vBulletin Mods

Cool plugin, but there is a pretty serious oversight in this plugin which led to a ton of abuse recently.

The remote cache option states the following: "Duration in minutes that remote queries should be cached to reduce query traffic / lookup duration and load on the remote server"

However the code says this:

$sql = 'DELETE FROM '.TABLE_PREFIX.'glowhostspamomatic_remotecache WHERE `date` < DATE_SUB(NOW(), INTERVAL '.(int)$vbulletin->options['glowhostspamomatic_remote_cache'].' DAY); ';

So we were hit by a botnet (one new registration attempt every four seconds, not even exaggerating) and we were expecting that after an IP was reported, that we wouldn't see that IP registering again after the 30 minute cache timeout. This led to two issues:

1) The cache isn't cleared for the banned user immediately, meaning the bot could immediately reregister without SFS being checked for the new entry.

2) The cache was 30 days old, so the same IP would literally create thousands of accounts before the cache would clear and start reporting the abuse.

This also led to another observation of the code. The order of checks goes username, email, IP. However the order of checks (to take advantage of cache) should go IP, email, username. The code shouldn't even waste time querying for a bad username if it knows the IP is bad, so why put unnecessary strain on the SFS service by querying for username if the IP is bad?

So, as I said, great plugin, but it needs some changes to work properly on a high traffic site effectively.

Edit: I thought I'd mention how I changed the query. This should hopefully increase cache efficiency also:

$sql = 'DELETE FROM '.TABLE_PREFIX.'glowhostspamomatic_remotecache WHERE (`date` < DATE_SUB(NOW(), INTERVAL '.(int)$vbulletin->options['glowhostspamomatic_remote_cache'].' MINUTE) and is_spambot = 0) or (`date` < DATE_SUB(NOW(), INTERVAL '.(int)$vbulletin->options['glowhostspamomatic_remote_cache'].' DAY) and is_spambot = 1); ';

This would delete SFS negatives that are 30 minutes old, while letting SFS positives sit in the database cached for 30 days.

This was working for a couple of months now I see 20-30 spammers get by every morning


1136 Spammers Denied Registration

18 Spammers Permanently Banned

7 Spammers submitted to StopForumSpam

7834 Spammy Posts Automatically Moderated

Your fix took care of the error on line 108 I was getting in 4.2.1 when submitting I knew the product was working, but that error was driving me nuts. Thank you for figuring out the issue and posting the fix. Hopefully the author will incorporate your fix sooner than later.

nice mod - good work

not installed

i am prefer stop forum spam (traffic and load is very low)

You're welcome. :)

Stop Forum Spam is fine, but the ability to purge a spammer account and all traces while reporting the spammer is incredibly valuable to me. Remember, these a$$holes are running their scams and WE foot the bill. They are attempting to manipulate search engines with their garbage, and the more that is removed reduced their effectiveness.

There's a reason I removed the "welcome to our newest member code" from my site. Why would I want to welcome a potential spammer and potentially push up their internet search engine standing? Same thing goes for member listings...none of my forum members are listed until they have three validated posts.

Sorry for the rant, but this is a subject that is near and dear. Either way, if more forum owners were a bit more savvy and took more interest in purging/reporting spammers, we'd all be better off. ANY anti-spam tool is better than apathy.

Did this bug /security fix ever come out?
It's still says version 2.10 released 1/10/2103

The "Last Update:" item at the top tells you when the last update went out.

We are having a problem with this Mod, when enabled and a member posts it goes to a blank white screen and when i disable it everything goes back to normal, posts post normally.

Any ideas on what could be the issue?

Pm me your skype name will give u some help

pm sent,thanx

how can i stop moderate posts?
i dont want, that the moderators get the posts from new users to activate the posts, and i dont want prevent posts, too ..

i can only choose moderate posts or prevent posts.

how can "Moderation Tools" option be enabled only for administrator?? and moderators do not use it?

thanks mark as installed

Hi,

Our web servers are behind an Amazon load balancer in TCP mode (transport layer) - so they cannot see the IP address if a client. I could configure load Balancer in HTTP mode and get Amazon to pass X-Forwarded-For header. Will Spam-0-Matic work with this header? Or does it look for REMOTE_ADDR?

If I run HTTPS then I will have to terminate SSL traffic on the load balancer to get this header forwarded to the web server. Not very good from a security point of view.

Any other alternative if the above is not possible?