General Support
2 edb Feb 18, 2005 04:23
1 yabba Feb 17, 2005 14:04
3 yabba Feb 18, 2005 14:39
Hi EdB,
Ok, this isn't a replacement for the antispam it's kind of an enhancement, it's meant to stop the tossers who spam your refer list & comments before you can get to the red button.
It works on the principle that, if a url has appeared more than n times, then the chances are this is a spammer we haven't caught yet, so it blocks all further attempts.
If you have it in auto mode, it also cleans up the hit list & comments & potential table (similar to the way that adding them to your blacklist does) and adds them to your local blacklist without you having to do anything else.
At the moment it doesn't report the abuse when you ban them, it just bans them localy (it's only a matter of adding one line of code though).
The main reason is to save b2evo from being flooded by innocent victims if people have it in automatic mode (I have auto mode turned off).
As the code comes after the normal blacklist checking it shouldn't interfere with the normal operation at all.
I would strongly advise that anyone who trys it out :-
a) BACK UP YOUR DATABASE
b) DONT run it in auto mode until you've been using it a while and have added all the safe url's to your authorised list, otherwise you'll find chunks of comments going missing...... This is such a strong possibility that I'm thinking of amending the admin page to list all the url's that it considers a potential spammer, and ones that it will blacklist with your current threshold setting.
If you'd like to have a play with it, then I'd be happy to give you access to a fresh install and access to the database so you can play with your own sites data with no risk, just let me know.
?
4 edb Feb 18, 2005 15:32
Thanks. I was just curious because you didn't mention how it interacts with the current system, so I wondered '...how deep does this go...'. It looks like a super-cool hack and, now that I know it does not shut down or exclude the current group-grope system, I'll probably be adding it to my blog blog after this weekend.
Personally I'll probably go with non-auto because if you get into a conversation in comments with someone they hit you quite a bit over a short period of time. You're right about not overloading b2evo central with automatically banned keywords, but I think adding reporting if ASPM_DELUXE is not in auto mode is a good idea. "The human made the decision, so let the code do all appropriate follow up work" seems right to me.
I still get a kick out of being the first one to turn in a spammer ;)
5 yabba Feb 18, 2005 16:51
Hi EdB,
Gotta agree with you about the pleasure using the big red button gives you :D
To get the code to report to b2evo central in manual mode you just need to add the following line to admin\spamdeluxe.php (I've added the line in the original post).
if ($banned) {
$theResults=$DB->get_results('select distinct theUrl from T_potential where '.substr($banned,4),'ARRAY_A');
foreach ($theResults as $aPain){
nuke_em($aPain['theUrl']);
b2evonet_report_abuse($aPain['theUrl']);
}
I will reiterate my warning to anyone who tries this BACKUP YOUR DATABASE, this system is vicious and will happily kill friends as well as enemys.
Personally I'll probably go with non-auto because if you get into a conversation in comments with someone they hit you quite a bit over a short period of time.
You're spot on there, it may even be a good idea to change "auto mode" to "email notification". ie/ you get an email warning you of a potential spammer, and you have to ban them manuaully instead. The url would still be barred from any further action, but if it's a friend their previous comments etc will still be alive.
?
6 pixel78 Mar 03, 2005 18:03
I've just installed Antispam Deluxe ( someone spam my comment
during the night every day ) but something strange happened .
After installation Antispam Deluxe it's ok but when I ' ve tried
to post a new messagge on my blog contain a link return a message
that advice me the URL ( I've tried with many different URL )
can't be accetted ... so I must write it without HTML TAG
( escuse me for bad english , I' m italian )
Ex . I want to write <a href="http://www.pippo.com">Pippo</a>
, return message that this URL is inacceptable , so I've to write
http://www.pippo.it without HTML formatting
Sorry for english I only want to know If it's possibile to dipend
from something I've changed installing ANtispam Deluxe ...
Thanks a lot and compliments for the hacks :D
Barbara
7 yabba Mar 03, 2005 18:26
Hi Barbara,
This hack shouldn't stop you using links the way you do, just to check I tried posting <a href="http://www.pippo.com">Pippo</a> on my test blog with no problems.
The only reasons I can think of for it stopping you is if you have your threshold set to a very low number (ie 1) or if you have the same url in your previous comments/referrers/posts as this is what it checks against.
If you click on the anti-spam deluxe tab in your admin area you should see http://www.pippo.com (and all the other urls that you've tried) on the potential list. If you tick auth and then click update records it should move the url to the authorised list and allow you to post as normal.
If that doesn't cure your problem, let me know.
?
8 pixel78 Mar 04, 2005 11:30
Thanks a lot ????? :D
I'll try it in the week end ...
Barbara
9 hhollick Jul 10, 2005 10:05
I have installed Anti-Spam deluxe on my [url=http://www.hhollick.com/blog]blog[/url] and it certainly stops all unwanted referrers.
In fact it stops ALL referrers, legitimate or otherwise. I do not even have it "enabled" (no check in the "enabled" box) and I have received no further referrals in the last week.
Before Anti-Spam Deluxe, I would get a few legitimate referrals a day from the posts and links I have around the internet. Now these are gone.
Does this sound right? Is that how Deluxe is supposed to work?
Many thanks,
Heather
10 yabba Jul 11, 2005 08:10
Hi Heather,
I'm not sure what's causing your problem, if you don't have this hack enabled then it has no affect on your blog.
¥
11 troyp Aug 10, 2005 00:34
I installed Deluxe Antispam, then I tried to post to my [url=http://blog.pesola.us]blog[/url]. I included four links. When I tried to preview I was told an invalid URL was included.
I found that one link [url=http://www.mobiuslife.com]mobiuslife.com[/url] was not showing up in the 'potential' list. The others showed up and I was able to add them.
Is this the expected behavior? I tried to disable 'deluxe antispam' and submit the post and experienced the same behavior.
Any suggestions?
Thanks,
Troy
12 yabba Aug 10, 2005 09:18
Hi Troyp,
I just tried posting the same link on my own blog, and found out that it's caused by life.com being in the central blacklist @ record 2239
If you remove it from the blacklist you'll be able to post the link and it will show up on the potential list.
¥
13 diablo2k Sep 29, 2005 06:18
I dont really know what you all are talking about when you mention Spam, I know that it isn't the normal E-mail spam I get all the time. I am new to this and would like to run a safe site. But in your instructions on how to do this hack your talking about stuff I have no idea how to do, I dont know hot to creat a table or do stuff like that. I am really trying to learn this stuff as quick as I can.
14 yabba Sep 29, 2005 20:49
Hi Diablo,
The spam this fights is called "referer spam" or "comment spam", it's kind of similar to email spam in the fact that it's some tosser trying to promote a site that just trys to sell you cheap rolexes or printer inks etc.
To creat tables you need to have access to phpmyadmin or some similar databse interface or you need to write a page that does it for you.
However, this hack was written for version ....urm, well an older one than the latest one, and I haven't actually tried it on a later install to see if it works (I still run the ancient version). So, if you do try to install it backup your database and all the files involved first as I can't guarantee it'll work.
But what the hell, all of life's just russian roulette right?;)
¥
15 momokuri Dec 03, 2005 10:00
Hi,
I'm happy to use spamDeluxe with 0.9.1 "Dawn". Because your code is against older version, so I need some modifications to port.
In 0.9.1, every urls, emails and comments is checked with antispam_check() function. So antispam_deluxe() need to recognize these.
http://blogs.da-cha.jp/media/antispamdeluxe.diff.gz is a patch for 0.9.1.
The points of modification are in _function_antispam.php:spamDeluxe().
if (! preg_match_all('|https?://[a-zA-Z0-9@:%_~#?&=.,/;-]+|', $theSuspect, $matches))
return false;
foreach ($matches[0] as $url) {
.....
This extract URLs from comment and check every URLs.
Thanks.
Hiroshi
16 yabba Dec 03, 2005 10:39
Hi momokuri,
Nice, I still haven't installed Dawn, thanks for converting it :)
¥
17 tom_arush Mar 06, 2006 23:06
Can someone explain how to use this "patch" file?
I have 0.9.1 and badly need this (I'm already using a rotation htsrv directory name, DNSBL's, .htaccess traps for the comment post having to have the correct referrer etc) and they're still getting through... :-(
I've tried doing it by hand, but it doesn't seem to be working...
When a comment post includes a URL, I get this error -
Fatal error: Call to a member function on a non-object in /home/tvotwd2/public_html/blog/htsrv.BYr1ES/comment_post.php on line 82
However I've not edited comment_post.php!
Any help gratefully recieved!
18 yabba Mar 11, 2006 10:11
I'm afraid I still haven't installed 9.1 so I really can't help you much with this.
The patch file shows you all the lines that you need to add/remove/amend to convert it to 9.1.
¥
19 tom_arush Mar 11, 2006 19:56
As I said, I tried doing the patch manaully, but couldn't get it working - so I've backed it out for now.
I didn't read the whole code so forgive me if it should be obvious, but how does this relate to the current "antispam central" thing? When you ban a suspect are they still reported to central? Also what about when you get the update from central?