PDA

View Full Version : SPAM in the forum



Ñuño Martínez
02-03-2010, 09:59 AM
I've found SPAM in the forum here (http://www.pascalgamedevelopment.com/forum/index.php?topic=6146.new#new). The user's web-page is a pharmacy.

BTW, isn't there a button to warn moderators about this kind of messages?

Traveler
02-03-2010, 12:06 PM
Thanks for the heads up. The topic in question has been deleted.

You can report a post using the link [Report to moderator] within each posts. Alternatively you can also send me or one of the other admins a pm.

Ñuño Martínez
02-03-2010, 01:10 PM
I can't find the [Report to moderator] link. :no: I'm using "pgd-dark" theme. May be this theme hasn't the link.

AthenaOfDelphi
02-03-2010, 10:53 PM
We got completely spammed a week or two ago... hardcore porn sites in lots of different threads... thankfully it was all by the same user so I just deleted them :-)

As Traveler said... if it happens again just drop one us a mail and we'll get it sorted ASAP. With regards to the report link... I'm using the PGD-Dark theme and I have the link... I'm not familiar with SMF so I'm guessing, but could it be a permissions issue Traveler?

Ñuño Martínez
03-03-2010, 08:24 AM
I'm using the PGD-Dark theme and I have the link...

Please, where is it (top, bottom, left...)? May be I can't see it because I don't know where it is. :baby:

AthenaOfDelphi
03-03-2010, 08:51 AM
At the bottom of each post, there is the line that separates your signature from the body of the post. When I view the forums, I get the posters IP address and the 'Report to moderator' link just above that line to the right hand side of the screen.

It is fairly obvious and stands out well, which makes me think it may be a permissions issue that is preventing standard users from using the functionality, although it does seem strange that it would be available to moderators and admins who can deal directly with the offending posts ???

paul_nicholls
03-03-2010, 08:57 AM
At the bottom of each post, there is the line that separates your signature from the body of the post. When I view the forums, I get the posters IP address and the 'Report to moderator' link just above that line to the right hand side of the screen.

It is fairly obvious and stands out well, which makes me think it may be a permissions issue that is preventing standard users from using the functionality, although it does seem strange that it would be available to moderators and admins who can deal directly with the offending posts ???


All I see to the right above that separating line is a link that says "Logged". If I click on it, it explains about only moderators and admins being able to see my ip.

That is it, no "report to moderator" link at all.

If it helps, I am using the "SMF Default Theme - Core" theme.

cheers,
Paul

Traveler
03-03-2010, 10:08 AM
I have modified the settings for regular members to allow reporting of posts to moderators.

paul_nicholls
03-03-2010, 10:43 AM
I have modified the settings for regular members to allow reporting of posts to moderators.


Nice...thanks Traveler!

Quick, I'd better report THIS post! :D

Have a nice day :)

cheers,
Paul

Ñuño Martínez
03-03-2010, 01:18 PM
I have modified the settings for regular members to allow reporting of posts to moderators.
Much better! :D

[edit] I can see the link in this post but not in others (i.e. this (http://www.pascalgamedevelopment.com/forum/index.php?topic=6148.0;topicseen) and this (http://www.pascalgamedevelopment.com/forum/index.php?topic=5847.msg49952;topicseen#new)) ???

paul_nicholls
03-03-2010, 07:36 PM
I have modified the settings for regular members to allow reporting of posts to moderators.
Much better! :D

[edit] I can see the link in this post but not in others (i.e. this (http://www.pascalgamedevelopment.com/forum/index.php?topic=6148.0;topicseen) and this (http://www.pascalgamedevelopment.com/forum/index.php?topic=5847.msg49952;topicseen#new)) ???


Hmm...same here!

cheers,
Paul

Traveler
03-03-2010, 08:05 PM
Apparently setting privileges for regular members wasn't enough. I have changed a setting for the most active boards, to include the option to report a post to a mod.

paul_nicholls
03-03-2010, 09:26 PM
Great...thanks! Now it's working ok :)

cheers,
Paul

Ñuño Martínez
04-03-2010, 10:06 AM
Apparently setting privileges for regular members wasn't enough. I have changed a setting for the most active boards, to include the option to report a post to a mod.


Thank you. :)

savage
12-03-2010, 09:12 PM
Hi all,
I'm a fair bit late to the discussion, but I've just received emails saying that there is a p0rn thread on here, but I'm not able to delete them or the posters as nothing comes up.

Does that mean Athena or Alexander have cleaned it up already?

Brainer
13-03-2010, 06:23 AM
Hi all,
I'm a fair bit late to the discussion, but I've just received emails saying that there is a p0rn thread on here, but I'm not able to delete them or the posters as nothing comes up.

Does that mean Athena or Alexander have cleaned it up already?


That's right. :)

AthenaOfDelphi
13-03-2010, 09:25 AM
I zapped the two I saw yesterday as soon as I saw the emails :-)

dazappa
13-03-2010, 03:12 PM
PS: Forum is out of date. Also, I'd suggest finding a 3rd party mod that adds some anti-bot measure to the registration form.

User137
27-03-2010, 09:52 PM
Report to moderator link shows in this thread but not in all threads, especially the current spam posts don't have the link.

dazappa
27-03-2010, 10:19 PM
Report to moderator link shows in this thread but not in all threads, especially the current spam posts don't have the link.

Huh. Noticed that as well, although I did report a post a few days ago. Maybe permission was not granted for all forum categories, or in tinkering with settings it got reverted to how it used to be again.

chronozphere
27-03-2010, 10:20 PM
All this spam is really annoying. >:(

Is there no proper CAPTCHA included in the registration process.
Even if that's the case, I heard that CAPTCHA's are getting old now. There's good software to analyze captcha's and read them. :(

dazappa
28-03-2010, 01:45 AM
Well the forum's been upgraded, but as far as I can tell, not anti-bot mod has been installed yet.

Traveler
28-03-2010, 11:54 AM
I have updated the forum to the latest version, some time ago. As far as anti spam regulations go, the CAPTCHA option during registration has been set to the highest level. But as chronozphere said, that does not stop spammers anymore. We are getting around 5-7 new registrants a day at the moment, and while I realize many are potential spammers, checking them all takes quite a bit of time, something I don't always have. (New accounts have to get authorized btw)

About a week ago I installed a tool that checks name/ip/email against a known spammers db. It automatically marks around 50-75% of the new users, which is quite a bit IMO.

chronozphere
28-03-2010, 05:41 PM
Hmm.. I took a brief look at the captcha's used here. I think they are very easy to read for both humans and computers. Isn't there a way to replace this module by one that is a bit more secure? ???

Just googled a bit. I think this might come in handy:

http://www.simplemachines.org/community/index.php?topic=273816.0

Traveler
28-03-2010, 06:31 PM
Ok, we now have reCAPTCHA for SMF installed :)

Hopefully, this as well as the other measures are enough to keep them out.

chronozphere
29-03-2010, 04:31 PM
Great. We will have way better CAPTCHA's now. Hope this measure will keep those bot's out. :D

Ñuño Martínez
30-03-2010, 01:17 PM
Ok, we now have reCAPTCHA for SMF installed :)

Hopefully, this as well as the other measures are enough to keep them out.


Good, good... :)

epiece
30-03-2010, 02:04 PM
My site also attacked by spam posting Porn links. I discovered this spam when i checked my temp table on my database. I also added a captcha for bots :) .

Ñuño Martínez
14-11-2011, 10:13 PM
Hi again.

I've found this thread (/showthread.php?11626-Software-Testing-Tutorial) that I think is SPAM. Then I look for a link to report it, but I didn't found it... ???

paul_nicholls
15-11-2011, 01:46 AM
that is not a valid link for me :)

Ñuño Martínez
15-11-2011, 10:44 AM
Doh! I did an experiment and it didn't work. The thread is his one (http://www.pascalgamedevelopment.com/showthread.php?11626).

paul_nicholls
15-11-2011, 10:55 AM
hmm...I'm not sure if it is spam or not after looking at the thread and the blog LOL

It might actually be useful, not sure...

As to reporting a post, there is an exclamation mark in a triangle on the bottom left of each post that you can click on to report a post (as spam I guess, or inappropriate, etc.)

cheers,
Paul

Ñuño Martínez
15-11-2011, 07:46 PM
Thanks Paul. I didn't see it. http://www.pascalgamedevelopment.com/images/buttons/report-40b.png

AthenaOfDelphi
15-11-2011, 09:24 PM
I think I moderated the original software testing post in that thread, however, the exact same post has also been posted by another user in the same thread (again moderated), so I believe it's someone trying to improve their page ranking or something like that.

As such, I'm going to delete the page... it just smacks of a dodgy site that's up to no good.

paul_nicholls
15-11-2011, 10:29 PM
No worries :)

code_glitch
16-11-2011, 06:12 PM
Sorry, my fault - it was relevant and written in english that made sense so I figured it wouldn't hurt although i had my doubts. Those ones are always hard to tell apart. Busy week for spammers over the last few days - just logged on for the first time in a while and there's a truckload to catch to with

WILL
11-01-2012, 04:49 PM
Everyone will be happy to note that I have effectively limited any possible spam in the forums to the New Members forum, which will be used to complete registration and unmoderate all new users. :)

From and admin point of view this will make the forums look much cleaner.

From a member point of view, it won't look any different, except that you might see a few more new members joining up to the site now that I've added much more useful information about the registration system and PGD it's self into the welcome email and registration email as well.

paul_nicholls
11-01-2012, 07:45 PM
Sounds great Jason...nice work! :)
Hopefully we will be fending off genuine new users with a barge pole due to the large numbers wanting to register! haha ;)
First new users, next the world! Bwahahahahaha!

Andru
11-01-2012, 08:16 PM
It would be great if you cleaned ZenGL topics, because I see a lot of spam which is deleted, but still present with mark "Deleted by Andru" :) But that is great, that spambots won't bother us any more.

code_glitch
11-01-2012, 08:56 PM
Andru: I'll be looking into that progressively over the rest of the week depending on the size of the infestation and available time then if thats all OK with you...

WILL
12-01-2012, 12:23 AM
Thanks Paul! ;)


It would be great if you cleaned ZenGL topics, because I see a lot of spam which is deleted, but still present with mark "Deleted by Andru" :) But that is great, that spambots won't bother us any more.

I am presently going through the entire forums clearing out all old spam. (Starting on the top down to the bottom forum.) There is lots. It's sort of sprayed all over the site really. Once it's cleaned up however it'll be gone forever. :)

WILL
13-01-2012, 02:44 AM
Finally! Not a single moderated thread in the entire forums. :D

Took me a few hours, but I cleaned out the site of all old buried spam and unapproved legit posts. A big oops and sorry to all those we missed. We are trying to do better!!!

As of now the only place that may gather future (hidden!) spam is the New Members forum where new PGD members have to post to let us know that they are human.

paul_nicholls
13-01-2012, 02:57 AM
Nice work! :)

Andru
13-01-2012, 07:53 AM
Great! :) The only one thing which is left - avoid all these strange names below the forum in section "Currently Active Users". Why not to use "anti-spambot question(s)" on registration page? :) Or they are already used in pair with new "Welcome to PGD!" email?

SilverWarior
13-01-2012, 08:11 AM
If you haven't noticed already the number off theese strange names reduced quite a lot. Now you can actually see who is presen on the forum without browsing trough several pages on active users list.

Andru
13-01-2012, 09:30 AM
I noticed this :)

WILL
14-01-2012, 07:47 AM
Spambots give up as they cannot do anything since most of their usual tricks don't seem to be letting them post. Poor spambots. :P


Great! http://www.pascalgamedevelopment.com/images/pgdsmilies/happy.gif The only one thing which is left - avoid all these strange names below the forum in section "Currently Active Users". Why not to use "anti-spambot question(s)" on registration page? http://www.pascalgamedevelopment.com/images/pgdsmilies/happy.gif Or they are already used in pair with new "Welcome to PGD!" email?

Not something that we can really consider without majorly modifying the site software. Which is also something we won't do as a measure of experience telling us not to. We have however been thinking of ways to eliminate specific telltale things that spambots seem to tell us when they make up these stupid accounts, but most of that is up to the vBulletin folks to implement into vBulletin.

I'm planning on addressing this with the vBulletin development team to tr to get the ball rolling on some better basic anti-spam or spam reducing features in the future.

The next update (which is already released) will help add better moderation to blogs. Currently they can make blog posts without being restricted by their membership status. (Moderated Member vs Regular Member) This has been changed and we can now restrict New (Moderated) Members from creating new blogs posts.

We currently get a minimal amount of spam blog posts, but you still won't see them as regular members. :)

SilverWarior
18-03-2012, 12:37 PM
Today when visiting PGD I saw tha our site still isn't completly safe from spamming. On home page there was some text promoting selling of pils online etc. By the looks of it it seems that the text gets directly inserted into html code of the page. The text is being shown on the place where "recent tutorials" are usualy shown. Theese are then moved after the inserted text. Websites caption has also been changed. Becouse of this PGD site will be automaticly scored lower by web search engines (webpage caption isn't related to website domain) and this will result in our webpage being shown further down in web search engines results.
I also noticed Google saying that our website may contain some harmful content, probably becouse of pre mentioned problem.

EDIT: The error is ony seen if you come to the site and are not loged in (permament cookie). It is also only visible when you acces the site from main domain (http://www.pascalgamedevelopment.com).

WILL
18-03-2012, 09:25 PM
I've had a look at this, but somehow I cannot see it logged in or not from the main page.

Could you provide a screenshot? IS it still there?

I can think of only one way that spammers can throw spam in and that's through the blogs, but I thought we fixed that as all newly registered members cannot blog right away until un-moderated. I'll have to have another look, but I'm not seeing this spam text you are talking about.

There is another update, I'll need to patch the site anyways hopefully it fixes your issue.

If not, I'd also do a double check of your own system just in case.

SilverWarior
18-03-2012, 10:26 PM
It seems that the problem is gone at the moment.
But you can use google to look for the website preview containing the malicious content. Acording to google the website preview is from 13 of March 2012. But the site looks the same that I saw it today.

WILL
19-03-2012, 10:01 AM
Well I'm not seeing it. I've asked that Google refresh their preview of the PGD site as I think it may have been some weird glitch.

SilverWarior
19-03-2012, 03:06 PM
That's strange. I can still se it.
Try using next url to get the same page preview as I do: http://webcache.googleusercontent.com/search?q=cache:hQtmHjZRqIMJ:www.pascalgamedevelopm ent.com/+pascal+game&cd=1&hl=sl&ct=clnk&gl=si
It is posible that I can still see this becouse I'm from different region than you.

I have also saved webpage preview as a HTML page and incuded it in atachment in case if you won't be able to acces to the webpage preview trough pre mentioned URL.

paul_nicholls
19-03-2012, 09:20 PM
That's strange. I can still se it.
Try using next url to get the same page preview as I do: http://webcache.googleusercontent.com/search?q=cache:hQtmHjZRqIMJ:www.pascalgamedevelopm ent.com/+pascal+game&cd=1&hl=sl&ct=clnk&gl=si
It is posible that I can still see this becouse I'm from different region than you.

I have also saved webpage preview as a HTML page and incuded it in atachment in case if you won't be able to acces to the webpage preview trough pre mentioned URL.

The URL worked for me...yeah, interesting tutorials!! haha

WILL
20-03-2012, 12:47 AM
Well there may have been a problem, but it seems to have vanished since that preview of the site.

I'm hoping the upgrade will wipe out any potential injection vulnerability that might be there.

SilverWarior
26-03-2012, 05:17 AM
I have noticed the same problem again. But this time I noticed even something else. The problem can be only seen if you acces to the web page by http://www.pascalgamedevelopment.com url. And even if you were loged in to the PGD it seems as you aren't loged in and you get message saying that there was some problem loging in (see atacked picture). Therefore I belive that the problem migh reside on PGD hosts side as it seems that you are being redirected to imposter page.

paul_nicholls
26-03-2012, 08:12 AM
I just clicked on that link and didn't have the issue. The only issue I HAVE had is using Mozilla Firefox 4.x, and logging into the PGD site...it says there was an issue with the redirect and can't redirect me, but logs me in...
Chrome is ok...

SilverWarior
26-03-2012, 01:26 PM
It seems that the problem is ocasional. When I come to PGD site right now everythink was OK.

WILL
26-03-2012, 10:40 PM
Yeah, this is kind of frustrating me a little. I've not seen it at all, yet Google seems to show it in their preview and warns people plus Facebook shows it when I try to link to the site. I'm going to see about doing the upgrade to the newest version this weekend. Shouldn't have the forums down at all much.

Hopefully that nukes it completely.

SilverWarior
27-03-2012, 07:44 AM
I also hope that next time when this happens I will be at home and not at work. Last time I was at work. The reason for this is that I have some speciofic software wich is able to log all network trafic. This way I woul be able to see whether someone is changing page on our host server directly, or whether there are ocasional redirects to other server.