phpBB2Refugees.com Logo
Not affiliated with or endorsed by the phpBB Group

Register •  Login 

Continue the legacy...

Welcome to all phpBB2 Refugees!Wave Smilie

This site is intended to continue support for the legacy 2.x line of the phpBB2 bulletin board package. If you are a fan of phpBB2, please, by all means register, post, and help us out by offering your suggestions. We are primarily a community and support network. Our secondary goal is to provide a phpBB2 MOD Author and Styles area.

Flood interval

Goto page 1, 2  Next
 
Search this topic... | Search phpBB2 Discussion... | Search Box
Register or Login to Post    Index » phpBB2 Discussion  Previous TopicPrint TopicNext Topic
Author Message
Jim_UK
Board Member



Joined: 19 Nov 2008

Posts: 656
Location: North West UK


flag
PostPosted: Thu Feb 26, 2009 3:51 pm 
Post subject: Flood interval

It must be my brain cells dying off but I have forgotten:-
We have a flood interval on searches but do we have one on posts?

I ask this as I have twice in the last week had to ban and remove spam posts from my sons site. In each case the user had registered and as we have the VIP code in place I am going to assume that the registrant is human.
What then follows a day or so later is a flurry of spam posts (handbags each time) with around 23 posts made in the space of one minute. I can only assume that it is a script being used to make these multiple posts unless they have multiple windows open and just quickly go through submitting them.

If it is a script how do they manage to run it?
Is there a flood interval on posts?

Jim
Back to top
Chapter 24
Board Member



Joined: 29 Dec 2008

Posts: 48



PostPosted: Thu Feb 26, 2009 4:01 pm 
Post subject: Re: Flood interval

Yes, you can change the flood interval on posts in the "general configuration" section of the ACP.

I have mine set for 15 seconds. I haven't had spam problems, and found that longer intervals can be a pain if you find yourself editing typos frequently after posting. Would certainly consider ramping the interval time up if I had spam and it helped alleviate it though.
Back to top
drathbun
Board Member



Joined: 24 Jul 2008

Posts: 729
Location: Texas


flag
PostPosted: Thu Feb 26, 2009 4:26 pm 
Post subject: Re: Flood interval

There are various MODs that can be installed that impact the flood interval as well. The code you need to check is (from memory) inside includes/functions_post.php.
_________________
phpBBDoctor Blog
Back to top
Jim_UK
Board Member



Joined: 19 Nov 2008

Posts: 656
Location: North West UK


flag
PostPosted: Thu Feb 26, 2009 4:34 pm 
Post subject: Re: Flood interval

Hi Dave - imagine my forgetting about the posting flood interval. icon_redface.gif

On checking my sons configuration he had the Flood Interval set at 1 second!!!! Don't ask why Dave as I have no answer to that.
I have reset it to 15 seconds. If anyone wants to post at faster than a post every 15 seconds then they need to "get a life".

I am interested in the mechanics of this posting - is it likely that they use a script and if so how do the run it?

Jim
Back to top
drathbun
Board Member



Joined: 24 Jul 2008

Posts: 729
Location: Texas


flag
PostPosted: Thu Feb 26, 2009 4:59 pm 
Post subject: Re: Flood interval

Jim_UK wrote:
I am interested in the mechanics of this posting - is it likely that they use a script

Yes
Quote:
and if so how do the run it?

Such scripts can be command line, or have a web interface. I think Dog Cow has spent some time looking at tools like x rummer or whatever it's called and might be able to shed more light. But the basic concept is that you have a database of posts (post text) and in theory you enter a web url, a user name, a password (these values would have been previously entered via a human to avoid bot-prevention means), and set up a schedule for posting.

I have a honey pot board running and one of the experiments I did was to increase the flood interval to 120 seconds to see if it bothered the bots any. The standard flood interval is 15 seconds, and I found that the bots were posting once every 25 seconds. By setting the flood interval to 120 I wanted to see if it messed them up. icon_smile.gif I haven't checked in a while, so I don't know the answer to that yet.

_________________
phpBBDoctor Blog
Back to top
Dog Cow
Board Member



Joined: 18 Nov 2008

Posts: 378


flag
PostPosted: Thu Feb 26, 2009 5:05 pm 
Post subject: Re: Flood interval

drathbun wrote:

Such scripts can be command line, or have a web interface. I think Dog Cow has spent some time looking at tools like x rummer or whatever it's called and might be able to shed more light. But the basic concept is that you have a database of posts (post text) and in theory you enter a web url, a user name, a password (these values would have been previously entered via a human to avoid bot-prevention means), and set up a schedule for posting.

It's even more automated than that. Yes, you enter in some URLs (or use a directory) and the spam post, but most good software these days will register new accounts, activate, log in, and post -- all automatically.

Here's the typical order of operations:
1.) Bot lands directly on the registration page, as the very first hit for the site
2.) POSTs to it, thus registering an account
3.) Accesses login.php
4.) POSTs to login.php, authenticating and creating a session
6.) Accesses profile.php?mode=editprofile (I don't know why; probably to check some information about the account)
6.) Accesses index.php, to scan for forum ID's
7.) POSTs to posting.php?mode=newtopic&f=1, thus creating a new topic

That's basically it. If the site has email confirmation on, then the bot will go check its email, then activate the account and proceed from there. Bots don't seem to log out; they just let the session expire.

Here's the access log for today on my honeypot if you're interested.

Quote:
By setting the flood interval to 120 I wanted to see if it messed them up. icon_smile.gif I haven't checked in a while, so I don't know the answer to that yet.

If I were a bot author, and found a site with a high flood interval, I'd simply log in to more accounts, since each account has its own posting interval.

_________________
Moof!
Lincoln's Tomb, Oak Ridge Cemetery, Springfield IL • Mac 512K Blog • Mac GUI
Back to top
drathbun
Board Member



Joined: 24 Jul 2008

Posts: 729
Location: Texas


flag
PostPosted: Thu Feb 26, 2009 5:13 pm 
Post subject: Re: Flood interval

Dog Cow wrote:
It's even more automated than that. Yes, you enter in some URLs (or use a directory) and the spam post, but most good software these days will register new accounts, activate, log in, and post -- all automatically.

Yes, I realize many bots will do that. But in the case where a board owner has a CAPTCHA of some sort that hasn't yet been broken / configured for automatic solutions, they can still register manually and enter the board data into a database that would feed an automatic posting script.

I believe this is the next issue many board owners will have to deal with. We have multiple different types of challenges to keep bots from registering, but very few in place to keep someone from posting once they register.

_________________
phpBBDoctor Blog
Back to top
Jim_UK
Board Member



Joined: 19 Nov 2008

Posts: 656
Location: North West UK


flag
PostPosted: Fri Feb 27, 2009 7:06 am 
Post subject: Re: Flood interval

Yes Dave I see that as the issue. The site has a none standard Captcha as shown below. Whilst the text is easy to read the bot is confused by the text below it. I tried Xrummer against this Captcha and it failed to register.
After the Captcha is the VIP code which I have no evidence that a bot has ever got around yet.
It must be a human that is registering and then some script used for posting.
I am wondering if the best way of dealing with these is to have Approval for the first post that a user makes.
Incidences of this spamming are so far very few and far between but there may come a time when we(meaning us) are subjected to these on a daily basis.

Jim



cap.jpg
 Description:
 Filesize:  11.55 KB
 Viewed:  36474 Time(s)

cap.jpg


Back to top
dogs and things
Board Member



Joined: 18 Nov 2008

Posts: 628
Location: Spain


flag
PostPosted: Fri Feb 27, 2009 8:09 am 
Post subject: Re: Flood interval

Hi Jim,

Approval MOD would be a valid option, I think.

One of it's settings allows you to determine whether a notification will or will not be shown on posting a topic that the user that's posting needs approval before the post/topic will be shown to the public.
Thus a spammer will post his spam without knowing that by doing so he will let the board admins/mods know that he wants to be deleted before anyone else ever got to see his crap. He will only find out once he posted, but won't be able to do anything then.
I's a very good and complete MOD that I installed without any problem on my pretty heavily modded board.

Greetings.

_________________
phpBB2 will never die, I hope!
Back to top
Jim_UK
Board Member



Joined: 19 Nov 2008

Posts: 656
Location: North West UK


flag
PostPosted: Fri Feb 27, 2009 11:46 am 
Post subject: Re: Flood interval

I will check out the approval mod. I am of course aware of it as I did mention approval in my last post. I actually have the mod already but have just not got around to looking it over.
I am anxious not to do anything that would put normal users off posting and at the same time do not want to add anything that creates further server load as this is another issue we have due to high image occurrence in the topics.
I do see that they always fail to chose a National Flag (Flag mod is installed) but then that is true of quite a lot of the genuine users and he does have some genuine ones from Afghanistan.

Jim

Edit
I have done a test install on localhost. New install of phpBB2 plus Easymod and then installed the Approval mod.
I am not a mod writer or coder in any form but I see weaknesses in that mod from the point of view of it's usage to combat spammers and from an Admin interface side as well.
Ideally it would not be group based but individually user based.
As it is in order to get it to mark posts for "Approval" the user must be added to a usergroup as it is group based. That would necessitate each and every user as soon as they register to be added to a "New" usergroup with that usergroup requiring "Approval" for posts.
Having made a good post it would then require the Group moderator to remove that person from the "New" group thereby affording them normal posting rights. An alternative would be to go to the User permissions - find that user and change their "Approval" status there.
I know that the mod was not specifically written with dealing with spammers in mind but more controlling posts in "sensitive" fora but it would have been useful if it would automatically add a new "non posted" user to a group requiring "Approval" and then at a pre set number of approved posts remove them from that "new" group thereby affording them posting status.

I guess I could add the auto group mod and set it so that all users individual permissions are set at must be approved and then use the Auto group mod set at say 1 or 2 to move users to a "Posting group" whose permission would be set at "Not requiring approval"

If this was a new install I would probably go down that path but as the mod is a larger one to install than the Attachment mod" if done manually and not using subSilver and having a hell of a lot of mods it would require that course of action I shall have to wait and see how bad the spamming becomes.
Back to top
Ram
Board Member



Joined: 23 Dec 2008

Posts: 100
Location: Somewhere over the rainbow


flag
PostPosted: Sat Feb 28, 2009 9:05 am 
Post subject: Re: Flood interval

You can take a look to this MOD : Bump Topic
Back to top
dogs and things
Board Member



Joined: 18 Nov 2008

Posts: 628
Location: Spain


flag
PostPosted: Sat Feb 28, 2009 9:12 am 
Post subject: Re: Flood interval

I donīt think it is group-based Jim,

It works on individual user-level and on a per forum base.

I guess you read the docs that come with the MOD?

Btw. I installed this MOD using EasyMod, on the first try. I did this because it's quite a big MOD to install and I figured that if it would go in without problems I'd saved me a good bit of work.

_________________
phpBB2 will never die, I hope!
Back to top
Jim_UK
Board Member



Joined: 19 Nov 2008

Posts: 656
Location: North West UK


flag
PostPosted: Sat Feb 28, 2009 11:05 am 
Post subject: Re: Flood interval

Quote:
## MOD Description: Posts made by users belonging to certain group(s) must be
## validated by a moderator/admin before becoming available


Yes definitely group based although there is an option to set an individual to requiring "Approval" or Not requiring approval.
If you were to go for the individual option then you would have to intercept each new user before they posted in order to set the value of that field in the db.
The group option makes more sense and with the Auto group mod I have set it on localhost with the fresh install to add all new users to a group that require Approval. I tried also with the auto group to set another group for posters with at least 1 post and that group not requiring approval.
There must be some conflict there as users are not moving from the first group to the second group when attaining the post level. Maybe you can only have a single auto group???
My son's (don't think child as he is 40) site is very heavily modded so to install this Mod would probably be better done manually if at all.
He has the Starfoxtj Admin toolkit that will allow nuking an account but it does not dlete all posts - just replaces the text with some other. I wish that he had got around to finishing development as I understand the next step was to get it to delete posts. Think he said that getting it to do that and resync everything was a major task.

I will take a look at the other mod. If it is the one that stops folks bumping a topic it will not work as they always post into different topics/forums. I will go take alook shortly.

Jim
Back to top
dogs and things
Board Member



Joined: 18 Nov 2008

Posts: 628
Location: Spain


flag
PostPosted: Sat Feb 28, 2009 12:19 pm 
Post subject: Re: Flood interval

I didnīt have to set anything related to groups.

I set one forum to approval required for anybody posting a new topic. That's all I use this MOD for.

If Iīm not mistaken you can also require approval on a rank base.
If you make a new rank for people with from 0 to 1 posts and require approval for that rank only you'd be done, I guess.

_________________
phpBB2 will never die, I hope!
Back to top
Jim_UK
Board Member



Joined: 19 Nov 2008

Posts: 656
Location: North West UK


flag
PostPosted: Sat Feb 28, 2009 12:24 pm 
Post subject: Re: Flood interval

Ranks- Now that is an idea as I have a rank for anyone that has posted. I will go take a look.

Thanks
Jim
Back to top
Display posts from previous:   
Register or Login to Post    Index » phpBB2 Discussion  Previous TopicPrint TopicNext Topic
Page 1 of 2 All times are GMT - 4 Hours
Goto page 1, 2  Next
 
Jump to:  

Index • About • FAQ • Rules • Privacy • Search •  Register •  Login 
Not affiliated with or endorsed by the phpBB Group
Powered by phpBB2 © phpBB Group
Generated in 0.0752 seconds using 19 queries. (SQL 0.0155 Parse 0.0116 Other 0.0480)
phpBB Customizations by the phpBBDoctor.com
Template Design by DeLFlo and MomentsOfLight.com Moments of Light Logo