Security code for various modules

Worker Joined: Dec 08, 2005 Posts: 107

Hi All!

As I mentioned in another post, I've been hit by the comment spammers. I have also had a large number of Feedback spams. They are a lot less annoying in that I can more easily delete them. However, they are still annoying and I am looking for a way to block them. I have already implemented a couple of things to prevent comment spamming by blocking known domains and thus preventing them from creating accounts (anonymous comments are not allowed).

I have seen in a few places references to mods that allow random graphical codes. Unfortunately my search for the actual mods/code has been fruitless. So, I was hoping that someone here would be able to point me to the right place.

I am currently using HA Nuke 7.6 and I cannot *yet* move to RavenNuke.

Any help is greatly appreaciated.

Regards,

jimmo

registered · Site Admin Joined: Jun 04, 2004 Posts: 6437

An interesting idea. VinDSL did some work to prevent feedback spam, and has a download available, I think.

Are you suggesting a CAPTCHA-like graphical security code for posting comments? An interesting idea...but, if you control membership and require it to post a comment, doesn't that address that issue?

Posted: Sat Jun 10, 2006 5:42 am

When you refer to Feedback spams, do you mean you are recieving email from the Feedback module?
If so, the only way to prevent that is to either set permission to registered users or disable it - the Feedback module is doing exactly what it was designed to do.

I have not seen any mods myself that use the random security image image on a per module basis, except for downloads but I'm sure someone will respond if they are aware of anything.
Have you now set all you modules (except Your Account' to registered users only?

Posted: Sat Jun 10, 2006 5:57 am

Guardian2003 wrote:

When you refer to Feedback spams, do you mean you are recieving email from the Feedback module?
If so, the only way to prevent that is to either set permission to registered users or disable it - the Feedback module is doing exactly what it was designed to do.

I have not seen any mods myself that use the random security image image on a per module basis, except for downloads but I'm sure someone will respond if they are aware of anything.
Have you now set all you modules (except Your Account' to registered users only?

Wherever it´s possible to add links you ´ll recieve spam links. You can prevent this like Guardian said to set this to registered users only but that´s not really a solution because if you have a guestbook would you set this also to registered users only ? I personally have never used that feedback module in Nuke 6.5 instead I´m using a contact us form but I got also spam entries. I blocked this known spammer with cidr and they never came back. However the next step I ll do is to integrate there a good captcha. To integrate in Articles/News a captcha seems also a good solution.

Posted: Sat Jun 10, 2006 6:13 am

I feel Feedback should be available to everyone, wether registered or not, so I am not happy with the idea of blocking it. Any method that requires human interaction is a happy thing as it seems unlikely that someone would actually bother to manually post spams like this.

One alternative to a security code (a la CAPTCHA) would be to block the IPs as Susann does. That requires manual intervention but also prevents people from sending spams like that manually.

Posted: Sat Jun 10, 2006 6:19 am

You might be surprised at the lengths to which spammers go to ply their trade... My thought is to use VinDSLs approach - verify the email address with all available methods, edit / strip html from the post, etc. Make the effort on the part of the spammer without affecting people who have legitimate feedback.

Posted: Sat Jun 10, 2006 6:41 am

kguske wrote:

You might be surprised at the lengths to which spammers go to ply their trade... My thought is to use VinDSLs approach - verify the email address with all available methods, edit / strip html from the post, etc. Make the effort on the part of the spammer without affecting people who have legitimate feedback.

No, I wouldn't. I've been doing this long enough to stop being surprised anything spammers do. Wink

Obviously anything where I block specific IPs or domains means there is a potential for blocking legitimate users. However, the sheer volume of trash I have to clean up makes it a necessity to take that risk. I might go with the "all available methods" aspects since I am not sure it would be worth the effort to verify the domain, or compare it or the IP to a blacklist, but it might be worth the effort in the future. Still, the attitude of making the spammers do a lot of work is a good approach.

Posted: Sat Jun 10, 2006 8:14 am

I would ceratinly agree with kguske - if you are using the feedback module, use the one that VinDSL did that is included in Raven Nuke due to its additional security features.

Hangin' Around Joined: Jun 30, 2003 Posts: 39

That's what I am using ( Feedback by WinDSL, and I get a lot of spams. The idea of using a security code in feedback or contact form will reduce the amount of spams. I looked and I could not find such a mod

Posted: Mon Jul 31, 2006 4:49 am

Remember that the feedback module is basically an online form processor. Although the object of having it is so that people can leave you feedback, it can also be abused.

A couple of my sites attracted people using this to spam me with garbage but it stopped once I set it to registered users - apparently it is too much trouble to sign up to send spam lol.
I was hoping they would register so I could ban their IP.

Posted: Mon Jul 31, 2006 5:00 am

People should not have to register to contact you or leave you a feedback.

Posted: Mon Jul 31, 2006 5:11 am

I know we shouldn't have to but its a sad fact remains that spammers will take advantage of anonymous access.

Although a captcha would be nice it will not stop manually sent spam or the more sophisticated bots.
To really tighten it up, you would need to send the data to a DB table, use a captcha on the form processing and email validation to actually trigger the 'send' from the data stored temporarily in the DB to the webmaster.
Another advantage of storing data inthe DB is that you could then (in the case of none free email accounts) add a function that would block firther submissions from that sender.

Worker Joined: Nov 22, 2004 Posts: 208 Location: Italy

there are only 2 things you can do to avoid spam.
1) make plain html pages with no forms.
2) stop having a website and go fishing.

you can limit it, making comments, posting, reviewing only for members.
you can check if members are humans and not robots by using visual code
you can display links only to members.
you can block single IPs countries, domains, referers , you can block sentences and words BUT you will get spam.
Asking people to sign up for accessing your site means loosing a lot of visitors.
I'm getting sick of registering everywhere I go o get a download, or looking at content. Most of the time I go look elsewhere.
Face it: you need to spend some of your time deleting crap from your database. Sad but true.
Guido

Posted: Mon Jul 31, 2006 6:22 pm

I know you cannot get rid of it, but you can reduce it a great deal by putting a security code for the news comment and the contact, that way the spam script wont be able to post comment.

I have deactivated the news comment on my site because of the amout of spams I was getting, it was only opened to register users, but he managed to register and post spams.

Recently I have been getiing tremendous amount of spams in the news comment section although I disable it, I get this from sentinel every 5 min:

Quote:

Date & Time: 2006-07-31 05:15:37 CDT GMT -0500
Blocked IP: 213.249.155.244
User ID: Anonymous (1)
Reason: Abuse-Script
--------------------
User Agent: none
Query String: www.xxxxx.com/modules.php?name=News&file=comments
Get String: www.xxxxxxxx.com/modules.php?name=News&file=comments
Post String: www.xxxxxxx.com/modules.php?subject=day trades&comment=<a
..
...
.....spam..
.......spam....
Forwarded For: 10.2.114.11
Client IP: none
Remote Address: 213.249.155.244
Remote Port: 38563
Request Method: POST
--------------------
Who-Is for IP
213.249.155.244

OrgName: RIPE Network Coordination Centre
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL

ReferralServer: whois://whois.ripe.net:43

NetRange: 213.0.0.0 - 213.255.255.255
CIDR: 213.0.0.0/8
NetName: RIPE-213
NetHandle: NET-213-0-0-0-1
Parent:
NetType: Allocated to RIPE NCC
NameServer: NS-PRI.RIPE.NET
NameServer: NS3.NIC.FR
NameServer: SUNIC.SUNET.SE
NameServer: NS-EXT.ISC.ORG
NameServer: SEC1.APNIC.NET
NameServer: SEC3.APNIC.NET
NameServer: TINNIE.ARIN.NET
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at http://www.ripe.net/whois
RegDate:
Updated: 2005-07-27

What does the Forwarded For: IP means? Is that the orginal IP address?

Posted: Mon Jul 31, 2006 7:08 pm

Looks like it might be, though it is in the IANA reserved range which is interesting.

Posted: Mon Jul 31, 2006 11:44 pm

I think the blocking of IP address is useless, unless you know real domain name of the script.

Posted: Wed Aug 02, 2006 7:32 am

Would BLOCK PROXIES (strongest level) in sentinel admin help?

Posted: Thu Aug 03, 2006 6:02 am

http://nukecops.com/modules.php?name=Forums&file=modules&name=Forums&file=viewtopic&t=43921&postdays=0&postorder=asc&&start=0

try this , it works for me for the comments