Recent Topics

AntiSpam Not Working

Started by on Aug 14, 2004 – Contents updated: Aug 14, 2004

Aug 14, 2004 21:09    

I'm getting hit by a comment spammer - they are leaving comments with lots of German URLs in them. I'm adding the domain names to the AntiSpam list but when it does its check it isn't picking up the comments. This spammer is merrily adding more as fast as I'm deleting them. Why isn't AntiSpam working?

Aug 16, 2004 19:30

Are the urls actually in your anti spam list? Are you sure you're not just deleteing them?

Aug 16, 2004 20:19

I would advise you to look up the IP addresses of the spammers.
(that is field hit_remote_addr in table evo_hitlog - i have just added displaying of IP address to my blog's admin Stats screen for referrers, searches & direct hits )

Sometimes the spammers are 'morphing' domain names so fast that almost every new referer spam is different. This is a small number of spammers, but for these most efficiently works blocking the IP address from the blog whatsoever ( adding Deny from IP_address to .htaccess ).

Alternatively... if you are a programmer ... you may hack b2evolution to have a blacklist of IP addresses for such cases as well.

AntiSpam Deluxe works well in all other cases but this.

Aug 16, 2004 20:54

How did you add the displaying of ips to your admin stats screen?

Aug 16, 2004 23:10

How did you add the displaying of ips to your admin stats screen?

To the _functions_hitlogs.php add:

/*
 *stats_user_remote_addr(-)
 */
function stats_user_remote_addr()
{
        global $row_stats;
        echo htmlentities( $row_stats['hit_remote_addr'] );
}

Then in b2stats.php add call of this function everywhere where you want to see the IP address. For me it is in the following lines:


<td><?php stats_blog_name() ?></td>
<td>(<?php stats_user_remote_addr() ?>)</td>  (line 265 - for case 'referers')
<td><a href="<?php stats_req_URI() ?>"><?php stats_req_URI() ?></a></td>

<td>(<?php stats_user_remote_addr() ?>)</td>  (line 323 - for case 'refsearches')

<td>(<?php stats_user_remote_addr() ?>)</td>  (line 419- for case 'other')

You may also add this display function in the code where a list of refers is displayed for a reported spam domain (after you hit red sign in referer stats page).

Aug 18, 2004 05:25

Howdy captsolo.

I added the funtion to b2evocore/_functions_hitlogs, then added the appropriate line to the same locations you made line number references to in admin/b2stats. When I visit my back office stats page I see that I have an extra column in the table with () in it (open parentheses, no content or space, close parentheses). I do not get any sort of error - just nothing where something is expected. Through Cpanel and phpmysql I verified that the table is not wierd in any way (since I did modify tables and add another one for this installation), and did a mental double-check of the name of the row (hit_remote_addr). Browsing the table showed me that indeed there is content present that looks suspiciously like an IP address.

I therefore wondered if perhaps there is some other thing required that captsolo overlooked when he shared this hack, which brings me here.

So uh...any ideas?

Aug 18, 2004 08:55

Hi, EdB!

You are correct that a [small] part of the code is missing. Sorry!

Here it is. Change the definition of the function refererList in _functions_hitlogs.php and add a small modification in the code of this function:

function refererList(
        $howMany = 5,
... 
        $get_user_agent = false, // Get the user agent
        $get_remote_addr = true ) // Get remote IP address  -- add this line!
{
...
        if( $get_user_agent )
        {
                $sql .= ", hit_user_agent";
        }
// Add the next 4 lines to the code
        if( $get_remote_addr )
        {
               $sql .= ", hit_remote_addr";
        }
// -- end of the code to add
        $sql_from_where = " FROM $tablehitlog WHERE hit_ignore IN ($type)";
        if( !empty($blog_ID) )
        {
                $sql_from_where .= " AND hit_blog_ID = '$blog_ID'";
        }
        ...
}

Now that shall be it. If you are having problems, let me know.

P.S. What new table(s) did you add to the b2evo installation? To my knowledge, the table evo_hitlog is already there and in order to show referer IP address you do not need to add new tables or fields to the database.

Aug 18, 2004 17:22

Thanks - I will do it up as soon as I've satisfied my need for coffee.

My table mods were to add additional fields to the users table so that I could track performance records by site. My additional table is for the sites those records are experienced at. Thus even though I knew I did not alter the hitlog table it made sense (to me) to verify that it was 'normal'.

I mentioned this in other threads. "Two tables sitting in a bar..." I believe, though the site referenced there is getting very little use. It's mostly me posting to try to tell my club how to post. (I can't understand how people who can fly can't figure out how to login to a blog though I suspect it's more a matter of desire than ability)

'captsolo' with 'iphack' can log in at http://wonderwinds.com/blog (login link below XML links) if you want to see the end result of the table work. Sites tab comes from the sites table, and the records are stored in the additional fields in the users table.

Aug 19, 2004 19:54

It did work then, didn't it?

You may also want to try out [url=http://forums.b2evolution.net/viewtopic.php?t=2110&highlight=]a recent comments hack[/url], if you want to see the posts which were last commented.
It is similar to the "Last comments" list, but it is different. See how it works on my site if you wish.

Regarding the additional tables on your site - i could not see much in the backoffice - for most tabs I get 'permission denied'.
But I see the "Sites" tab which has some custom information, not usually found on the default "Admin" screen of b2evo. :p
Is that it?

Best regards,
[url=http://kaste.lv/~captsolo/info]CaptSolo[/url]

Aug 20, 2004 00:06

Yes - the Sites tab is 'it'. The only reason I even mentioned the integrity of my hitlogs table was because I knew I hacked and added tables, and had no intention of altering the hitlogs table, but when I first was unsuccessful with the show ip hack I thought 'did I inadverently do something to my hitlogs?'

It's like mixing threads though. THIS thread being originally about an anti-spam issue then morphing into a 'show ip' hack, then my little hack job. I'm going to stir it up again... I've been thinking that between http://forums.b2evolution.net/viewtopic.php?t=2121 and your show ip hack I should be able to make a 'do an ip lookup on this here ip' hack 8|

I also see a strong need for your 'last comments' hack on my club blog (even though I've told the club to find a new webmaster - maybe now they'll stop trying to tell me how to build a web). What I'll do is take a look at your web and ask questions on the appropriate thread.

Peace all!

Sep 15, 2004 19:25

Quick note: I added IP adress display to the antispam screen in the "Paris" release.


Form is loading...

CCMS – This forum is powered by b2evolution CMS, a complete engine for your website.