Fighting BOTs and spammers
Wednesday, April 30 2014 @ 10:50 AM CDT
Contributed by: Mark
Over the past couple of weeks, we've all seen the BOT traffic increase on our websites. Many of us saw a large number of BOTs registering on our sites. It became clear that the standard CAPTCHA implementation we used simply didn't provide the protection we need. We can't be sure, but it seems obvious that the CAPTCHA was broken where an automated system could read and properly responds to the CAPTCHA challenge. We released glFusion v1.3.2 this past weekend to improve the CAPTCHA offerings and to fix a few minor bugs.
We updated the CAPTCHA plugin to use the latest reCAPTCHA features, an excellent CAPTCHA implementation provided by Google. We also added support for Picatcha, an image based CAPTCHA implementation where the user must select the proper pictures based on the instructions provided. For example, select all images of CD-ROMs.
Before using either of these CAPTCHA options, you must first register on their respective sites and obtain a public / private key pair. Once you've received your keys, they can be entered into the CAPTCHA online configuration.
You can always use the built in CAPTCHA images that come with the plugin, they are actually enabled out of the box. But, be warned, it appears the BOTs and spammers have figured out how to read these images so their effectiveness is not that great.
The updates to the CAPTCHA program, specifically the update to reCAPTCHA and integration of Picatca, have shown to both be effective in stopping, or at least, significantly slowing down the BOT registrations and attempted SPAM posts. But, there are also other tools in our arsenal to fight against these BOTs.
Stop Forum Spam
Stop Forum Spam (SFS) provides a list of spammers that persist in abusing forums and blogs with their scams, ripoffs, exploits and other annoyances*. They provide these lists so that you don't have to endure the never ending job of having to moderate, filter and delete their rubbish. glFusion has integrated SFS to the new user registration, comment posts, and forum posts. Before a new user is allowed to register, or a comment is saved, or a forum post is saved, the user's IP address, email, and username are checked against the SFS database. If it is found, the action is denied. SFS blocks a large percentage of the SPAM / BOT attempts, but it doesn't catch everything.
New IPs, emails, and usernames are being used all the time by the BOTS / spammers, so it may take a little time before they appear in the SFS database. Because there can be a delay from the time a BOT or spammer starts their activity using a set of emails or IP addresses, we've implemented a feature in glFusion that allows you to check your existing users against the SFS database. It is a good idea to check your new registrations on your site weekly to see if they have shown up in the SFS database.
Stop Forum Spam is enabled and working right out of the box, no additional setup or configuration is required.
Bad Behavior2 Plugin / http:BL
The HTTP Blacklist, or "http:BL", is a system that allows website administrators to take advantage of the data generated by Project Honey Pot in order to keep suspicious and malicious web robots off their sites. Project Honey Pot tracks harvesters, comment spammers, and other suspicious visitors to websites. Http:BL makes this data available to any member of Project Honey Pot in an easy and efficient way.
Http:BL provides data back about the IP addresses of visitors to your website. Data is exchanged over the DNS system. You may query your local DNS server and receive a response back that indicates the type of visitor to your site, how threatening that visitor is, and how long it has been since the visitor has last been seen within the Project Honey Pot trap network.
Http:BL is part of the Bad Behavior2 plugin. Http:BL is not enabled by default on a glFusion install. You must first register with Project Honey Pot and request an access key. Once you have your access key, you will need to edit the bad-behaviour-glfusion.php configuration file in the public_html/bad_behavior2/ directory of your site and put the key in the httpbl_key field. Once the key has been added, the Bad Behaviour Plugin will begin checking every site request against the HTTP Black list and deny access to anyone listed. This feature can also eliminate a significant amount of BOT / spam traffic on your site.
glFusion provides several tools to help combat BOTs and spammers. The multiple layers of defence help build a strong barrier to stop, or at least, significantly reduce the amount of BOT and spam traffic. I recommend that you use all of the tools available in the glFusion arsenal to combat the BOTs and spammers. If you need any help in setting things up, post in the Support Forums, there is always someone around willing to help.