--------------------------------------------------------------------------------------------------------------------------------------------------
In these days, it seems there is a big attack against phpBB forums.
Many fake users register, and no protection seems to work: neither captcha, nor GD's image, nor re-captcha.
I've no time to format my own solution, like an "official" MOD, but I want to share it with other people.
Anyone is welcome if able to contribute.
Name of the MOD: StopForumSpam MOD
Author: Rombo di Tuono
Description of the MOD: "StopForumSpam" Mod DISALLOWS registration to anyone with e-mail, IP, or username inserted in http://www.stopforumspam.com's blacklists
Version of the MOD: 1.0 RC1
Requirements: phpBB 3.0.x
Features:
How it works:
MOD checks for e-mail, IP and username on registration, and returns an error message if one out of three elements is in blackists, more: it adds a post in administrator's log.
[phpBB3 3.0.8 MOD] Avoid spambot attack
Moderatore: MODERATORE
- Rombo di Tuono
- Site Admin
- Messaggi: 7105
- Iscritto il: 04 lug 2007, 18:07
- Località: Seconda stella a DESTRA...
- Contatta:
- Rombo di Tuono
- Site Admin
- Messaggi: 7105
- Iscritto il: 04 lug 2007, 18:07
- Località: Seconda stella a DESTRA...
- Contatta:
Re: [phpBB3 3.0.8 MOD] Avoid spambot attack
MOD is based upon the one made by http://www.alexdoolittle.com, who owns the whole credit
I've made just some modifications, because it was generating some errors.
Now it's stable, but I suggest to add a PCA interface, and to format MOD according to standards
[videobanner]x[/videobanner]
I've made just some modifications, because it was generating some errors.
Now it's stable, but I suggest to add a PCA interface, and to format MOD according to standards
[videobanner]x[/videobanner]
- Rombo di Tuono
- Site Admin
- Messaggi: 7105
- Iscritto il: 04 lug 2007, 18:07
- Località: Seconda stella a DESTRA...
- Contatta:
Re: [phpBB3 3.0.8 MOD] Avoid spambot attack
Here is the code with instructions for the MOD
I prefer to have a check for the frequency, i.e. the number of times the element is in the blacklist, just to avoid false positives, anyway, I've set it up to THREE.
I prefer to have a check for the frequency, i.e. the number of times the element is in the blacklist, just to avoid false positives, anyway, I've set it up to THREE.
Codice: Seleziona tutto
################################################################################
##
## Mod Title: SFS Anti-Spam Registration
## Mod Author: Alex Doolittle, info@alexdoolittle.com
##
## Mod Description: This MOD adds an IP, email, and username check when
## registering using the stopforumspam.com API blacklist
## and prevents registration upon finding a match.
##
## Mod Version: 1.0.1
##
##
## Compatibility: 3.0.3, 3.0.4
##
##
## Installation Level: Easy
## Installation Time: 5 Minutes
##
## Files To Edit: 3
##
## includes/ucp/ucp_register.php
## includes/functions_user.php
## language/en/ucp.php
## language/en/acp/common.php
##
################################################################################
##
## Full support for this MOD can be obtained at:
##
## http://www.alexdoolittle.com
##
################################################################################
##
## 2009-01-18 - Version 1.0.1
## - corrected stopforumspam.com connectivity check, error log via ACP
## - added registration logging when reg is blocked, admin log via acp
## 2008-12-12 - Version 1.0.0
## - first release
##
################################################################################
##
## This mod is released under the GNU GPL v2.
##
################################################################################
##
## BEFORE ADDING THIS MOD TO YOUR FORUM, please be sure to backup ALL
## affected files.
##
################################################################################
#
#----------[ OPEN ]-------------------------------------
#
includes/ucp/ucp_register.php
#
#----------[ FIND ]-------------------------------------
#
'tz' => request_var('tz', (float) $timezone),
#
#----------[ AFTER, ADD ]-------------------------------
#
// StopForumSpam.com API, IP variable
'address' => getenv('REMOTE_ADDR'),
#
#----------[ FIND ]-------------------------------------
#
'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
#
#----------[ AFTER, ADD ]-------------------------------
#
// StopForumSpam.com API, call
'address' => array('address'),
#
#----------[ OPEN ]-------------------------------------
#
includes/functions_user.php
#
#----------[ FIND ]-------------------------------------
#
foreach ($bad_usernames as $bad_username)
{
if (preg_match('#^' . $bad_username . '$#', $clean_username))
{
return 'USERNAME_DISALLOWED';
}
}
#
#----------[ AFTER, ADD ]-------------------------------
#
// StopForumSpam.com API, Username Check
$sfs_check = stopforumspam($username, "username");
if ( $sfs_check )
{
add_log('admin', 'SFS_BLOCK_USER', $username);
return 'SFS_USERNAME_BANNED';
}
#
#----------[ FIND ]-------------------------------------
#
if ($row)
{
return 'EMAIL_TAKEN';
}
}
#
#----------[ AFTER, ADD ]-------------------------------
#
// StopForumSpam.com API, Email Check
$sfs_check = stopforumspam($email, "email");
if ( $sfs_check )
{
add_log('admin', 'SFS_BLOCK_EMAIL', $email);
return 'SFS_EMAIL_BANNED';
}
#
#----------[ FIND ]-------------------------------------
#
?>
#
#----------[ BEFORE, ADD ]------------------------------
#
// StopForumSpam.com API, IP check
function validate_address($addr)
{
// Check SFS global banlist
$sfs_check = stopforumspam($addr, "ip");
if ( $sfs_check )
{
add_log('admin', 'SFS_BLOCK_IP', $addr);
return 'SFS_IP_BANNED';
}
return false;
}
// StopForumSpam.com API connector
function stopforumspam($value, $type)
{
$sfs_request_url = "http://www.stopforumspam.com/api?$type=$value";
$sfs_doc = new DOMDocument();
if (!$sfs_doc->load($sfs_request_url))
{
// On communication error, return false and log occurence
$sfs_appears = "no";
add_log('critical', 'SFS_ERROR');
}
else
{
$sfs_appears = $sfs_doc->getElementsByTagName("appears")->item(0)->nodeValue;
//RDT added following line
$sfs_frequency = $sfs_doc->getElementsByTagName("frequency")->item(0)->nodeValue;
}
// If the data appears on the blacklist
return ($sfs_appears == "yes" && $sfs_frequency > 3) ? true : false;
// RDT added: '&& $sfs_frequency > 3'
}
#
#----------[ OPEN ]-------------------------------------
#
language/en/ucp.php
#
#----------[ FIND ]-------------------------------------
#
'SHOW_EMAIL' => 'Users can contact me by e-mail',
#
#----------[ BEFORE, ADD ]-------------------------------
#
'SFS_EMAIL_BANNED' => 'Your EMAIL is not allowed because StopForumSpam.com.',
'SFS_IP_BANNED' => 'Your IP address is not allowed because StopForumSpam.com.',
'SFS_USERNAME_BANNED' => 'Your USERNAME is not allowed because StopForumSpam.com.',
#
#----------[ OPEN ]-------------------------------------
#
language/it/ucp.php
#
#----------[ FIND ]-------------------------------------
#
'SHOW_EMAIL' => 'Rendi visibile il tuo indirizzo e-mail',
#
#----------[ BEFORE, ADD ]-------------------------------
#
'SFS_EMAIL_BANNED' => 'E-MAIL non permessa, perchè presente su StopForumSpam.com.',
'SFS_IP_BANNED' => 'IP non permesso perchè presente su StopForumSpam.com.',
'SFS_USERNAME_BANNED' => 'NOME UTENTE non permesso perchè presente su StopForumSpam.com.',
#
#----------[ OPEN ]-------------------------------------
#
language/en/acp/common.php
#
#----------[ FIND ]-------------------------------------
#
'LOG_WORD_EDIT' => '<strong>Edited word censor</strong><br />» %s',
#
#----------[ AFTER, ADD ]-------------------------------
#
'SFS_ERROR' => '<strong>Registration blacklist cannot be contacted</strong> >> %s',
'SFS_BLOCK_EMAIL' => '<strong>Known spam registration via blocked email</strong> >> %s',
'SFS_BLOCK_IP' => '<strong>Known spam registration via blocked IP</strong> >> %s',
'SFS_BLOCK_USER' => '<strong>Known spam registration via blocked username</strong> >> %s',
#
#----------[ OPEN ]-------------------------------------
#
language/it/acp/common.php
#
#----------[ FIND ]-------------------------------------
#
'LOG_WORD_EDIT' => '<strong>Censura parola modificata</strong><br />» %s',
#
#----------[ AFTER, ADD ]-------------------------------
#
'SFS_ERROR' => '<strong>La blacklist di registrazione non era disponibile</strong> >> %s',
'SFS_BLOCK_EMAIL' => '<strong>Registrazione spam tramite email bloccata</strong> >> %s',
'SFS_BLOCK_IP' => '<strong>Registrazione spam tramite IP bloccato</strong> >> %s',
'SFS_BLOCK_USER' => '<strong>Registrazione spam tramite nome utente bloccato</strong> >> %s',
#
#-----[ SAVE/CLOSE ALL FILES ]--------------------------
#
# EoM
- Rombo di Tuono
- Site Admin
- Messaggi: 7105
- Iscritto il: 04 lug 2007, 18:07
- Località: Seconda stella a DESTRA...
- Contatta:
Re: [phpBB3 3.0.8 MOD] Avoid spambot attack
Since there are STILL tons of spammer, probably your administrator's log will fill in a matter of days...
When you are sure all is working, check for the three lines that begin with :"add_log('admin', 'SFS_BLOCK_" and COMMENT THEM [put "//" before "add"]
this way:
// add_log('admin', 'SFS_BLOCK_.....
When you are sure all is working, check for the three lines that begin with :"add_log('admin', 'SFS_BLOCK_" and COMMENT THEM [put "//" before "add"]
this way:
// add_log('admin', 'SFS_BLOCK_.....
phpBB3 3 0 8 MOD Avoid spambot attack
Since we were under "attack," are we at risk, and would this be a good time to change our passwords, if we havent in awhile? Or does it matter?
- Rombo di Tuono
- Site Admin
- Messaggi: 7105
- Iscritto il: 04 lug 2007, 18:07
- Località: Seconda stella a DESTRA...
- Contatta:
Re: phpBB3 3 0 8 MOD Avoid spambot attack
Upgrade your forum to PHPBB 3.2 and that's allMarvinDaf ha scritto:Since we were under "attack," are we at risk, and would this be a good time to change our passwords, if we havent in awhile? Or does it matter?