Clear out the membership database

[Guest]

Just a suggestion, but the forum mods might want to look at the forum membership database. There are literally HUNDREDS of usernames that were probably caused by robots and that show NO posts. It could do nothing but help to clean it out...

[bitplane]

yeah, pagerank spam sucks. unfortunatley we humble mods cant delete users (or i'd have scripted it already!). we really need someone with sql access to do a 'delete * from users where postcount = 0 and website != empty and joindate < several_weeks_ago' or something similar

[MikeR]

Actually it takes an admin to delete users.
In the admins control panel under users.
It's a tedious process as each user is deleted one at a time. (I know, I just did this at my forum)

[bitplane]

one at a time? tsk tsk. if something has to be done more than 3 times, you should *always* script it!
/me slaps MikeR with wget.exe and cmd.exe
/me slaps MikeR with Python urrlib

[afecelis]

hehehe, sad but true! MikeR is right. I sent Niko a mail about it and how it has to be done in the Phpbb admin panel... it sux! one by one! and we gotta delete like 2000 users! So I guess we'll have to try and script something out.

that's our next goal, clean the user database up. The question in the end is; how are these bots registering?

ps. With 2 new mod helping hands we'll try to figure a solution out!

[MikeR]

Someone with php experience can make a mod to prune the users list but number of posts. I know almost nothing of php, but it's a mod that needs to be done.

The question in the end is; how are these bots registering?

Simple...guest
They can register themselves at anytime. Most use scripts to search out the web and register at all phpbb forums they find.
I'm lucky, I only had 10 on my forum.

[bitplane]

first up, i think the text at the bottom of the page "Powered by phpBB © 2001 phpBB Group" and the url with "phpBB2" in it make it a target.
changing the url (potential forum breaker?) and maybe splitting up the phpbb ad will stop them finding the place.

as per http://www.webmasterworld.com/forum103/274.htm , image verification on signups would stop the signup scripts from working, so I reckon they'd just go elsewhere. also from what I've seen, spammers are lazy stupid script kids and I'm willing to bet they don't write their own sign-up scripts. if this is the case, i'd also bet that renaming profile.php would be enough to stop 99% of them (potential forum breaker?)

also, on the subject of pagerank spam, i recently posted this to google groups
http://groups.google.com/group/google.p ... f9ad8e96f7
I didn't realise someone had replied-

The major search engines advise webmasters to use the tag:
<meta name="robots" content="nofollow">
to tell the search engines not to follow links on the page where this
tag resides. More recently, Google, Yahoo!, and MSN have agreed to use
the attribute:
rel="nofollow"
in the <a>nchor tag to indicate that individual links are not to be
followed or used for ranking purposes. Good luck!

so at least we can stop them from getting the benefits!

[Conquistador]

In one of the newer releases of phpBB2, there's a validation feature that can help stop the spam accounts. They show you an image with letters, and you have to put them in correctly before they let you register. phpBBhacks.com has a lot more security mods that can help with this too.

[MikeR]

The problem with this forum is that Niko doesn't own it. Sourceforge does. Sourceforge needs to upgrade desperately.
There is a mod on the phpbb forum that I use on my forum that adds the random letters/numbers that must be copied, but that only works with guest access off.
The only real way to handle the bots here would be to just stay on top of them and delete them as they come along.

[Joe_Oliveri]

Which us Mods are trying our best to do, But just because Niko is using sourceforge I don't see why he can't upgrade the forum. I mean he must have some kind of ftp access.