War on Spam is over!

[f.montoya]

At least it is for OOTP online league sites.

2nd EDIT: Explanations in posts below and wanted to attach the file here

3rd EDIT: I've added instructions for Joomla and PHPBB 3. Also revised to recommend placing the script into only the php files that run the registration process.

DontSpamMe.zip

As I said below, I hope it works for you like it has for me!

[canadiancreed]

You have nukes pointed at <insert country that does a lot of spamming>?

[f.montoya]

Quote:

Originally Posted by canadiancreed

You have nukes pointed at <insert country that does a lot of spamming>?

Lol. No, but I found a very angry individual out there who has done a helluva job compiling the goods that selectively kill off only the bad guys, so you don't have to nuke a whole country. And this guy is at it everyday! Works well for me especiall since my old .htaccess file was not doing the job. I'm still going through everything at the moment, testing things but I'm impressed nonetheless.

[kq76]

We don't get much, if any, spamming since we updated our boards, but I'd be interested nonetheless. Just to be clear, this is about pure spam, not that i-frame stuff, right?

[f.montoya]

I don't get spam either, mostly because I don't allow user registrations at all. That doesn't prevent them from visiting and filling out my webforms with garbage that I later have to filter.

Anyway, I've been trying a new .htaccess file for the past week and have noticed nothing but silence. The guy that put it together updates it religiously so whatever new crap he finds he adds to the file rather quickly. While i-frame threats are not the specific focus, securing the site from any kind of threat is.

The main idea here is that I want real visitors to have total access to my site.

Here's what the guy does in his own words...

Quote:

When I detect hostile or unwanted activity in my access logs I note the IP addresses from which these events emanated. Then I run them through specialized lookup tools to determine whether they came from residential or business computers - via an ISP, or from a web hosting company's servers, a proxy service, or from a co-located server in a data center. Since residential customers usually have dynamic or semi-static IP addresses, which are frequently changed by their ISPs, it makes no sense to block them. The next person who is assigned that IP may be a potential customer! Instead, I concentrate most of my efforts on blocking servers, which have static (non-changing) IP's. Additionally, I identify businesses with static IP's, who have compromised workstations and file servers that are controlled by hackers and spammers and which are trying to mess with my logs or my website security. With the exception of co-located and privately owned servers, almost all of these offending visitors (human and robot) come from companies that are assigned ranges of IP addresses, which are called a CIDR. Some CIDRs are very small (4 to 8 IP's), while others may include thousands of usable addresses. Once I determine that a hostile action came from a server and not an ISP, I lookup the CIDR to which it belongs and add it to a blocklist.

I'll post a copy of the .htaccess soon. I had to compile it from 4 sources but it was easier to do than I originally thought.

[Corsairs]

I'll be looking forward to this with great anticipation. We are constantly being hit by spammers. They aren't getting access to the site since all registrations have to be authorized by me, but good God it's annoying! Anything that will ward them off will be a Godsend.

[f.montoya]

Quote:

Originally Posted by Corsairs

I'll be looking forward to this with great anticipation. We are constantly being hit by spammers. They aren't getting access to the site since all registrations have to be authorized by me, but good God it's annoying! Anything that will ward them off will be a Godsend.

I've just uploaded one to your website and forum, John. email me and let me know in a few days what you think.

[canadiancreed]

Sounds similar to spamhaus or what not. Intresting.

[Corsairs]

Quote:

Originally Posted by f.montoya

I've just uploaded one to your website and forum, John. email me and let me know in a few days what you think.

Thanks Fidel! I'll be sure to report back on how this works.

[satchel]

Sounds good to me, there are constantly a few 'bots or something, lurking on my site. You said something about posting this. Is it something that others can use, who aren't on your service, FM?

[Stu]

For sites that have vbulletin an easy way to eliminate spam bots is to add a dummy question to the registration. We have something like What is 11+7? and if they enter anything but 18 it doesn't allow them to register. This is usually enough to confuse the bots enough to move on.

[Bluenoser]

I applaud your efforts, however the title of this thread coudn't be further from the truth.

The War on Spam will never be over, everytime someone creates something to stop spam, the spammers come up with another effort to get through loop holes. It's a never ending cycle.

[RchW]

Warren Spahn thanks you.

[Corsairs]

Since this morning our website has been running extremely slow. I've never experienced anything like this and have received a number of email complaints from owners. I'm guessing it has something to do with the new anti-spam protection since it was uploaded to our server overnight. Fidel, can you take a look into this?

[kq76]

Quote:

Originally Posted by canadiancreed

Sounds similar to spamhaus or what not. Intresting.

That's what I was thinking, but I couldn't remember the name. It sounds thorough, but I wonder: if this guy is that into this he could probably save a lot of time by using one of those services. EDIT: Chances are he probably knows about them, but for some reason likes his methods or results better though.

Quote:

Originally Posted by satchel

Sounds good to me, there are constantly a few 'bots or something, lurking on my site. You said something about posting this. Is it something that others can use, who aren't on your service, FM?

Keep in mind not all bots are bad. Google bots, etc help your site get noticed and indexed.

Quote:

Originally Posted by Stu

For sites that have vbulletin an easy way to eliminate spam bots is to add a dummy question to the registration. We have something like What is 11+7? and if they enter anything but 18 it doesn't allow them to register. This is usually enough to confuse the bots enough to move on.

Yeah, we did that and it worked pretty well. I read that it's not just bots that spam, that there are humans in 3rd world countries employed to spam as well. Assuming they could do basic math I made the questions about baseball. Now, mind you, they were pretty easy questions any fan should know, but I don't think we got any spam using that.

[f.montoya]

Quote:

Originally Posted by BruceM

I applaud your efforts, however the title of this thread coudn't be further from the truth.

The War on Spam will never be over, everytime someone creates something to stop spam, the spammers come up with another effort to get through loop holes. It's a never ending cycle.

In the case of OOTP online league websites, we are not on the internet to increase exposure or get our ads clicked. We simply want to enjoy a game with other members of our league without the intrusions from those with no interest in OOTP leagues other than to sell some viagra. In that sense, I'm done fighting with spammers. Will spam find a way in in the future? Well, probably, but not so soon by the the usual methods. And that's what I'm happy about.

Quote:

Originally Posted by satchel

Sounds good to me, there are constantly a few 'bots or something, lurking on my site. You said something about posting this. Is it something that others can use, who aren't on your service, FM?

Absolutely. I'll post a link soon, satchel. It's nothing more than a very well compiled .htaccess file that I had nothing to do with making. The fact that someone else takes the time to do this is very much appreciated by me. I want to make a donation to this guy's cause, if I can find the site again(I'm on a different pc at the moment).

Quote:

Originally Posted by Corsairs

Since this morning our website has been running extremely slow. I've never experienced anything like this and have received a number of email complaints from owners. I'm guessing it has something to do with the new anti-spam protection since it was uploaded to our server overnight. Fidel, can you take a look into this?

I sent you an email, John. Your site was loading quickly for me. I've been keeping an eye on it though.

[f.montoya]

The other part of this is actually something I wrote and had trouble getting to work until now. After struggling with much more difficult scripts for weeks, a super simple and very small script turned out to work the best(kicked myself when I finally figured that out). You can add this script to any php based CMS or forum and what it does is disallow proxy connections to your site. While there are plenty of legitimate and legal uses and users of proxies, they are far outnumbered by those with illegal intentions. Spammers almost always use proxies when spamming forums and blogs, etc. Traditional IP blocking after the fact doesn't do much good as there are thousands and thousands of proxies and plenty of new ones appear every day. The spammer simply uses another proxy and hits your site again.

As I stated previously, we play a game and communicate with others that play that game with us. With that in mind, why would anyone need to hide their identity when visiting our OOTP online league site? I can't think of any. I know the first and last names of all my league members and some of us know where eachother live. Not much identity hiding going on. So by requiring a visitor to disable/not use proxies, it removes yet another vast source of spam and is not an unreasonable request.

The .htaccess file, coupled with anti-proxy, has indeed ended my war. Will there be another war? Sure. But not today.

About Spamhaus, I believe they focus on email spam for the most part. Am I correct?

[f.montoya]

Everything is in here...

DontSpamMe.zip


Hope it works for you like it has for me!!!

[satchel]

Thanks Fidel! I will try it and report.

[satchel]

Since I've installed it, the only 'bot that's gotten through is an MSN indexer.

It's early in the game, but I like it so far!