Problems with SPAM? Read this!

Post by **Klemen** » Tue Apr 11, 2006 10:10 pm

Update on 29th March 2016: a guide to improving guestbook SPAM protection is here.

FIRST THING TO DO IF YOU HAVE PROBLEMS WITH SPAM IS UPGRADE YOUR GBOOK TO THE LATEST VERSION WHICH CAN BE DOWNLOADED FROM HERE:
http://www.phpjunkyard.com/php-guestbook-script.php

In 15 days since the 1.5 came out over 2500 IP addresses automatically banned from the demo guestbook and 0 spam messages came through

Any suggestion to fight SPAM are very welcome, feel free to post!

Regards,

Junefly · Post by **Junefly** » Wed Apr 12, 2006 1:07 am

I have put in your test version of the spam GBook.php.. I have very little spam in Gbook, but will let you know when and if I get some..

Most of what I have gotten there so far was the jane@hotmail.com and then yesterday the antony@gmail.com. Those 2 are using some kind of bot, but the logs don't show me what kind, but then I am not real good at reading logs. Fruitbeards fix seems to have halted them for now.

Post by **Klemen** » Wed Apr 12, 2006 9:07 am

That fix works (ban e-mails), but blocking by e-mail is not the way to go in the long term in my opinion as when they figure out they are blocked by e-mail they can very simply generate unlimited fake e-mails like "asfjkychqk2@uisdzg.com"

FruitBeard · Post by **FruitBeard** » Wed Apr 12, 2006 9:42 am

Hi there,

The scurge of spam has certainly stirred up a Hornets nest.

You can also do an array of words set against the url field.

by doing exactly the same method as the email ban (obviously assigning each variable a different name).

I DO NOT GET any postings with the word viagra in the url.

I,m sure adding the odd word to this array wont do too much harm.

Im kind of sure these bots look for words such as guestbook or gbook, maybe naming it differently might help too.

Merely suggestions.

i can print some code to do the url word filter,if requested, but it is very much the same as the email filter.

Reegards, Fruity

FruitBeard · Post by **FruitBeard** » Wed Apr 12, 2006 10:11 am

Infact heres the code, if you wish to implement it.

find inside gbook.php, this code:

line 57 with gbook 1.35

printTopHTML();

place beneath it, this code:

$WRONGWORD=($_REQUEST['url']);
$CHECKBANWORD =1;
foreach ($settings['CHECKWORD'] as $BANWORD)
{if (preg_match("/$BANWORD/i",$WRONGWORD))
{$CHECKBANWORD=0; break; } }
if (!$CHECKBANWORD)
{problem(' You cannot sign this guestbook !!! ');}

now in your settings.php, place this code somewhere:

$settings['CHECKWORD'] = array(
'viagra',
'viagara',

);

kind of like the bad language filter, but it prevents it from being signed as opposed to swapping it with s**t etc etc

I'm sure the culprits will also bypass this too, but i think it helps tremendously.

Reegards Fruity

Post by **Klemen** » Wed Apr 12, 2006 11:02 am

Hey Fruit,

Thanks for the code. You don't get any SPAM with the word "viagra" in it because the JunkMark filter in the 1.35 version (considering JunkMark settings are in the recommended limits of 60-70) blocks it. Adding another check for "bad words" won't do any harm, but JunkMark should block that by default.

Regards

Junefly · Post by **Junefly** » Wed Apr 12, 2006 2:52 pm

Edited by Klemen: Please keep this thread focused on SPAM protection for GBook. You may submit questions about other scripts in the appropriate forums.

Stuart Cato · Post by **Stuart Cato** » Sun Apr 23, 2006 11:04 pm

I have gbook 1.35 but am also recently getting repeat anthony@gmail messages - I had one also from DE but removed it twice and got no more repeats- Is the answer to put in the test that you have suggested
Klemen ?

Stuart Cato

Post by **Klemen** » Mon Apr 24, 2006 9:31 am

Well, give it a try. I know I haven't received a single anthony@gmail spam since I installed the test version. Not sure about the others.

You should also check the e-mail address ban function.

Stuart Cato · Post by **Stuart Cato** » Mon Apr 24, 2006 4:15 pm

Thanks Klemen. have put in the modified gbook.php - Should this not work how do I ban a specific email address ? Can't see the function

Stuart

Post by **Klemen** » Mon Apr 24, 2006 7:11 pm

viewtopic.php?t=751

Post by **Klemen** » Thu Apr 27, 2006 3:45 pm

Feedback please? Anyone using this test version? What happened to the number of SPAM you get (more/less/the same)?

Stuart Cato · Post by **Stuart Cato** » Thu Apr 27, 2006 4:04 pm

Haven't received a single one since installing the trial !! Great !!

Stuart Cato

Henrie · Post by **Henrie** » Thu Apr 27, 2006 9:59 pm

Hello Klemen,

I am not using the test version, as a matter of fact I'm using version 1.34. The only time I have received spam was by antony@gmail.com on April 11. I haven't received any spam since. Maybe the Gbook is not online long enough (since Febr. 04, 2006) to be noticed by spammers.

Greetings,
Henrie

Junefly · Post by **Junefly** » Fri Apr 28, 2006 8:40 pm

Klemen Stirn wrote:Feedback please? Anyone using this test version? What happened to the number of SPAM you get (more/less/the same)?

No spam at all since install of test version.. Lots of log hits where they have tried, but nothing made it through.

PHPJunkyard support forum

Problems with SPAM? Read this!

Problems with SPAM? Read this!

gbook spam

Spam

Test