What's new
  • If you were supposed to get an email from the forum but didn't (e.g. to verify your account for registration), email Wes at [email protected] or talk to me on Discord for help. Sometimes the server hits our limit of emails we can send per hour.
  • Get in our Discord chat! Discord.gg/stararmy
  • 📅 May and June 2024 are YE 46.4 in the RP.

Those Damned Spammers

Status
Not open for further replies.
F

FM

Inactive Member
Seriously, they're getting out of hand. There's another spam account (RobertaGirl) right now, probably searching the database for some lousy sexist joke it can use on us.

Is there some way we can stop this?
 
Just report them, point out their profile and Wes will go and oblitirify them out of existence.
 
Recently, I discovered the that CAPTCHA code (Visual confirmation) wasn't showing on the site's join page, so I disabled it so that peopel could continue to register. It makes it easier for bots to register, though. I'm looking into modifications to thwart the bot threat.
 
I just finished installing a modification to the forums that should prevent the registration bots from working properly.
 
Hmm, a bot got through. I banned it from the entire site by IP.
 
Alright, made more aggressive modifications; now the website field is removed from registrations - any bot that attempts to register with a website or sig is autobanned.
 
Latest one...

[17/Sep/2006:22:05:19 -0700] "GET /forums HTTP/1.1" 301 312 "https://stararmy.com/side.html" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7" 24.87.33.168 - - [17/Sep/2006:22:05:18 -0700] "POST /forums/profile.php HTTP/1.0" 200 5685 "Star Army" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 24.87.33.168 - - [17/Sep/2006:22:05:15 -0700] "GET /forums/profile.php?mode=register&StarArmy=JoinStarArmy HTTP/1.0" 200 15583 "https://stararmy.com/profile.php?mode=register&StarArmy=JoinStarArmy" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" 66.249.72.163 - - [17/Sep/2006:22:05:15 -0700] "GET /forums/viewtopic.php?t=451 HTTP/1.1" 200 22926 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +What Is Googlebot | Google Search Central | Documentation | Google Developers)" 24.87.33.168 - - [17/Sep/2006:22:05:13 -0700] "GET /forums/posting.php?mode=quote&p=34870 HTTP/1.1" 200 62499 "Star Army" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Firefox/1.5.0.7" 66.249.72.163 - - [17/Sep/2006:22:05:12 -0700] "GET /forums/viewtopic.php?t=614 HTTP/1.1" 200 24892 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +What Is Googlebot | Google Search Central | Documentation | Google Developers)" 24.87.33.168 - - [17/Sep/2006:22:05:06 -0700] "GET /forums/index.php HTTP/1.0" 200 41611

24.87.33.168 isn't actaully Googlebot - that's a fake referrer header. It actually is s010600010255dc67.vc.shawcable.net

66.249.72.163 [crawl-66-249-72-163.googlebot.com] <-- that's ok

I checked to make sure this wasn't the IP of the new guy (actual person) that registered today, then I added code to my server so all traffic from this bot will be redirected.
 
Old-fashioned, I guess? Not like anyone actually uses it. Perhaps we could block entering of ICQ numbers on signup. *shrug*
 
I swear, it's like the developers of ICQ just gave their code away after they were bought by AOL. Gave it straight to spammers.

Wes, is what FM suggested feasible?
 
Yes. I've already done it with websites (which was the main thing).
 
Status
Not open for further replies.
RPG-D RPGfix
Back
Top