Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
[GlowHost] Spam-O-Matic - Spam Firewall stops forum spam Details »
[GlowHost] Spam-O-Matic - Spam Firewall stops forum spam
Mod Version: 2.1.2, by GlowHost.com (Coder) GlowHost.com is offline
Developer Last Online: Jun 2016 I like it Show Printable Version Email this Page

vB Version: 4.x.x Rating: (543 votes - 4.80 average) Installs: 4650
Released: 05 Aug 2010 Last Update: 28 May 2013 Downloads: 23167
Not Supported DB Changes Uses Plugins Auto-Template Additional Files Translations External Content  

If you install this mod, please mark this as "Installed."

VERSION 2.1.2 RELEASED 5/28/2013!


About Spam-O-Matic 2.x:
Spam-O-Matic 2.x (SOM) is a spam firewall for your vBulletin Forums version 4.x and later. It prevents known spammers from registering on your forums. If they can't register, they can't spam!

Languages Packs Available
English
German - Courtesy of Alex@bulletin (included in zip)
Romanian - Courtesy of Teascu Dorin's (included in zip)
Spanish - Courtesy of vbluis (included in zip)

How it Works
This data responsible for blocking user registrations comes from the stopforumspam.com (SFS) spammer database. After the user who is trying to register passes the built-in vBulletin registration checks which you have configured in your vBulletin settings, SOM then checks the SFS database to see if the IP, username, or email address that the user is trying to register with has been recently tagged as a known spam source on other forums around the Internet. Also can be configured to check the Akismet service for known comment spam.

This is without a doubt, one of the most important mods that you will be using on your forum.

Other Notable Stuff
It also does a ton of other cool stuff like moderating posts automatically if the post is found in the Akismet database, or if it contains words on your "Bad Words" keyword list which can be configured within the mod itself.

The mod WORKS with vBulletin's new Facebook integration.
This module works with all of the Facebook functions that are built into the vB4 series.
Similar mods do not handle Facebook integration completely.

This module has the ability to submit new spammer details to the StopForumSpam or Akismet databases automatically, all without any new templates or manual template modifications!

This means other forums that are running Spam-O-Matic will not have the same spammer on their forums if you have (automatically) reported the spammer to the SFS database.

Just install the product in the product manager, upload a few files, configure the system and you are done. (Estimated time: 5-10 minutes)

What's new in 2.1.0:
  • Fixed a problem with MySQL engine selection to make mod more compatible with different types of servers.
  • When SOM "Newbies Group" is activated + vB's native option to "Verify Email address in Registration" is activated at the same time, "Users Awaiting Email Confirmation" must click the verification link to become a newbie.
  • Added remove user, post, ban to user profile options in admincp under "Quick User Links"
  • Added German Language Pack
  • Optimized default settings to work with the needs of most forums
  • Added a new coupon for GlowHost (available after you submit a spammer)
  • Several other performance tuning options

Feature List:
  • Optional Public Statistics. Show off to the world how many bad guys you have automatically prevented from posting junk on your forum.
  • Auto-Moderation moderates posts that have links, bad words, and other configurable settings.
  • Auto-Moderation ignores your RSS posts.
  • Registration / Denial Logs available from Admincp > Statistics and Logs
  • Optional "Newbies" Manager! After registration, newly registered users can be placed in a "Newbies" group which has more limited permissions as compared to your regular "Registered Users" group. Newbies will graduate to your Registered Users group based on your required post count settings.
  • Auto-Submit Spammers from the moderation tools menu on each postbit.
  • Remove Posts, threads, PMs, Calendar Events from your spammer in one easy wizard. No double logins needed.
  • Shows other users who signed up with the same IP. (Sleeping Spammers)
  • Optional Affiliate System
  • ~50 customizable settings to fine-tune Spam-O-Matic to your exact needs.


A) StopForumSpam:
The StopForumSpam Module lets you:
  • Check a registrant's IP address.
  • Check a registrant's email address.
  • Check a registrants Username.
  • Disable or enable any of the above checks.
  • Block and log, or, allow and log known spammers.
  • All registration attempts are logged for your viewing pleasure.
  • Several other performance tuning options
If a user (or bot) tries to register on your forum and they pass the built-in vBulletin registration system. (Human verification, email verification, etc), their registration details are then passed to the Spam-O-Matic firewall for further checking.

NOTE: You should use some sort of human verification checking in vBulletin's built-in options to limit the number of requests to the already heavily-loaded StopForumSpam database servers. This will also prevent additional load because SOM will not have to do anything if the bot/spammer fails preliminary registration validation which is built-into vBulletin itself.

It is completely invisible to humans who are registering that this process is taking place. Bots are stopped dead in their tracks.

If a spammer is able to sneak past the first line of defense, and manages to post, then there are secondary, tertiary, and, uh...4th level protections too!

B) Auto-Moderation:
Auto Moderation lets you:
  • Define how many URLs a new member can post before being sent to moderation.
  • Define keywords that will send a post to Auto-moderation (viagra, porn, more here)
  • Define minimum post count to avoid Auto-moderation.
  • Excludes admin and moderators from Auto-moderation.
  • Completely disable Auto-moderation if you don't want it.
C) Akismet Service
Spammers that make it past the StopForumSpam and Auto-Moderation will be checked against the Akismet service. If they manage to make a post, and then are found on Akismet, they can be auto-moderated.

The Akismet settings let you:
  • Set the number of posts that Akismet will check from each user. After this number is exceeded, Akismet checking will be disabled for that user.
  • Auto-Submit spammers that post on your boards back to the Akismet service so that other forums and blogs do not do not receive the same spam.
  • Completely disable the Akismet service.
D) Newbies Manager
Should you decide to enable this option, you can create a new usergroup and then tell Spam-O-Matic about it. Once SOM knows about this usergroup, and once enabled, all new users will be part of the Newbies group. The idea here is that you make a Newbies group that has limited forum permissions. For example, no signatures, no BB code, no images, and etc. This group is created completely in the vB admincp. Spam-O-Matic simply makes it the graduation process to the normal Registered Users group, automatic.
Learn More and Discuss the Newbies Manager here.

Punitive Actions:
If you find a spammer has made it past your 4 front-lines of defense, and has managed to post on your forum, then you can help the community...

The spammer's details can be sent to the Stop Forum Spam and Akismet databases automatically, preventing them from registering or posting on other forums. When other forums do the same, the protection is reciprocated.

Simply moderate a post and choose the option to "Delete Posts As Spam..." an then choose the option to "Ban User." Banning the user sends their details to either Akismet, StopForumSpam, (or both) depending on how you set it up.

API Keys:
API Keys are not required for this system to stop spammers on your forums. But you should obtain them so that your forum can contribute to the real-time block lists.

A StopForumSpam API key is required if you want to contribute to the StopForumSpam blacklists by adding your spammers to their database. By submitting spammers you help keep other forums and blogs clean.

An Akismet API key is required if you want to enable any Akismet auto-moderation features in this module. Akismet API key is not required for all Auto-Moderation functions.

You can obtain a Stop Forum Spam API key which is free from stopforumspam.com.

Get your StopForumSpam API Key Here

You can obtain an Akismet API key from Akismet.com.
Akismet offers free and paid API keys so choose your version based on your situation.

Get your Akismet API Key Here

Why it is better than the other anti-spam solutions on vBulletin.org:
  • Works with all of vBulletin 4 functions including Facebook automatic registration.
  • Report spammers that you find to the Stop Forum Spam Database.
  • Report spammers that you find to the Akismet Database.
  • Built-in Auto-moderation.
  • Auto-moderation rules based on post count.
  • Auto-moderation rules based keywords.
  • Auto-moderation rules based Akismet results.
  • Enable or disable any actions that you do not want.
  • Customizable "Registration Rejected" message.
  • Consolidates 4 popular methods of spam prevention into one product.
  • No Manual Template Modifications!
  • Lots of community support!
======================
Compatibility:
vBulletin 4.0.x

Server Requirements:
Curl or allow_url_fopen must be compiled/enabled into PHP. Ask your web host to enable curl or allow_url_fopen if it is not already available on your server's PHP configuration. (Or just host with GlowHost.com, where it already is

=====================
Donations:

If you like this mod, sure, you can donate!

Donations can be all sorts of things:
1) The "Give Thanks" option in your settings is an optional link back to GlowHost Web Hosting.
2) Tell your friends and others about this mod.
3) If you are in need of web hosting, please consider ordering it from the hosting and development professionals at GlowHost.com who were able to develop this mod to you.
4) Help others who are having trouble with this mod by posting tips and suggestions in this forum thread.
5) Cash! Use the "Support Developer" option on the top right of this page.

When you choose to donate, you are contributing to the product development, bug fixes and new releases for SOM and are helping to feed our hungry developers and their families! In other words, your donations helps to cover the time and money spent to develop this system.

The entire team at GlowHost thanks you for your help and support!

We hope you enjoy the mod!

=====================
Installation:

1) Download the attached file
2) Mark As Installed
3) SOM 2.x does not support updates from the v1.x series.
When upgrading to version 2.x, please, be sure to remove any other existing version of SOM 1.x from the product manager before installing v2.x series. Also make sure to remove /forum/includes/xml/bitfield_glowhostspamomatic.xml from version 1 if you had it installed.

4) Extract the zip file, and view the readme file for the rest of the instructions.

=====================

Original concept credits go to the authors of vBStopForumSpam, MonkeyStop.

Download Now

Only licensed members can download files, Click Here for more information.

Screenshots

Click image for larger version

Name:	logs.png
Views:	10388
Size:	40.7 KB
ID:	126504   Click image for larger version

Name:	postbit-mod-tools.jpg
Views:	9679
Size:	60.7 KB
ID:	126505   Click image for larger version

Name:	stats.jpg
Views:	12059
Size:	48.8 KB
ID:	126506   Click image for larger version

Name:	wizard.jpg
Views:	8221
Size:	54.9 KB
ID:	126507  

Click image for larger version

Name:	admincp.gif
Views:	3034
Size:	18.0 KB
ID:	143256  

Show Your Support

  • To receive notifications regarding updates -> Click to Mark as Installed.
  • If you like this modification support the author by donating.
  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Similar Mod
Mod Developer Type Replies Last Post
Anti-Spam Options [GlowHost] Spam-O-Matic for vB 3.8 (StopForumSpam, Akismet, Auto-Moderation and more) GlowHost.com vBulletin 3.8 Add-ons 236 12 Sep 2017 03:53
Administrative and Maintenance Tools Suppress-o-Matic - Stop database error spam GeekyDesigns vBulletin 3.8 Add-ons 65 12 Sep 2013 21:01
Moderators Functions Akismet Anti-Spam (3.6) Jafo232 vBulletin 3.6 Add-ons 12 15 Jun 2011 16:13
Akismet Anti-Spam Jafo232 vBulletin 3.5 Add-ons 97 14 May 2011 04:07
Moderators Functions Akismet - spam detection El_Muerte vBulletin 3.6 Add-ons 58 22 Feb 2011 15:18

  #3451  
Old 11 Dec 2016, 17:50
RichieBoy67's Avatar
RichieBoy67 RichieBoy67 is offline
 
Join Date: Apr 2004
Real name: Richie
Originally Posted by garyb12001 View Post
I had this installed on my forum and it was exploited (filestore72.info redirect). Just an FYI, especially since it no longer appears to be a supported plugin.
I doubt this mod was the vulnerability. Once someone gains access to your file system they can exploit any file they want.
__________________

Let us take care of your forum, seo, seo reports, maintenance, what ever you need.


Last edited by RichieBoy67; 24 Mar 2017 at 03:41.
Reply With Quote
  #3452  
Old 04 Jan 2017, 17:16
garyb12001 garyb12001 is offline
 
Join Date: Jun 2010
Originally Posted by RichieBoy67 View Post
I doubt it was the vulnerability. Once someone gains access to your file system they can exploit any file they want.
My bad - you were correct. Somehow, they got access to my AdminCP (which I renamed from default long ago) and were injecting PHP redirect code into the plugins. I have ensured there are no rogue admin accounts and all passwords have been reset and further secured my AdminCP with .htaccess and voila, the redirects have stopped.

Thankfully, the VPS my board sits on was not compromised in any way.
Reply With Quote
  #3453  
Old 04 Jan 2017, 17:22
RichieBoy67's Avatar
RichieBoy67 RichieBoy67 is offline
 
Join Date: Apr 2004
Real name: Richie
Originally Posted by garyb12001 View Post
My bad - you were correct. Somehow, they got access to my AdminCP (which I renamed from default long ago) and were injecting PHP redirect code into the plugins. I have ensured there are no rogue admin accounts and all passwords have been reset and further secured my AdminCP with .htaccess and voila, the redirects have stopped.

Thankfully, my VPS was not compromised in any way.
If you have the filestore hack you will have to do more than that. You will need to check and clean your files and your database.

A good place to start is in the diagnostics within your admincp and look for debase64 added to any of those files.. Mark has a guide on this if you search.

Better to start a new thread though or post in an existing thread about this hack if you need too so we do not go off topic here.

GlowHost is secure. I have been using it for many years on many sites and never had a security issue with it.
__________________

Let us take care of your forum, seo, seo reports, maintenance, what ever you need.


Last edited by RichieBoy67; 24 Mar 2017 at 03:42.
Reply With Quote
  #3454  
Old 04 Jan 2017, 17:30
garyb12001 garyb12001 is offline
 
Join Date: Jun 2010
Originally Posted by RichieBoy67 View Post
If you have the filestore hack you will have to do more than that. You will nbeed to check and clean your files and your database.

A good place to start is in the diagnostics within your admincp and look for debase64 added to any of those files.. Mark has a guide on this if you search.

Better to start a new thread though or post in an existing thread about this hack if you need too so we do not go off topic here.

GlowHost is secure. I have been using it for many years on many sites and never had a security issue with it.
Thanks, I found that old thread and did all of that as a follow-up to boot.
Reply With Quote
  #3455  
Old 22 Mar 2017, 14:37
curriertech curriertech is offline
 
Join Date: Aug 2005
I realize this hasn't been updated in a while and this is probably not worth bringing up but...

For the last few weeks I've had some very persistent spammers causing me headaches. Firstly they're starting off using new email addresses (all gmail) and clean IP addresses from SFS's perspective. They register, then put spam info into their profile fields, such as name. I do the easy cleanup immediately and their data is submitted to SFS as expected. The issue is that since this appears to be automated, they simply register again immediately using the same IP and email, and I have to manually cleanup registrations from the same email/ip multiple times.

I believe this is because of the caching function of GSOM. If only the bad query results (i.e. this name/email/ip is listed in the db), rather than all query results, then this wouldn't be a problem. And, doing it this way wouldn't add unnecessary burden to SFS's servers because valid users aren't constantly trying to register. Caching clean results isn't necessary.

I'm going to comb through the code myself to see if I can cobble something together but I'm not a dev so I don't have high hopes for success.
__________________
New England Streetriders
Reply With Quote
  #3456  
Old 24 Mar 2017, 03:43
RichieBoy67's Avatar
RichieBoy67 RichieBoy67 is offline
 
Join Date: Apr 2004
Real name: Richie
Originally Posted by curriertech View Post
I realize this hasn't been updated in a while and this is probably not worth bringing up but...

For the last few weeks I've had some very persistent spammers causing me headaches. Firstly they're starting off using new email addresses (all gmail) and clean IP addresses from SFS's perspective. They register, then put spam info into their profile fields, such as name. I do the easy cleanup immediately and their data is submitted to SFS as expected. The issue is that since this appears to be automated, they simply register again immediately using the same IP and email, and I have to manually cleanup registrations from the same email/ip multiple times.

I believe this is because of the caching function of GSOM. If only the bad query results (i.e. this name/email/ip is listed in the db), rather than all query results, then this wouldn't be a problem. And, doing it this way wouldn't add unnecessary burden to SFS's servers because valid users aren't constantly trying to register. Caching clean results isn't necessary.

I'm going to comb through the code myself to see if I can cobble something together but I'm not a dev so I don't have high hopes for success.
You should install the New Racaptcha plug in.. http://www.vbulletin.org/forum/misc...._new_recaptcha
__________________

Let us take care of your forum, seo, seo reports, maintenance, what ever you need.

Reply With Quote
  #3457  
Old 24 Mar 2017, 12:52
curriertech curriertech is offline
 
Join Date: Aug 2005
Originally Posted by RichieBoy67 View Post
You should install the New Racaptcha plug in.. http://www.vbulletin.org/forum/misc...._new_recaptcha
That was the first thing I did but it didn't help, not even a little bit.
__________________
New England Streetriders
Reply With Quote
  #3458  
Old 26 Mar 2017, 05:03
rcull rcull is offline
 
Join Date: Feb 2005
I have been running a couple of modifications which can help make a few dollars with the Glowhost Spam-O-Matic plug in.

Here it is Click Here.
__________________
<a href=http://www.teambuick.com target=_blank>http://www.teambuick.com</a>
Reply With Quote
  #3459  
Old 28 Jun 2017, 19:22
fsrmw_tudd fsrmw_tudd is offline
 
Join Date: Oct 2006
Is an extented data privacy statement necessary when this mod is installed?
Like for sending user IPs and email adresses to Akismet and StopForumSpam?
Reply With Quote
  #3460  
Old 24 Sep 2017, 19:32
Venlaw Venlaw is offline
 
Join Date: Jul 2013
Originally Posted by garyb12001 View Post
I had this installed on my forum and it was exploited (filestore72.info redirect). Just an FYI, especially since it no longer appears to be a supported plugin.
Hmm funny you say this. I'm dealing with the same issue right now. Slowly enabling addons one at a time and looking for updates. I haven't enabled this yet and no redirects so far.
Reply With Quote
  #3461  
Old 12 Nov 2017, 12:31
Zarxrax Zarxrax is offline
 
Join Date: Mar 2009
In the past couple of months I have seen a big increase in spam posts, and the automoderation in this addon doesnt seem to be working like I expect it should. For instance, I have it set to automoderate posts with more than 1 link, but I frequently see posts get through with more than 1 link. I also have "live stream" and "live streaming" listed in my bad words, but almost every spam posts contains these words. Only maybe 10% of spam posts actually end up in moderation.

Any ideas what could be wrong?
Reply With Quote
  #3462  
Old 12 Nov 2017, 13:19
In Omnibus's Avatar
In Omnibus In Omnibus is offline
 
Join Date: Apr 2010
Real name: Kris
Originally Posted by Zarxrax View Post
In the past couple of months I have seen a big increase in spam posts, and the automoderation in this addon doesnt seem to be working like I expect it should. For instance, I have it set to automoderate posts with more than 1 link, but I frequently see posts get through with more than 1 link. I also have "live stream" and "live streaming" listed in my bad words, but almost every spam posts contains these words. Only maybe 10% of spam posts actually end up in moderation.

Any ideas what could be wrong?
This product hasn't been updated in over four years and it has major security holes. It should probably be removed from the downloads section and quarantined. That's what is wrong.
Reply With Quote
  #3463  
Old 12 Nov 2017, 13:38
Zarxrax Zarxrax is offline
 
Join Date: Mar 2009
Originally Posted by In Omnibus View Post
This product hasn't been updated in over four years and it has major security holes. It should probably be removed from the downloads section and quarantined. That's what is wrong.
What would you recommend that I do for spam protection then? It's a real problem on my board and akismet doesnt catch it.
Reply With Quote
  #3464  
Old 12 Nov 2017, 14:24
In Omnibus's Avatar
In Omnibus In Omnibus is offline
 
Join Date: Apr 2010
Real name: Kris
Originally Posted by Zarxrax View Post
What would you recommend that I do for spam protection then? It's a real problem on my board and akismet doesnt catch it.
StopForumSpam will catch a good deal of it if set up to check both IP addresses and e-mail addresses. Unfortunately, it won't catch everything.

The new Recaptcha will catch virtually all spambots but human spammers can still bypass it.

I find the most effective spam tool is still using the Question And Answer function. If you ask questions that only real people with a genuine interest in your forum can answer, and that don't have "yes" or "no" or "true" or "false" type answers it will stop most of the spam most of the time.

If, for example, you are a math forum, and you ask "How many pieces of pii are in a circle?" only a math nerd would even understand the question. It's not something answerable by a bot or most human spammers.
Reply With Quote
  #3465  
Old 12 Nov 2017, 14:27
handruin handruin is offline
 
Join Date: Apr 2005
I had the same issue but I can help you fix this. The issue is that the code only looks for "http" urls and not "https", among others when acting on the auto moderation.

Download this plugin and extract the files on your drive. Open the file named "product-glowhostspamomatic.xml" with a text editor.

Search for all instances of this line; I believe there are two of them.


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Replace that line so that it looks like this:


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

This change will catch all variations of URLs being posted in your forum, not just if they start with http or https so this does a much better job of catching spam.

Under Admin > Manage Products > Add/Import Product:
Once you've made the changes, you can install the plugin again but make sure to select the radio button to "Allow Overwrite".
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 3 (0 members and 3 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


New To Site? Need Help?

All times are GMT. The time now is 10:52.

Layout Options | Width: Wide Color: