[转载]Modifications for Stopping phpBB Forum Spambots

[转载]Modifications for Stopping phpBB Forum Spambots

文章作者:Bob Allen

phpBB is one of the most popular software products for running online forums. As spammers found forums as a fantastic breeding ground for sending their commercial messages, phpBB admins have a lot of troubles to keep the integrity of their forums. I have been administering a couple of phpBB boards and this is the list of top anti-spambot mods.

I am listing the modifications in an alphabetical order, but I will especially note the ones that offer some value added functionality, as well as those I have more experience with. Because of obvious reasons related to the mods getting updated, I will not link directly to the files, but will use the official pages instead.

Block Open Proxy Registrants

Its main function is to blocks those attempting to register from open proxies. The mod was updated in December of 2005 but some people still use it. Personally I wouldn't use this kind of solution, as relying on predefined lists of proxy addresses is not my game.

Configure Member Profile Required Fields

This mod allow admin to configure which information in member profile is required inside admin control panel. The required field will need to be filled in during registration and upon profile update.

I used this MOD and it worked as a charm, but I should note that the configuration steps could be a bit complicated for an average user. As you are playing with fields, some interaction with the database will be needed.

Disable spambots

This mod uses cryptographic signing techniques to ensure that any comment submissions have occurred from an appropriate comment form (which should stop simple random submission bots), that the form was actually generated for the user who is submitting (stopping clusters of page-scraping spiders), and that at least 5 seconds have passed between the form generation and the submission (stopping bots which fully scrape the page and then immediately submit).

If one of these conditions is not met, the submit operation is turned into a preview, giving human posters another chance to submit.

Textual Confirmation

Textual Confirmation (TC) asks newly registering user a question. If the answer is wrong, TC rejects the registration. Also, TC notifies the forum admin and the community spam database. The administrator can edit the questions and answers in the Administration Panel.

There are two editions of Textual Confirmation: community and business. In the community edition, each time spam registration is rejected, Textual Confirmation sends a notification to the forum administrator and to the community spam notification database. If you don't want to send them copies of the notifications, you must buy a business license.

Registration disable website signature

When a user registers to the forum, the signature sections are hidden. If they enter in anything in the hidden fields they are denied from registration and if you turned the IP ban on, their IP Address is automatically banned.

I might say that his kind of an automatic spambot prevention really works flawlessly. With this kind of a mechanism I am getting just 2-3 spambots per week, which is at least 30 times less than the usual rate. Majority of spambots are filling in the URL and signature fields as this is their purpose, but on this way that will get banned.

Stop Spambot Registration

This mod stops spambots that provide Profile Information during registration in spite of a message saying "leave the Profile Information blank". An e-mail notification will be send every time there was a spambot registration attempt. The e-mail notification can easily be left out if you wish.

This is the actual mod I have been using on 2 of my forums and I can really recommend it. It does the same thing as the previous modification I mentioned, but it gives the admin an opportunity of adding extra text in the registration process to alert its real potential registrants. Besides this, it contains more fields (the whole profile information section) which is much better.




phpbb是当今开办网上论坛最流行的软件产品. 当spammers(垃圾工具)把论坛作为一个奇妙的温床,来散布他们的商业讯息, phpbb管理要保持论坛的完整性就会出现很多麻烦. 我曾管理过一些phpBB模板,这是反垃圾攻击的前几名的列表。



其主要功能是加锁那些企图从公开授权书注册的人。2005年12月函数得到更新,但仍有一些人使用它. 我本人不会用这种办法,因为以预定义名单取代地址,不是我的想法.


这个函数允许管理者配置会员控制面板中的必填项的信息. 这些需要在注册时和档案更新时填满。






文字确认(TC)问新注册用户一个问题. 如果答案是错误的,TC拒绝注册. 同时,TC通知论坛管理者和社区垃圾邮件数据库. 管理员可以在管理事务处编辑问题和答案.

有两个版本的文字确认:社区和商业.在社区版中,每次垃圾软件登记被驳回, 文字确认就对论坛管理员及社区邮件通知数据库发出通知.如果你不想发给他们通知副本,你必须购买一个营业执照.


当用户注册了论坛,签名路段就被隐藏起来. 如果他们进入隐藏领域,他们就会被剥夺注册了的权利,如果你禁止他们的IP,其IP地址就自动禁用了.



本函数阻止垃圾软件在注册时提供档案信息,尽管有消息说,"概况资料空白". 但如果你愿意的话,每次有垃圾工具试图注册时都有一封电子邮件通知将发送给你。

这就是我一直使用在我的2个论坛的函数,真的值得推荐. 它运作我以上提到的修改,但是它也给管理者一个增加额外文字的机会,在注册过程中提醒真正的注册者。除此之外,它包含了更多的领域(整个个人信息部分)就更好了.