XMB Forum Software

Stop Forum Spam integration

John Brown - 8-31-2012 at 01:46 PM

Stop Forum Spam uses community generated info to track known forum spammers. This info is availabe via API call.

Basically, I was wondering if anyone knows if Stop Forum Spam integration is being considered?

There are modules for other forum platforms that query this API during registration and deny registration if any or some of the information matches the registrant (functionality differs between the modules)

I am using ZB Block now, but it doesn't query the SFS API more often than every 24h, so some known spammers are able to register.

Just wondering :)

Code:
ZB Block: http://spambotsecurity.com/ SFS: http://www.stopforumspam.com

lottos - 9-7-2012 at 11:07 AM

Requirement: SimpleXML libraries have been loaded into php... ask your webhost if unsure

In member.php look for

$password = md5($password);


and insert the code below [updated 1st January 2020]

Code:
/* start of Stop Forum Spam code for xmb forum updates will be on this topic: https://forums.xmbforum2.com/viewthread.php?tid=776782 based on code examples: https://www.stopforumspam.com/forum/viewtopic.php?id=1973 if email address OR ip exist on stopforumspam website, user registration stops, option to reject on username too */ $spammer = ''; function objectsIntoArray($arrObjData, $arrSkipIndices = array()) { $arrData = array(); // if input is object, convert into array if (is_object($arrObjData)) { $arrObjData = get_object_vars($arrObjData); } if (is_array($arrObjData)) { foreach ($arrObjData as $index => $value) { if (is_object($value) || is_array($value)) { $value = objectsIntoArray($value, $arrSkipIndices); } if (in_array($index, $arrSkipIndices)) { continue; } $arrData[$index] = $value; } } return $arrData; } $xmlUrl = "http://api.stopforumspam.org/api?username=$username&ip=$onlineip&email=$email&f=xmldom"; $xmlStr = file_get_contents($xmlUrl); $xmlObj = simplexml_load_string($xmlStr); $arrXml = objectsIntoArray($xmlObj); $checkemail = $arrXml[email][appears]; $checkip = $arrXml[ip][appears]; // you can reject on username too, to do so // uncomment the two lines below, comment out the third line below // $checkuser = $arrXml[username][appears]; // if ($checkemail > 0 || $checkip > 0 || $checkuser > 0) { if ($checkemail > 0 || $checkip > 0) { // change email address below [recommended to see how often spam registrations are attempted] // or comment out two lines below if you don't want notifications $spammer = 'ip address: '.$onlineip.', email address: '.$email.' with attempted username registration of: '.$username; mail("stopforumspam@mailinator.com","New Spammer Registration Attempt: ", $spammer); // choose Location redirection or msg to spammer by uncommenting one of the 2 lines below // header('Location: https://www.xmbforum2.com/'); // web address redirection error('Spammer go away'); // msg to spammer [recommended] //exit; } // end of inserted StopForumSpam code

solbu - 2-26-2013 at 04:47 AM

Quote: Originally posted by lottos  
Assuming SimpleXML libraries have been loaded into php...
How do we tell, and what do we do on a Debian server to enable it?

Google is of No help.:(
I can't find a single example anywhere on how to enable it.

lottos - 2-26-2013 at 12:48 PM

1. Create a new file called phpinfo.php with the following in it:

<?php
// Show all php information
phpinfo();
?>


2. upload to your server
3. run it from a browser
4. from the php info shown on screen, search for 'SimpleXML' and if it exists, look for 'Schema support' - enabled.
5. if step 4 has schema support for simplexml enabled, it's loaded. if not, get your webhost to install.

solbu - 2-26-2013 at 05:11 PM

Quote: Originally posted by lottos  

if not, get your webhost to install.
You misunderstand - I am the webhost. That's why I ask.

I implemented the steps in the post from september 7, and I get a blank page when opening the register page. So I need to know what I must install and what I need to insert in the apache config.

I've been googleing for hours, and I cannot find any example or documentation anywhere on how to activate this in a Debian server, using a Debian package manager to install needed packages and what I need to edit/insert.

solbu - 2-26-2013 at 05:15 PM

Quote: Originally posted by lottos  

4. from the php info shown on screen, search for 'SimpleXML' and if it exists, look for 'Schema support' - enabled.
Just tested, and it is enabled.
Now what.

solbu - 2-26-2013 at 05:19 PM

Quote: Originally posted by solbu  
I implemented the steps in the post from september 7, and I get a blank page when opening the register page.
And there is no errors in the logs.

Eminent - 4-22-2013 at 12:45 PM

Works good. But also when new memebers sign up i receive a mail with "New Spammer Registration Attempt".
Not that it's a big problem.
One questions: is it possible to view the ip-address in the email?
Thanks

lottos - 4-22-2013 at 12:55 PM

Could try changing (I haven't tested it)

the line

mail("youremail@youremail.com","New Spammer Registration Attempt",$email);

to

mail("youremail@youremail.com","New Spammer Registration Attempt:", $onlineip $email);


and move that line to just above this line:
error('Go away SPAMMER');

Eminent - 5-25-2013 at 12:43 PM

Well, it work now.
First i get a parse error.
You forgot the character , after "Attempt:" in your sample above.
Second, when i move the line as you mentioned, i didn't receive an email anymore. Only the New Member email.
So i leave the line where it is, and it works good.
Thanks for your help.

solbu - 5-12-2019 at 01:51 AM

Did a new attempt today, as the spam rate was getting to a level I could no longer live with,
and the code worked like a charm.

We have replaced the server since the last attempt, so newer software seems to have helped. :)

lottos - 1-1-2020 at 10:59 PM

code updated

bfgadmin - 5-7-2020 at 10:11 PM

Reposted from another thread

We had the same problem, and I eventually found a workaround. Edit member.php and find this code:

Code:
$email = postedVar('email', 'javascript', TRUE, TRUE, TRUE); if ($SETTINGS['doublee'] == 'off' && false !== strpos($email, "@")) { $email1 = ", email"; $email2 = "OR email='$email'"; } else { $email1 = ''; $email2 = ''; }


add the following code:

Code:
$cSession = curl_init(); curl_setopt($cSession,CURLOPT_URL,"http://api.stopforumspam.org/api?username=".$username."&email=".$email."&f=xmldom"); curl_setopt($cSession,CURLOPT_RETURNTRANSFER,true); curl_setopt($cSession,CURLOPT_HEADER, false); $result=curl_exec($cSession); curl_close($cSession); $confidencecheck = explode("<confidence>",$result); $confidencefinal = explode("</confidence>",$confidencecheck[1]); $cutoff = 80; //change this to any value you want but higher means fewer false positives $confidence = $confidencefinal[0]; if($confidence == "") $confidence = '0'; if($confidence > $cutoff) { setcookie("spammer", "true"); header("Location: http://some-annoying-site.com"); exit; //echo "would not proceed with reg"; }elseif($confidence == "" || $confidence == NULL){ //echo "would proceed with reg due to fail-safe reg"; //left this here for future expansion such as further scrutiny required for unknown reg }else{ //echo "would proceed with reg pass check"; //left this here for future expansion }


Next, edit header.php and place this code pretty much anywhere. Since the account was rejected, there is no user to ban but we can still use that cookie we set in their browser to redirect them away again.

Code:
$isspammer = $_COOKIE['spammer']; if(isset($_COOKIE['spammer']) && $isspammer == "true"){ header("Location: http://another-redirect-to-an-annoying-place.com/"); }


There's another part to this that uses behavior analysis but I'd rather not post it since spammers likely read these.

Don't use IP addresses, these guys use VPNs frequently and it just hurts legitimate users of that service.