PHPBB: Spam

I am running several phpBB-based forums, and they all started receiving serious amounts of spam recently. It seems that the spammers are now able to break the captcha in the registration and even pass the e-mail activation. I found a very simple solution for this. And from that moment on - the spam stopped.

The idea is to ask the spam bot a question which it does not expect, but it will be no problem for the users to answer. I’ve added to the registration form the question “How much is 5+2 ?”. Most of the new forum members were able to answer it on the first attempt. But spam bots had no clue.

So until someone bothers to write a spam bot specifically for my forums - I am okay. When it happens, I’ll just change the question. It can be many things: “What was the color of the white horse of Hammurabi?” or “How long did the six-day war lasted?” and so on. You got the point.

Here is how to do it.

In the template directory, edit profile_add_body.tpl, and add a new row the the form:

How much is 5+2 *





Browse to the registration page on your forum to see that it looks right.

In includes/usercp_register.php, look around line 260, and add the condition that checks if the question was answered properly:
else if ( $mode == ‘register’ )
{
if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? ‘
’ : ” ) . $lang[‘Fields_empty’];
};

if (!isset($_POST[‘math_question’]) || $_POST[‘math_question’] != ‘7′) {
$error = TRUE;
$error_msg .= (isset($error_msg) ? ‘
’ : ”) . "Incorrect answer to the mathematical question…";
}
}

Posted in howto
http://www.thesamet.com/blog/2006/12/21/fighting-spam-on-phpbb-forums/