posts: 921
Location: Cardiff
|
| Posted: Thu Oct 27, 2005 1:35 pm Post subject: |
|
|
Lurker + Coffee?
_________________
 |
|
| Back to top |
    |
|
AbyssUnderground
-
Joined: 31 Dec 2004
Posts: 3855
|
| Posted: Thu Oct 27, 2005 1:36 pm Post subject: |
|
|
= someone with a lot of time on their hands ;-)
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
| Back to top |
|
|
Anonymoose
-
Joined: 09 Sep 2003
Posts: 2192
|
| Posted: Thu Oct 27, 2005 1:36 pm Post subject: |
|
|
Check out ukana's profile - 0 posts, all it has is a link to some spam portal on iFrance. I'd say it's a new type of spammer...
Instead of signing up and making 1 post that gets deleted and their account removed, they simply stay on the active users page and hope that their profile will get scanned when a Googlebot/whatever passes through. Starting to see more and more of this elsewhere.
_________________
"Invent an idiot proof webserver and they'll invent a better idiot..." |
|
| Back to top |
|
|
AbyssUnderground
-
Joined: 31 Dec 2004
Posts: 3855
|
| Posted: Thu Oct 27, 2005 1:38 pm Post subject: |
|
|
I reckon most of these spammers are automated signups. If aprelium put on the image varification signup it may prevent some of this. Also they should delete and ban those people who do sign up.
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
| Back to top |
|
|
Moxxnixx
-
Joined: 21 Jun 2003
Posts: 1226
Location: Florida
|
| Posted: Thu Oct 27, 2005 2:44 pm Post subject: |
|
|
Hmmm...
Check the Memberlist and you'll see dozens of *.boom.ru, *.tipotogo.com and various phentermine websites.
I also agree that Aprelium should delete/ban the obvious ones that signed up just to spam. Most of these are
hit-and-run spammers and do this to hundreds of websites. Most of them don't bother coming back anyway.
Spammers just have to analyze their logs and see where most of their referrers are coming from. |
|
| Back to top |
|
|
aprelium
-
Joined: 22 Mar 2002
Posts: 6800
|
| Posted: Thu Oct 27, 2005 3:54 pm Post subject: |
|
|
| Moxxnixx wrote: | Hmmm...
Check the Memberlist and you'll see dozens of *.boom.ru, *.tipotogo.com and various phentermine websites.
I also agree that Aprelium should delete/ban the obvious ones that signed up just to spam. Most of these are
hit-and-run spammers and do this to hundreds of websites. Most of them don't bother coming back anyway.
Spammers just have to analyze their logs and see where most of their referrers are coming from. |
It's probably high time for the autumn cleanup.
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
 |
|
AbyssUnderground
-
Joined: 31 Dec 2004
Posts: 3855
|
| Posted: Thu Oct 27, 2005 3:57 pm Post subject: |
|
|
So does that mean you will ban them then?
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
| Back to top |
|
|
aprelium
-
Joined: 22 Mar 2002
Posts: 6800
|
| Posted: Fri Oct 28, 2005 4:52 pm Post subject: |
|
|
| The Inquisitor wrote: | | So does that mean you will ban them then? |
We'll delete their accounts.
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
|
|
AbyssUnderground
-
Joined: 31 Dec 2004
Posts: 3855
|
| Posted: Fri Oct 28, 2005 5:09 pm Post subject: |
|
|
Thats a relief. We dont want them stealing bandwidth or promoting their sites.
Aprelium, did you turn on the image verification too?
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk
Last edited by AbyssUnderground on Fri Oct 28, 2005 6:00 pm; edited 1 time in total |
|
| Back to top |
|
|
Anonymoose
-
Joined: 09 Sep 2003
Posts: 2192
|
| Posted: Fri Oct 28, 2005 5:48 pm Post subject: |
|
|
If you're going to keep banging on about it, at least spell it right. Verify. Verification. Why not just leave Aprelium to get on with it?
_________________
"Invent an idiot proof webserver and they'll invent a better idiot..." |
|
| Back to top |
|
|
AbyssUnderground
-
Joined: 31 Dec 2004
Posts: 3855
|
| Posted: Fri Oct 28, 2005 6:00 pm Post subject: |
|
|
| Anonymoose wrote: | | If you're going to keep banging on about it, at least spell it right. Verify. Verification. Why not just leave Aprelium to get on with it? |
Sorry to cause a bore...
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
| Back to top |
|
|
Anonymoose
-
Joined: 09 Sep 2003
Posts: 2192
|
| Posted: Fri Oct 28, 2005 11:35 pm Post subject: |
|
|
Definitely time for a spring clean...
http://www.google.co.uk/search?q=site%3Aaprelium.com+inurl%3Aprofile+intitle%3A%22viewing+profile%22+intext%3A%22Total+posts%3A++++0%22+intext%3A%22http%22
Results 1 - 10 of about 361 from aprelium.com for inurl:profile intitle:"viewing profile" intext:"Total posts: 0" intext:"http" - and that's just the ones that the Googlebot has got round to crawling, and the ones that that particular piece of Googlefu picks up :(
I'm not familiar with phpbb, but the Snitz forum I admin requires users to be logged in to view profiles - definitely cuts down on the number of spam sign ups we have. I hate to say it, but The Inquisitors suggestion of enabling image verification looks pretty handy too.
It will be quite interesting to see what 15358 members goes down to after a good database purge...
_________________
"Invent an idiot proof webserver and they'll invent a better idiot..." |
|
| Back to top |
|
|
aprelium
-
Joined: 22 Mar 2002
Posts: 6800
|
| Posted: Sat Oct 29, 2005 9:29 am Post subject: |
|
|
Anonymoose,
The problem is PhpBB. Adminstrating a PhpBB forum with so many accounts is very difficult. For example looking for users which URL or email match with a given pattern is impossible. So we'll have to do everything using PhpMyAdmin and this is very risky.
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
|
|
AbyssUnderground
-
Joined: 31 Dec 2004
Posts: 3855
|
| Posted: Sat Oct 29, 2005 10:39 am Post subject: |
|
|
Is there no way you can implement something to block all signups that have these spam URL's in them? If we cant remove the existing ones we could at least try and stop any more from signing up.
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
| Back to top |
|
|
p3
-
Joined: 17 Jun 2005
Posts: 615
|
| Posted: Sat Oct 29, 2005 3:25 pm Post subject: |
|
|
| The Inquisitor wrote: | | Is there no way you can implement something to block all signups that have these spam URL's in them? If we cant remove the existing ones we could at least try and stop any more from signing up. |
If they used Javascript on the register page, that wouldn't be to hard.... |
|
| Back to top |
|
|
AbyssUnderground
-
Joined: 31 Dec 2004
Posts: 3855
|
| Posted: Sat Oct 29, 2005 3:44 pm Post subject: |
|
|
Then they could just turn off javascript and avoid the check... The check will need to be done on the aprelium server, probably done using PHP.
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
| Back to top |
|
|
aprelium
-
Joined: 22 Mar 2002
Posts: 6800
|
| Posted: Sun Oct 30, 2005 4:27 pm Post subject: |
|
|
| The Inquisitor wrote: | | Then they could just turn off javascript and avoid the check... The check will need to be done on the aprelium server, probably done using PHP. |
We can do it but it's like chasing a moving target. These people do not use automatic signup methods. They are real people who take the time to register and log in manually. So all of the suggested methods won't help. Manual cleaning seems to be the only effective solution against their spam.
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
|
|
AbyssUnderground
-
Joined: 31 Dec 2004
Posts: 3855
|
| Posted: Sun Oct 30, 2005 4:59 pm Post subject: |
|
|
Just as a last resort solution, can you modify the signup code so it disallows certain keywords in any of the input boxes? So if someone enters one of the spam sites then it will be disallowed. That way they might give up and not bother.
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
| Back to top |
|
|
cmxflash
-
Joined: 11 Dec 2004
Posts: 872
|
| Posted: Sun Oct 30, 2005 5:50 pm Post subject: |
|
|
| aprelium wrote: | Anonymoose,
The problem is PhpBB. Adminstrating a PhpBB forum with so many accounts is very difficult. For example looking for users which URL or email match with a given pattern is impossible. So we'll have to do everything using PhpMyAdmin and this is very risky. |
Just keep a backup of the database and it should be fine. If you screw it up, you can just replace it with the backup. |
|
| Back to top |
|
|
AbyssUnderground
-
Joined: 31 Dec 2004
Posts: 3855
|
| Posted: Sun Oct 30, 2005 5:54 pm Post subject: |
|
|
| cmxflash wrote: | | aprelium wrote: | Anonymoose,
The problem is PhpBB. Adminstrating a PhpBB forum with so many accounts is very difficult. For example looking for users which URL or email match with a given pattern is impossible. So we'll have to do everything using PhpMyAdmin and this is very risky. |
Just keep a backup of the database and it should be fine. If you screw it up, you can just replace it with the backup. |
Why didnt anyone else think of that...?
_________________
Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
| Back to top |
|
|
aprelium
-
Joined: 22 Mar 2002
Posts: 6800
|
| Posted: Mon Oct 31, 2005 10:03 am Post subject: |
|
|
| The Inquisitor wrote: | | Just as a last resort solution, can you modify the signup code so it disallows certain keywords in any of the input boxes? So if someone enters one of the spam sites then it will be disallowed. That way they might give up and not bother. |
An anti-spam system based on a Bayesian filter could help a lot (like the ones used to detect junk emails) . But writing and integrating such a system with PhpBB is not a 2-day task.
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
|
|
p3
-
Joined: 17 Jun 2005
Posts: 615
|
| Posted: Mon Oct 31, 2005 3:33 pm Post subject: |
|
|
| aprelium wrote: | | The Inquisitor wrote: | | Just as a last resort solution, can you modify the signup code so it disallows certain keywords in any of the input boxes? So if someone enters one of the spam sites then it will be disallowed. That way they might give up and not bother. |
An anti-spam system based on a Bayesian filter could help a lot (like the ones used to detect junk emails) . But writing and integrating such a system with PhpBB is not a 2-day task. |
And because of that, no one has ever done that before...
That would cut back on the number of spam sign-ups, but is the time it would take really worth it? |
|
| Back to top |
|
|
aprelium
-
Joined: 22 Mar 2002
Posts: 6800
|
| Posted: Tue Nov 01, 2005 1:52 pm Post subject: |
|
|
| p3 wrote: | And because of that, no one has ever done that before...
That would cut back on the number of spam sign-ups, but is the time it would take really worth it? |
It would also cut the number of spam (even the spam posted by "normal" users). It could also help flagging rude messages (after some training). The Bayesian filter can also be trained to put messages in the right section.
There are several discussions on PhpBB's Area 51 board (the PhpBB developers board) about that. The theory is not very difficult and one can simply adapt the algorithm already coded in SpamAssassin. But unfortunately, most PhpBB developers find it more rewarding to add minor interface enhancements than working on hidden and more challenging features like this one.
_________________
Support Team
Aprelium - http://www.aprelium.com |
|
| Back to top |
|
|
|
