Modifications for Stopping phpBB Forum Spambots
phpBB is one of the most popular software products for running online forums. As spammers found forums as a fantastic breeding ground for sending their commercial messages, phpBB admins have a lot of troubles to keep the integrity of their forums. I have been administering a couple of phpBB boards and this is the list of top anti-spambot mods.
I am listing the modifications in an alphabetical order, but I will especially note the ones that offer some value added functionality, as well as those I have more experience with. Because of obvious reasons related to the mods getting updated, I will not link directly to the files, but will use the official pages instead.
Block Open Proxy Registrants
Its main function is to blocks those attempting to register from open proxies. The mod was updated in December of 2005 but some people still use it. Personally I wouldn’t use this kind of solution, as relying on predefined lists of proxy addresses is not my game.
Configure Member Profile Required Fields
This mod allow admin to configure which information in member profile is required inside admin control panel. The required field will need to be filled in during registration and upon profile update.
I used this MOD and it worked as a charm, but I should note that the configuration steps could be a bit complicated for an average user. As you are playing with fields, some interaction with the database will be needed.
This mod uses cryptographic signing techniques to ensure that any comment submissions have occurred from an appropriate comment form (which should stop simple random submission bots), that the form was actually generated for the user who is submitting (stopping clusters of page-scraping spiders), and that at least 5 seconds have passed between the form generation and the submission (stopping bots which fully scrape the page and then immediately submit).
If one of these conditions is not met, the submit operation is turned into a preview, giving human posters another chance to submit.
Textual Confirmation (TC) asks newly registering user a question. If the answer is wrong, TC rejects the registration. Also, TC notifies the forum admin and the community spam database. The administrator can edit the questions and answers in the Administration Panel.
There are two editions of Textual Confirmation: community and business. In the community edition, each time spam registration is rejected, Textual Confirmation sends a notification to the forum administrator and to the community spam notification database. If you don’t want to send them copies of the notifications, you must buy a business license.
Registration disable website signature
When a user registers to the forum, the signature sections are hidden. If they enter in anything in the hidden fields they are denied from registration and if you turned the IP ban on, their IP Address is automatically banned.
I might say that his kind of an automatic spambot prevention really works flawlessly. With this kind of a mechanism I am getting just 2-3 spambots per week, which is at least 30 times less than the usual rate. Majority of spambots are filling in the URL and signature fields as this is their purpose, but on this way that will get banned.
Stop Spambot Registration
This mod stops spambots that provide Profile Information during registration in spite of a message saying “leave the Profile Information blank”. An e-mail notification will be send every time there was a spambot registration attempt. The e-mail notification can easily be left out if you wish.
This is the actual mod I have been using on 2 of my forums and I can really recommend it. It does the same thing as the previous modification I mentioned, but it gives the admin an opportunity of adding extra text in the registration process to alert its real potential registrants. Besides this, it contains more fields (the whole profile information section) which is much better.