spammers

Don't Lose Your Data Forever!

DIY data recovery has risks. You could lose your data forever! Don't want to risk it? Talk to a professional now.

HaQue

Moderator
So I just banned 3 users and deleted around 30 posts of spam. I think maybe they are using an exploit in phpBB or somehow getting around restrictions.
 

Jared

Administrator
Staff member
They must be using an exploit. Which surprises me, it's the latest version of PHPBB. These user accounts are brand new, and shouldn't be able to post without moderation.
 

HaQue

Moderator
are you able to go to your hosting control panel and see what files are logged as accessd or something? Been a while since I tried tracking someones access to my websites, but there should be some indication of it
 

Jared

Administrator
Staff member
Yeah, it looks like somehow the "new users" feature which forces their posts to be moderated is turned off again. I know I had enabled it, but then the other day it was off, so I turned it back on. Now it's turned off again (I just tested it too).

We'll eventually figure this out.
 

Jared

Administrator
Staff member
Ok, I think I figured out what's going on. When I set the new users group permissions, I set "post without moderator permission" to "no" however it needed to be set to "never" or they can still get the posts through somehow.

Hopefully this resolves it finally.
 

HaQue

Moderator
seems that the current spambots are using a very similar algo for all their bot-users.

one of the Facebook, Twitter, Skype, YouTube, Google+ fields is always username plus 2 capitol letters.

if there was some way of scripting in using the username as a substring mask for each of those fields then maybe you could ban the account straight away. I don't know how easy it is to do on phpbb though.
 
Top