Prevent forum spam
Posted: Thu Sep 26, 2013 2:48 am
To return a little favor (or atleast trying to), I would like to give you a heads up on forum spam as it seems to be a certain problem on the sandboxie forum.
There are multiple ways to prevent forum spam (which I see here regularly).
Captchas are not protecting any longer, you can completely get rid of those in the registration because most bots nowadays use human-response-systems (people answering captchas the whole time like on an assembly line).
My advise on possibilites to prevent spam:
a) Use a hidden input field on the registration php file that only bots would fill out. A safe and user friendly method. - I heard that some spambots already started avoiding that but you could try it out
b) Use an IP-Check PHP file. I personally have written one that is checking both stopforumspam and honeypotproject databases for bad IP entries. (though that may give some false positives for certain users as dynamical IPs are common)
c) Use Javascript and Cookie requirement in combination with individual questions on the registration page (not the pre-set or too common questions like "what's the color of the sky" - that would be too easy as it is too widely used - while they can still be easy for a user; example: "What's the name of the program provided by this website")
d) Change the name of the registration page from register.php to another name (not sure if phpbb has support for that in the backend, I'm more used to vBulletin).
It's really not that much work, believe me. Just try it out.
There are multiple ways to prevent forum spam (which I see here regularly).
Captchas are not protecting any longer, you can completely get rid of those in the registration because most bots nowadays use human-response-systems (people answering captchas the whole time like on an assembly line).
My advise on possibilites to prevent spam:
a) Use a hidden input field on the registration php file that only bots would fill out. A safe and user friendly method. - I heard that some spambots already started avoiding that but you could try it out
b) Use an IP-Check PHP file. I personally have written one that is checking both stopforumspam and honeypotproject databases for bad IP entries. (though that may give some false positives for certain users as dynamical IPs are common)
c) Use Javascript and Cookie requirement in combination with individual questions on the registration page (not the pre-set or too common questions like "what's the color of the sky" - that would be too easy as it is too widely used - while they can still be easy for a user; example: "What's the name of the program provided by this website")
d) Change the name of the registration page from register.php to another name (not sure if phpbb has support for that in the backend, I'm more used to vBulletin).
It's really not that much work, believe me. Just try it out.