Merged How to protect my forum from spam

I have been getting spam registrations on my site even though I had the Kunena forum for registered only. I think it is the Kunena registration because all of the other ones have Captcha.

Is there a Captcha plug-in for Kunena? How do I keep out the spambots?

Kunena does not have a registration function; Kunena is not responsible for user registration. Please look at this topic which will help you.

Hello!

I am not particularly concerned about spam postings to Kunena since registration is required, but I want to drive off the spammers that mess up site visitor stats.

I just installed a Project Honeypot URL in my root directory. I have sprinkled hidden links all over my site, directing spammers to the Honeypot URL.

Kunena (1.6.4) is the major target for spammers and I would like to catch them when they try to look at it. I put commented out links in category descriptions but they nevertheless appeared to the public.

Where can one put a commented out link? Do I have to add it to a .php file and if so, which one? Can I go into the MySql DB and edit a file there? Ideally I would like to put a link on the entry page, which is where the spammers start.

Any suggestions much appreciated.

Lowtech

G'day, lowtech, and welcome to Kunena.

lowtech wrote: Kunena (1.6.4) is the major target for spammers ...

I recommend that you read How do I protect my forum from spam? Although this does not give any prescriptive technical remedy, it does put the question in perspective and, from this perpective, I don't think it's reasonable to conclude that K 1.6.4 (or any specific version of Kunena) is more or less the major target for spammers.

lowtech wrote: ... I put commented out links in category descriptions but they nevertheless appeared to the public.

Would you like to give a few more details about how you "commented out" links in category descriptions and how you see this technique as a means to deal with the spam issues that you appear to be having?

lowtech wrote: I am not particularly concerned about spam postings to Kunena since registration is required ...

Irrespective of how you've defined your user registration procedures, the fact remains that accounts will be registered and they will be used by spam merchants to plaster your site with their nonsense. This fact is confirmed by the occasional attempts made by people (or automated technology) to attack this website, too.

It's difficult for me to respond to your specific question ("Where can one put a commented out link") without understanding what link you are referring to. Maybe a picture of your problem will help.

Thanks for the quick response!!!

1. The reason I mentioned the 1.6.4 version of Kunena was to let people know I am up to date. My concern with Kunena is due to the fact that on my website the spammers attack Kunena the most (and registration). Before Kunena it was Agora. And once upon a time, JoomlaComments

2. The way Project Honeypot works is I put a file in my root directory supplied by Honeypot. That file, a php file, redirects all site visitors to the Project's site and checks against spammer lists and if the IP is not from a spammer, the connection to my site is made. It is instantaneous. It is pretty slick. The redirect file looks like this (There are many possible variations.):
<!-- <a href=" www.mysite.com/homegrown.php ">dysfunctional-boxy -->
I have it working in about ten locations on my home page, but not in Kunena (yet).
"homegrown.php" is the file that transmits the IPs to Project Honeypot for checking.
Wherever I have put that file in Kunena, though commented out, it shows to the public viewer. That includes category descriptions and any posted messages.

3. At present I am not concerned with actual spam registrations. Kunena is integrated with Community Builder and registration requires answering a brief questionnaire and my personal approval after checking with StopForumspam.com. In fact, when there is any doubt,I email my concerns to a prospective member and ask for further information.

So the issue is how to plug the Kunena portal by diverting the spammers/hackers to Project Honeypot. Is there a good place to stick that redirect URL where the spam program will see it and legitimate live viewers won't see it? The spammers usually start here: /component/option,com_kunena/Itemid,94/view,entrypage/

Hope I am clearer now

Best,

Lowtech

sozzled wrote: G'day, lowtech, and welcome to Kunena.

lowtech wrote: Kunena (1.6.4) is the major target for spammers ...

I recommend that you read How do I protect my forum from spam? Although this does not give any prescriptive technical remedy, it does put the question in perspective and, from this perpective, I don't think it's reasonable to conclude that K 1.6.4 (or any specific version of Kunena) is more or less the major target for spammers.

lowtech wrote: ... I put commented out links in category descriptions but they nevertheless appeared to the public.

Would you like to give a few more details about how you "commented out" links in category descriptions and how you see this technique as a means to deal with the spam issues that you appear to be having?

lowtech wrote: I am not particularly concerned about spam postings to Kunena since registration is required ...

Irrespective of how you've defined your user registration procedures, the fact remains that accounts will be registered and they will be used by spam merchants to plaster your site with their nonsense. This fact is confirmed by the occasional attempts made by people (or automated technology) to attack this website, too.

It's difficult for me to respond to your specific question ("Where can one put a commented out link") without understanding what link you are referring to. Maybe a picture of your problem will help.

lowtech wrote: The way Project Honeypot works is I put a file in my root directory supplied by Honeypot. That file, a php file, redirects all site visitors to the Project's site and checks against spammer lists and if the IP is not from a spammer, the connection to my site is made. It is instantaneous. It is pretty slick. The redirect file looks like this (There are many possible variations.):
<!-- <a href=" www.mysite.com/homegrown.php ">dysfunctional-boxy -->
I have it working in about ten locations on my home page, but not in Kunena (yet).
"homegrown.php" is the file that transmits the IPs to Project Honeypot for checking.
Wherever I have put that file in Kunena, though commented out, it shows to the public viewer. That includes category descriptions and any posted messages.

Thanks for the explanation. I'm not sure what you might do to add customised HTML tags to Kunena but I would imagine you should be able to achieve most of these things by incorporating them into your Joomla site template. That's just my guess. Perhaps someone else has few ideas?

Hello!

I guess I have found the answer I was looking for.

Place the honeypot redirect URL, commented out with angle bang dash dash (<!--http Honeypot redirect-->)
in /language/en-GB/en-GB.com_kunena.ini (assuming you are using English--whatever language file you use)/

I sprinkled it around in about five places all related to login messages. It is machine readable but not visible to the eye.
The first place it appears is: "Only community members can participate in forum threads. You must register or log in to contribute."

Honeypot has already (apparently) reduced spammers by 80%. Hope this will take care of most of the rest.

Best,

Lowtech

soamz wrote: Hey..

Im using Kunena Forums and I have all spam bots registering on the site and posting new threads and posts .
I need to stop this , but dont know, if Kunena has a solution to this. Kindly let me know. :dry:

Hi Soamz,

I have same problem with you, but after I installed "Forum Protection Light" plugin from Joomla.StefySoft.com . I can reduce spam that post into my forum.

It's easy on setting, you just access the plugin and put the bad words into bad words field.

I hope this information can be useful for kunena admin

______________________________________________________________________________________________________
JIPku.com
Connecting Indonesian JIP'ers

I was looking at the reviews about Kunena a couple of days ago, and I saw comment posted by a person who calls himself/herself "thefonz22" who wrote:

[Kunena] is a great extensions, have been using it for years. The only issue I have is that it's damn easy for spam bots to attack! Other than that I have no issues.

I wish that this person had asked here about what precautions could take to reduce the incidence of spam attacks before writing that review.

As I've written dozens of times in this forum (and in other forums around the internet) the problem of spam is not Kunena or any other specific forum software. phpBB forums are spammed; punBB forums are spammed; all manner of forums are apammed. Kunena is caught in the same net. Let's blame the forum software for the amount of spam that my site receives.

Kunena does not make it easy for spam attacks. The project team is continually looking at ways to improve the situation further and reduce the likelihood of spam attacks. However, the argument does not follow that because you have Kunena you will make things easier for spam attacks. It's that part of thefonz22's conclusion that I disagree with.

Thank you, thefonz22, whoever you are for your other kind words. It would also be good to join our discussion here, so that we may help you understand why your site may be on the receiving end of spam.

I have been a moderator for a forum for about 3 years now and I think the best way to eliminate spam is to monitor the page closely. Spammers will get their way into registering even with those captcha plug-ins.

I have talked to someone working black hat and claimed that those type of preventive systems, make them smile as they see it as a challenge. At times, it even gets in the way of a real user as they have a hard time getting through complex letters and characters.