Spam

Discuss general web development questions. Help others and get help from others.

Moderator: kfury77

Spam

Postby MaxD » Mon Aug 17, 2009 7:28 pm

I think the spammers must have made a technical breakthrough as there seems to be a lot of it at the moment. :D Seriously, one of my sites is being bombarded, and my usually secure mailbox on one email account isn't filtering as it has been. I'm having to manually mark mail as spam :roll: My new site launches later this year, and potentially could be a target for spammers. Any strategies anyone can suggest apart from (or in additon to :twisted: ) this one?

http://www.blockacountry.com/
Amateur web design now dabbling with php and jquery
User avatar
MaxD
 
Posts: 127
Joined: Mon Dec 18, 2006 10:05 pm
Location: UK

Re: Spam

Postby MikeyB » Tue Aug 18, 2009 11:17 am

Depends what you mean by your site being bombarded.

Sure that Block a country would stop some(most/all) of it, but what are they spamming?
I won't stop email spam at all, just block access to your entire site.
Are they spamming your forums? There are things you can do to stop forum spam, I was getting lots on my phpBB forum and stopped it all over-night with one little tweak to the registration form.

Actually, Karlis, did you get the PM I sent you about stopping the phpBB spam, or did I even send it in the end?
User avatar
MikeyB
Top Contributor
 
Posts: 511
Joined: Fri Jun 09, 2006 10:38 am
Location: UK

Re: Spam

Postby MaxD » Tue Aug 18, 2009 10:49 pm

Just deleted another 30 'registered' users, which have been flagged by my site spam filter. Its good that it catches them, its boring I have to continually delete them, and annoying that currently I don't have a faster way to 'select all/delete all' those caught. Currently spam member deletion is a twice daily chore. Banning a Country sounds drastic, but preferable to the current situ. Essentially it wouldn't make much difference to my site as its a niche one anyway.

One of my current and insistent registrants is Stelmkeet who tells me his interest is playing cards. Well my site has nothing to do with card playing, so why doesn't he get lost?

I believe they use specially designed spamming software which can often overcome captchas. Perhaps someone can buy it and find its faults. Detect its signature and block at source?
Amateur web design now dabbling with php and jquery
User avatar
MaxD
 
Posts: 127
Joined: Mon Dec 18, 2006 10:05 pm
Location: UK

Re: Spam

Postby MikeyB » Wed Aug 19, 2009 10:22 am

Captchas are easy to get round, what I did on my phpBB was put a required custom field on the registration form which is a simple maths question, something like this:
What is 7 + 2?

If they don't put the correct answer they cannot register, stopped all the spam registrations over night, was getting 15-20 every day before then.

Details of how to add custom fields can be found here: http://sn.im/qi3q7
User avatar
MikeyB
Top Contributor
 
Posts: 511
Joined: Fri Jun 09, 2006 10:38 am
Location: UK

Re: Spam

Postby MaxD » Fri Aug 21, 2009 7:23 pm

Not using phpbb, but its useful that something can be done. Its obvious though that spam filters at hostings are unable to stop it, when perhaps they should.
Amateur web design now dabbling with php and jquery
User avatar
MaxD
 
Posts: 127
Joined: Mon Dec 18, 2006 10:05 pm
Location: UK

Re: Spam

Postby chrisjlocke » Sun Aug 23, 2009 12:24 pm

The 'best' captcha I've seen (actually, one of two...) is recaptcha, and is well supported, coming with php libraries, plug-ins, etc.
http://www.recaptcha.net/

The other one is where 9 images are displayed, and you have to pick out the 4 cats, 4 rabbits, etc. Can't remember what thats called though. :(
User avatar
chrisjlocke
Top Contributor
 
Posts: 995
Joined: Mon Aug 01, 2005 4:12 pm
Location: Essex, UK

Re: Spam

Postby MikeyB » Mon Aug 24, 2009 9:50 am

chrisjlocke wrote:The other one is where 9 images are displayed, and you have to pick out the 4 cats, 4 rabbits, etc. Can't remember what thats called though. :(


Yes, I remember seeing that too, but cannot find it after a few Googles :roll:
User avatar
MikeyB
Top Contributor
 
Posts: 511
Joined: Fri Jun 09, 2006 10:38 am
Location: UK

Re: Spam

Postby syrupcore » Sun Aug 30, 2009 7:18 am

We've been using the honey pot method with really good success.

Basically a regular form input - hidden with css, not type=hidden - that should submit empty. Verbose label text to support screen readers.

the input should be set to display: none while the label should be set to visibility: hidden. Again, accessibility.
User avatar
syrupcore
Top Contributor
 
Posts: 917
Joined: Thu Jul 21, 2005 12:58 am
Location: Portland, Oregon, usa

Re: Spam

Postby MaxD » Mon Aug 31, 2009 10:26 am

Some interesting figures on spam detected on my site:
    Jan - 9 spam
    Mar 82 spam
    Jun - 209 spam
    Aug - 560 spam

Installed a captcha now and it seems to be working
Amateur web design now dabbling with php and jquery
User avatar
MaxD
 
Posts: 127
Joined: Mon Dec 18, 2006 10:05 pm
Location: UK

Re: Spam

Postby MaxD » Wed Oct 14, 2009 1:44 pm

Further to the spam debate, have recently noticed two sites which have been hacked, with one now down.

On the hosting of two of my sites, it was also recently hacked. Cpanel creators were informed of this. Apparently they kept deleting it and it kept coming back. Symptoms included browser freezing, multiple pop ups etc. At first I used task manager to close my browser, and it developed to the point that as I was closing it down, new tabs were opening. Watch out.
Amateur web design now dabbling with php and jquery
User avatar
MaxD
 
Posts: 127
Joined: Mon Dec 18, 2006 10:05 pm
Location: UK

Re: Spam

Postby MikeyB » Thu Oct 15, 2009 10:00 am

OMG that's real bad news :shock:

What was actually hacked, your forum control panel, or your actual web hosting cPanel?
User avatar
MikeyB
Top Contributor
 
Posts: 511
Joined: Fri Jun 09, 2006 10:38 am
Location: UK

Re: Spam

Postby MaxD » Thu Oct 15, 2009 7:45 pm

It was on a shared hosting, and somehow one of the passwords got compromised to a site. Described as a 'beast' the malware was being remotely controlled. Think they had to move everything to a new server. Logging into my site was when the browser problems occurred which was a pain. Everything OK again now.
Amateur web design now dabbling with php and jquery
User avatar
MaxD
 
Posts: 127
Joined: Mon Dec 18, 2006 10:05 pm
Location: UK


Return to Web Developer Talk

Who is online

Users browsing this forum: No registered users and 9 guests

cron