10 tips on fighting forum spam
Okay, reading through this board, it’s obvious that spam has become a really serious spam for a lot of admins.
If you’re a phpbb owner you’ll see far more of it. It’s a walking security vulnerbaility. Not only is phpbb commonly targeted by kiddie hackers, there are a huge number of bots and even worms on the net whose sole remit is to spam phpbb forums.
SMF and vbulletin are less targeted, but do see issues if you don’t take basic precautions.
Here are some generic tips on stopping forum spam:
1. Use human validation
Default capchas have long since been cracked, so look out for mods that will set up random or customised questions.
2. Email verification
Ensure members must activate an email before they can post anything. That includes a profile link. A lot of spambots use random addresses.
3. Prevent new users posting links
Look for mods or apply usergroup permissions to prevent a new member posting a link until they have x posts and been a member y days.
4. Limit post edit time
Some crafty human spammers will edit old posts and either post blatant advertising links, or else hide them in punctuation and invisible images.
5. Limit signature links
Some people think cheap links by volume are good, and signature links are one way to get them. Ensure you dissuade them from spamming your forums with one-liners for signature links by applying restrictions.
6. Use conditionals
Memberlist spamming is a very old game – member registration for profile page link benefits. Either remove the link from the profile, or use conditionals so that any attempts will be worthless.
7. Block common sources
If you notice the same email domains or IP’s being used in spamming attempts, block them either in your admin panel, or using .htaccess
8. Censor common offenders
Sometimes you’ll get multiple spammers promoting the same service or website. Simply add it to your censored words list, and watch those spam viral marketing campaigns wither.
9. Have a moderator team
Nothing beats lots of different human eyes watching out for your forums. Moderators in different timezones who are frequently active in your community are ideal.
10. Remain vigilant
Keeping aware is as important as anything else. Many admins still don’t know what memberlist spamming is, even though I raised the issue years ago. Also, as forums evolve, so do the spamming methods. So kee a general eye on what’s happening, not just to your own forum(s) but also to other people’s forums.
Here’s a few resources for more information:
1. How to fight forum spamming – a detailed view of the above, but especially focused on vbulletin admins.
2. 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog – sure, it’s focused on blogs, but there are some great tips for forum owners in general if you don’t mind getting your hands dirty with .htaccess
3. IncrediBILLs Random Rants – general reports on bot scrapers and spam nets in general, and IP ranges to block
4. SpamHuntress – General anti-spam crusader, with blog, forum, and general spam issues coverage.
Hope that helps fight the spam – enjoy!