Loading ...

[solved] What forum software does PHPSugar use?

Board index / General Chat / General Product Chat

Our humble work and the community behind it.

Postby agustinusBiotamalo on May 26, 2011 5 pm


You have a very nice looking and awesome forum for PhpSugar.
I am very interested at the forum you are using.
Do you mind telling me please Andrew.

Many thanks :)
agustinusBiotamalo
Non-verified
Non-verified
 
Posts: 92
Joined: Apr 19, 2011 9 am
Reputation points: 0

Postby muzikia on May 26, 2011 6 pm


Hi,
This is phpBB.
http://www.phpbb.com/
http://www.ModMyScript.com - PHPMelody plugins and mods since 2008
http://www.HostingWays.com - Shared or VPS Hosting
*** PHP Melody user and plugins maker for 9 years and counting.
User avatar
muzikia
Verified Customer
Verified Customer
 
Posts: 4120
Joined: Mar 24, 2008 6 am
Location: ModMyScript.com - PHPMELODY mods
Reputation points: 167

Postby agustinusBiotamalo on May 26, 2011 6 pm


Ohh really? Is PhP BB Secure cuz I hread it does not. Many PhPBB Forum here in Indonesia where I come from got lots of spam.
agustinusBiotamalo
Non-verified
Non-verified
 
Posts: 92
Joined: Apr 19, 2011 9 am
Reputation points: 0

Postby muzikia on May 26, 2011 6 pm


If you know how to configure it and if you apply the security patches should be ok.
http://www.ModMyScript.com - PHPMelody plugins and mods since 2008
http://www.HostingWays.com - Shared or VPS Hosting
*** PHP Melody user and plugins maker for 9 years and counting.
User avatar
muzikia
Verified Customer
Verified Customer
 
Posts: 4120
Joined: Mar 24, 2008 6 am
Location: ModMyScript.com - PHPMELODY mods
Reputation points: 167

Postby agustinusBiotamalo on May 26, 2011 6 pm


muzikia wrote:If you know how to configure it and if you apply the security patches should be ok.


Cool i think im gonna buy your PHPBB Forum bridge between PHPMelody.

God Bless You man!
agustinusBiotamalo
Non-verified
Non-verified
 
Posts: 92
Joined: Apr 19, 2011 9 am
Reputation points: 0

Postby dhunt on Aug 01, 2011 10 pm


agustinusBiotamalo wrote:Ohh really? Is PhP BB Secure cuz I hread it does not. Many PhPBB Forum here in Indonesia where I come from got lots of spam.


Since it appears no one will answer your question, let me.

There is a setting in PHPbb that deals with captca. It's where you have to type in a series of letters or a phrase in order to register. That pretty well keeps the auto bots out since they really can't read the screen. It won't stop a spammer from registering but more spams are of the autobot kind.

The rest of stopping a spammer is just keep on your toes. That's the bad news.

The good news is, there isn't really any money in a spammer going from board to board and manually logging in. They deal in millions and have special software to hit a whole bunch at the same time.

Just use the capchca feature and you should be alright.
User avatar
dhunt
Verified Customer
Verified Customer
 
Posts: 1110
Joined: Jun 02, 2011 9 am
Reputation points: -85

Postby agustinusBiotamalo on Aug 07, 2011 9 am


dhunt wrote:
agustinusBiotamalo wrote:Ohh really? Is PhP BB Secure cuz I hread it does not. Many PhPBB Forum here in Indonesia where I come from got lots of spam.


Since it appears no one will answer your question, let me.

There is a setting in PHPbb that deals with captca. It's where you have to type in a series of letters or a phrase in order to register. That pretty well keeps the auto bots out since they really can't read the screen. It won't stop a spammer from registering but more spams are of the autobot kind.

The rest of stopping a spammer is just keep on your toes. That's the bad news.

The good news is, there isn't really any money in a spammer going from board to board and manually logging in. They deal in millions and have special software to hit a whole bunch at the same time.

Just use the capchca feature and you should be alright.


Thanks man for the response. You make me want to add PHPBB onto my website and buy a bridge plugin.
Anyhow, the PHPBB forum here in my country is full of spam from India. hahahahaha many of it are porn website. How sad hahahaha
agustinusBiotamalo
Non-verified
Non-verified
 
Posts: 92
Joined: Apr 19, 2011 9 am
Reputation points: 0

Postby muzikia on Aug 07, 2011 9 am


As for me I like more MyBB as it has a pluginable arhitecture and adding a plugin is just copying it to a mybb folder and activate it from the admin area.
http://www.ModMyScript.com - PHPMelody plugins and mods since 2008
http://www.HostingWays.com - Shared or VPS Hosting
*** PHP Melody user and plugins maker for 9 years and counting.
User avatar
muzikia
Verified Customer
Verified Customer
 
Posts: 4120
Joined: Mar 24, 2008 6 am
Location: ModMyScript.com - PHPMELODY mods
Reputation points: 167

Postby dhunt on Aug 07, 2011 12 pm


I would wait on the mods for linking. So far, it's not been as successful as one would like. Wait until V 1.7 comes out and let's see what is in that puppy.
User avatar
dhunt
Verified Customer
Verified Customer
 
Posts: 1110
Joined: Jun 02, 2011 9 am
Reputation points: -85

Postby Xarex on Aug 07, 2011 5 pm


I set up a forum for my site, but not too many people were using it. I was using the reCaptcha system and spammers were still getting through. So it's no longer visible. I just don't have the time to worry about checking up on the forum threads and opening it up to.. "Viagra Lose Weight FAT LOSS" These types of things were being posted on my forum but with links were blocked (I think I had it so you had to have at least 3-5 posts before you could post links. But I'd just get those posts of random words.

I'm sure there are extra security measures that can be taken.. but its either bots or spammer humans.. something is bypassing the reCaptcha.
"He who sacrifices freedom for security deserves neither." - Ben Franklin
http://www.youtrippy.com
Xarex
Verified Customer
Verified Customer
 
Posts: 319
Joined: Jun 13, 2011 10 pm
Reputation points: 246

Postby muzikia on Aug 07, 2011 6 pm


I'm sure there are extra security measures that can be taken.. but its either bots or spammer humans.. something is bypassing the reCaptcha.

Of course, reCaptcha isnt everything. There are forums that ask for reCaptcha after x failed logins. The spammers can register as anybody else and afterwords begin to spam via some PC bots.

Moreover, there are bots that can "read" the captcha. Thats why many forum webmaster recommend to modify a little bit the "stock" captcha script by adding another field: there is good chance the bot cannot go further as they simply won't recognize the Captcha ...
Also many reported that a fast and simple solution is: during the login/registration implement a hidden field called "your website" or "your name". The boot will scan it and for sure will fill it.
If your login/registration procedures detects that the hidden field is filled in, then the login/registration will be rejected.

To fight against is not so easy: IP logging, user behavior analysis, Spam word catcher, posts via POST, HTTP refferer checking and many others.
In the same time, if the security forum updates are not applied the spammers can even get inside by manipulating the url ... which is really bad.


Some "features" of a forum bot:

Code: Select all
· Multithreaded submitting: over 50 simultaneously running threads possible! (30 threads are recommended for optimal performance under 128 Kbps bandwidth)
· Software can perform registration at forums (if necessary for posting messages) and automatically fill in the required fields. Upon successful registration XRumer posts the user-specified message and/or links.
· The powerful built-in proxy-server checking script locates available proxy-servers worldwide, choosing anonymous addresses among them.
· Software is able to work with lots of different types of forums and guestbooks: phpBB and PHP-Nuke with any modifications, yaBB, VBulletin, Invision Power Board, IconBoard, UltimateBB, exBB, phorum.org, wiki, different types of bulletin boards and even custom-written code.
· Software works around EVERY possible type of protection from automatic registration, including: Pictocode protection (tickets, captcha), which look something like: "Enter the number you see in the box".
· E-mail activation protection.
· Java-script protection.
· During the process of posting a detailed log is created with precise path-links to posted messages so that you can check every link and every posted message afterwards.
· A built-in proprietary "Question-answer" system.
http://www.ModMyScript.com - PHPMelody plugins and mods since 2008
http://www.HostingWays.com - Shared or VPS Hosting
*** PHP Melody user and plugins maker for 9 years and counting.
User avatar
muzikia
Verified Customer
Verified Customer
 
Posts: 4120
Joined: Mar 24, 2008 6 am
Location: ModMyScript.com - PHPMELODY mods
Reputation points: 167

Postby dhunt on Aug 08, 2011 1 am


PHP is one of the weakest links in system. A few years ago, I had a bot get through the firewalls and change the pages on the server. The cause? PHPbb and PHP. This prompted changes in PHPbb and PHP itself to plug that hole. It just wasn't on my machine, it was Internet Wide. Made quite a mess of things. Thank you BACKUPS.

No system is bug proof. It's a game that is played on both sides. But, like Viruses, we are always playing one run behind. But keep your stuff as current as you can and you should be alright.

On PHP, you may not be able to do much about keeping that current. But use V5 instead of V4. V3 is what got us all into trouble about 10 years ago. V4 sealed that hole. But as time goes by, the bad boys will be finding holes in that. By using V5 ( I have the option of V4 or V5) always use V5.

As for PHPbb, always run the latest and greatest. I know it's a pain but the last thing you need is to see all your pages display a Skull and state that you been hacked.
User avatar
dhunt
Verified Customer
Verified Customer
 
Posts: 1110
Joined: Jun 02, 2011 9 am
Reputation points: -85

Postby agustinusBiotamalo on Aug 09, 2011 4 pm


modify a little bit the "stock" captcha script by adding another field

I dont understand.
Isn;t the captcha a computer generated sequence of numbers and alphabets?
I thought it wasn't a words set by the admin...

this is really interesting
agustinusBiotamalo
Non-verified
Non-verified
 
Posts: 92
Joined: Apr 19, 2011 9 am
Reputation points: 0

Postby muzikia on Aug 09, 2011 5 pm


A captcha is a script which transform a random generated sequence into images which only the human would be able to see it.
unfortunately, the bots are smart enough to "Read" the random generated sequences and "guess" what to "type" in the special control box.

As on the market are some good Captcha everybody uses, a bot can be programmed against it.
Therefore, by modifying the retail captcha script would help a lot .. together with methods described above.
http://www.ModMyScript.com - PHPMelody plugins and mods since 2008
http://www.HostingWays.com - Shared or VPS Hosting
*** PHP Melody user and plugins maker for 9 years and counting.
User avatar
muzikia
Verified Customer
Verified Customer
 
Posts: 4120
Joined: Mar 24, 2008 6 am
Location: ModMyScript.com - PHPMELODY mods
Reputation points: 167

Postby dhunt on Aug 09, 2011 7 pm


agustinusBiotamalo wrote:
modify a little bit the "stock" captcha script by adding another field

I dont understand.
Isn;t the captcha a computer generated sequence of numbers and alphabets?
I thought it wasn't a words set by the admin...

this is really interesting



You are correct. By varying the captcha log numbers inside your system, you vary the output that us humans see. The more difficult it is the harder it is for a bot to translate.

But most are defeated by human operators of the system itself. Using the stock sequence that comes with PHPbb is one way to allow a bot to get in. Change it. You can change it anytime and if you are worried that a bot might get through, change it again. But get away from the stock sequence that is provided in the BB installation.

We can make it difficult or easy, it's a human choice.
User avatar
dhunt
Verified Customer
Verified Customer
 
Posts: 1110
Joined: Jun 02, 2011 9 am
Reputation points: -85


Who is online

Users browsing this forum: No registered users and 1 guest

cron