phpBB is one of the most popular software products on the online forum. As people who distribute spam increasingly feel that forums are the perfect soil for them to distribute business information, how to maintain the integrity of their forums has become the most vexing problem for phpBB administrators.
I'll list the responses in alphabetical order below, and highlight those with additional features and the ones I've applied. Because of the update of the scheme, it is obviously unwise to give the link directly, I will replace it with the official page.
to intercept a person registered with a public agent
The main function of this measure is to intercept those who attempt to register from a public proxy server. The last update was in December 2005, but some people are still using it. I'm not going to use it myself, I never relied on those predefined proxy address tables.
set up member information items that must be filled in
This scenario allows administrators to set up personal information entries that registered members must fill in the Admin Control Panel. Users need to fill out these required options when registering, and update their personal information at any time.
I have used this solution and it works fine, but I must point out that the setup steps for this scenario are still more complex for the average user. Some of the techniques needed to interact with the database.
Disable Spambot
The scheme uses cryptographic authentication techniques to ensure that all comments made by users are published in the appropriate format (they should be able to block simple random publishers). When the user wants to publish the article, the system generates a reference format to the user (block a large number of page analysis bots), from the build template to the user to successfully publish the article will take at least 5 seconds (to prevent those who can thoroughly analyze the page and immediately publish the article of the robot).
If any of the above conditions are not met, the publish operation is turned into a preview, and the real user can publish the article again.
Text Validation
The text verification System (TC) asks the newly registered user for a question. If the answer is incorrect, the text validation system rejects the registrant. In addition, TC also notifies the forum administrator and the Community Junk Information database. Administrators can edit the questions and answers that the system asks the user in the Admin Control Panel.
There are two versions of the text Validation System: Community Edition and Enterprise Edition. In the Community edition, TC notifies the forum administrator and the Community junk information Database whenever the system rejects the spam registrant. If you don't want to send them a notice, you'll need to purchase an enterprise version of the license.
Disabling the network signature of a registrant
When a user registers to a forum, the signature file is hidden. Once they fill in the area, their registration is rejected, and if you turn on IP settings, their IP address is automatically blocked.
I have to say that this automatic stop-spambot scheme is really perfect. With such a mechanism, I only encountered 2-3 spambot a week, 30 times times lower than normal frequency. Most of the spambot are in the form of URLs, and the signature file is their habitat, which can be used to seal off the channel.
Block Spambot Registration
The scheme will prevent spambot that still fill in personal information where there is a "stay here blank" hint. Every time a spambot tries to register, the system sends out a mail notification. You can also save your email notice as you wish.
This is the program I have used in my 2 forums and I recommend that you use it. It is the same as the one I mentioned earlier, but an administrator can add additional documentation to remind users who are really going to register during the registration process. In addition, there is a benefit that it contains more information items (the entire personal Information Bar).
=============================================
Original Author: Bob Allen
Original link: http://www.net-security.org/article.php?id=988&p=1