Announcement

Collapse
No announcement yet.

How do I ban 300 undercover spammers in one whack?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • How do I ban 300 undercover spammers in one whack?

    The other day I discovered that we have between 150 to 300 or more lurking spammers that have registered but not yet posted, some not even activating their email address yet.

    Here is some data I've compiled:
    Birthday 1983-03-28: 329 (41 would be expected by chance alone)
    Email web.de : 48 (16 banned) (18 Awaiting activation) (46 with 1983-03-28 birthday)
    Email mail.ru : 42 (6 banned) (18 Awaiting activation) (29 with 1983-03-28 birthday)
    Email cashette.com : 34 (3 banned) (31 Awaiting activation) (34 with 1983-03-28 birthday)
    Email yandex.ru : 15 (2 banned) (8 Awaiting activation) (10 with 1983-03-28 birthday)
    Email fromru.com : 3 (2 banned) (1 Awaiting activation) (all with 1983-03-28 birthday)
    Awaiting activation: 707
    Searching for some of the spammer usernames shows they are registered on 75,000 other vb boards! I think this counts as evidence of automated registration. And when I read that the CAPTCHA in the latest version was much improved it was clear we had to upgrade as soon as possible, even if this meant resetting our domain and server so our php version would get upgraded to meet the requirements.

    So we are now on 3.6.4 (from 3.5.1) and I have a few hundred spammers to ban. What I need is a way to mass ban a list of usernames or user ids. I was thinking that "Execute SQL Query" might be the way to do this. Could someone help with the sql that would be needed to put a user(s) in the banned user group.

    Thank you for your time.

  • #2
    Originally posted by thomasv View Post
    The other day I discovered that we have between 150 to 300 or more lurking spammers that have registered but not yet posted, some not even activating their email address yet.

    Here is some data I've compiled:


    Searching for some of the spammer usernames shows they are registered on 75,000 other vb boards! I think this counts as evidence of automated registration. And when I read that the CAPTCHA in the latest version was much improved it was clear we had to upgrade as soon as possible, even if this meant resetting our domain and server so our php version would get upgraded to meet the requirements.

    So we are now on 3.6.4 (from 3.5.1) and I have a few hundred spammers to ban. What I need is a way to mass ban a list of usernames or user ids. I was thinking that "Execute SQL Query" might be the way to do this. Could someone help with the sql that would be needed to put a user(s) in the banned user group.

    Thank you for your time.
    While the vbulletin support "team" seems to think there is no evidence of a complete breakdown of their captcha system (search the threads), the fact is that bots and/or bots with human help has breached it. I've used the hack found in the thread pasted below to totally thwart this menace. Many users in all versions are being blasted by spambots despite what anyone might say. Search the forums and you'll see.
    Here's the thread where you'll find a fix that will take care of it at least for the time being. The hack is in the 2nd page of the thread.
    http://www.vbulletin.com/forum/showthread.php?t=185108

    Comment


    • #3
      As I've already posted a couple of times. Since switching to the GD TFF I've had ZERO... as in NA-DA... ZIPPO...ZILCH...NOT A ONE...NOTHING...NO SPAMMERS. And that was about 3 days ago.

      Comment


      • #4
        Originally posted by thomasv View Post
        The other day I discovered that we have between 150 to 300 or more lurking spammers that have registered but not yet posted, some not even activating their email address yet.
        Since they are all using the same birthday, take a look at this
        http://www.vbulletin.org/forum/showt...ght=1983-03-28
        ...steven
        www.318ti.org (vB3.8) | www.nccbmwcca.org (vB4.2)
        bmwcca.org/forum | m135i.net
        "I tried to clean this up but this thread is beyond redemption." - Steve Machol

        Comment


        • #5
          Originally posted by socalguy View Post
          While the vbulletin support "team" seems to think there is no evidence of a complete breakdown of their captcha system (search the threads), the fact is that bots and/or bots with human help has breached it. I've used the hack found in the thread pasted below to totally thwart this menace. Many users in all versions are being blasted by spambots despite what anyone might say. Search the forums and you'll see.
          Here's the thread where you'll find a fix that will take care of it at least for the time being. The hack is in the 2nd page of the thread.
          http://www.vbulletin.com/forum/showthread.php?t=185108
          Thanks for that link, I think it will be useful in stopping new spammers registering. Incidentally the way that spammers can get past any image verification is, to have their _own_ website and get _their_ users to read and type in the answer to _your_ CAPTCHA image! Whether it be their own forum or more likely a porn site where it says: type in the letters in this picture to carry on viewing our service, every 10 minutes or whatever. And their spambot fills in the rest of the registration fields automatically, which is why they have the same birthday etc. So the best way to fool them is to have a field their bot is not expecting like "how many wheels does a car have" like in the link you mention.

          However I was not actually asking about stopping new spammers registering, I was asking about removing spammers who have already registered, just not posted and maybe not even activated yet. I am satisfied I know how I'm going to carefully identify which accounts are spammers, but I don't know how to mass ban them once I have a list.

          For example this site, at the bottom, has "SQL Commands to add these [ip addresses] to a PHPBB banlist". What I want is SQL to add a user id to the banned usergroup.

          It would look something like this:
          Code:
          [SIZE=2]UPDATE user_group_table SET primary_user_group = "banned user group" WHERE userid = 12345; [/SIZE]
          or a more sophisticated version:
          UPDATE user_group_table SET primary_user_group = "banned user group", ban_lift_date = "Perminant", Reason_to_show_the_user = "Spammer" WHERE userid = 12345;
          I would then have a line like this for each spam account and execute it in the "Execute SQL Query" section of the AdminCP.

          Comment

          widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
          Working...
          X