Kunena 6.3.2 released

The Kunena team has announce the arrival of Kunena 6.3.2 [K 6.3.2] in stable which is now available for download as a native Joomla extension for J! 4.4.x/5.0.x/5.1.x. This version addresses most of the issues that were discovered in K 6.2 / K 6.3 and issues discovered during the last development stages of K 6.3
Note: Please go to the Kunena Dashboard after an upgrade so that the Kunena database tables are also updated.

This is for users to help other users, to discuss topics that are related to forum administration in general or problems in running Joomla. This is not the place to ask for Joomla support. If you want assistance with Joomla please ask at forum.joomla.org

Merged How to protect my forum from spam

11 years 4 months ago #331 by Admata
Replied by Admata on topic 200 Spam users in 4 days

gotanyglue wrote: how i handle spam users i have had 200 people reg and confirm the link, and then just spamming mosly from @123.com or @169.com should i delete or ban or is there a way to stop them

Ban - don´t delete. If you delete spammers they can use same email for regeristering your site again.

I have a good experience for this R Antispam . There is option for Kunena.

+ You should use captcha for registering ;)
The following user(s) said Thank You: gotanyglue

Please Log in or Create an account to join the conversation.

11 years 4 months ago #332 by micklongley
Im having the same issue and I'm using reCaptcha. This is an odd thing as there seems to be plenty of security to stop spam. I'm going to try running another antispam extension but am I missing something? Shouldn't Kunena be able to stop most spammer registration?


Please Log in or Create an account to join the conversation.

11 years 4 months ago #333 by sunny33days
Guys, it's typically links on your forum that attracts them to your site in the first place. I have a no clickable link rule on mine.. They just have to omit the http:// and www. from the link (no url tags).

Please Log in or Create an account to join the conversation.

11 years 4 months ago - 11 years 4 months ago #334 by straetch
Replied by straetch on topic IP address tracking
I am using IP Address Tracking to prevent spam on my forum by banning the network of the offender.
I recently upgraded to Joomla 2.5.9 and Kunena 2.0.4
Now, when I log in as administrator, the IP address of the posts no longer show up.
The item IP Address Tracking in the Security tab is set.
What can I do to revive the function?

This message contains confidential information

Database collation check: The collation of your table fields are correct

Legacy mode: Disabled | Joomla! SEF: Enabled | Joomla! SEF rewrite: Disabled | FTP layer: Disabled |

This message contains confidential information
htaccess: Missing | PHP environment: Max execution time: 50 seconds | Max execution memory: 80M | Max file upload: 96M

Kunena menu details:

Warning: Spoiler!

Joomla default template details : beez_20 | author: Angie Radtke | version: 2.5.0 | creationdate: 25 November 2009

Kunena default template details : Blue Eagle (default) | author: Kunena Team | version: 1.7.1 | creationdate: 2011-11-16

Kunena version detailed: Kunena 2.0.4 | 2013-01-18 [ Pharmacopoeia ]
| Kunena detailed configuration:

Warning: Spoiler!
| Kunena integration settings:
Warning: Spoiler!
| Joomla! detailed language files installed:
Warning: Spoiler!

Third-party components: None

Third-party SEF components: None

Plugins: None

Modules: None

Last edit: 11 years 4 months ago by straetch. Reason: adding configuration

Please Log in or Create an account to join the conversation.

11 years 4 months ago #335 by micklongley
Hey Sunny, I'm not quite sure what you mean by "no clickable link rule." Is this a personal rule or did you find this in Kunena? I haven't been able to find anything like that yet - any pointers???

Also, I have a VERY small forum right now at <15 topics. I thought the reCaptcha would be able to stop spam user registration but apparently not. It only started doing this about 2 weeks ago. Crazy!

Any help is appreciated, and I'll be sure to try to research this soon, but any pointers would be helpful in the mean time.


Please Log in or Create an account to join the conversation.

11 years 4 months ago #336 by gcollier02
I've went to great pains to make sure my site has been properly updated, however due to other component limitations, I'm unable to update past Joomla! 1.5.26, however am at the current version of 2.0.4 for kunena. Despite this, I have random postings (3-7 daily) in Russian on my message board along with users who are not using my registration page to subscribe.

I need some help figuring out where these attacks are happening at.

Please Log in or Create an account to join the conversation.

11 years 3 months ago #337 by carlbeck
Replied by carlbeck on topic Security
:ohmy: Our web site, www.k5sar.com Kunena Forum is getting lots of SPAM posts. It is becoming a daily job deleting the bad posts and banning the user names that put them there.
As web master, I get e-mail notification of e-mails that cannot be delivered and that is how I get daily notification of SPAM posting. I then go in and delete then permanently delete and then find the user name a click on the “Ban the User Column”.
They just keep coming back with a new user name. Is there any way to stop this???

Please Log in or Create an account to join the conversation.

11 years 3 months ago - 11 years 3 months ago #338 by sozzled
*** Topics merged ***

How people's websites become the target of spam is outside the purview of the Kunena product but there are many strategies that people can employ to reduce the incidence or, at the very least, make it more difficult for spam merchants to attack your website. The best strategy is to make it more difficult for people to register at your site. J! 2.5 includes built-in feature that can assist you. For instance, you can require that people need to enter a CAPTCHA code when they register or tick a box "I agree to the terms" before their registration becomes active (like we do here at K.org)

Another strategy is to use a plugin like Spambotcheck (look it up on the JED for more information, which is also something we do here.

You can also require that the first n posts must use CAPTCHA - this is something you can set in the Kunena configuration settings. You can also require that new users must use a category where all messages must be reviewed before they appear in the forum - but this means that you have to be prepared to look at those messages and approve them.

A lot of people expect that there should be lots of "automated", hands-off tools that will do these kinds of things for them but, as I have written many times in this topic, "the most effective defence against spam is vigilance." We're fairly vigilant here at K.org and that's why you will not see much spam on this website.

I hope that helps.
Last edit: 11 years 3 months ago by sozzled.

Please Log in or Create an account to join the conversation.

11 years 3 months ago #339 by naimless
Hi Sozzled

I know it's a never-ending topic that you must be bored of, but I really think there's something big being missed here.

Sure, I understand and agree that forums require diligence to keep clean, etc, but I am almost convinced now that something is not working as it should with the Kunena Captcha implementation.

Please try this as an experiment on your forum (or here, on k.org). Open up a board to guests (with Captcha check enabled). It will look as though Captcha checks are working fine when using the front-end from a browser, but within a few days or so I'd predict you'll get swamped and swamped by hundreds spammy messages that somehow seem to completely ignore the captcha (or have found a really cheap way of cracking or bruteforcing re-captcha).

My Joomla/Jomsocial user-registrations use Re-captcha too, and there we maybe get one spammy registration every few days (that are very obviously done by someone manually creating an account, so they're easy to promptly deal with by diligence). But on the Captcha protected forum we'd get at least 10 or 20 a day who get past Re-Captcha. Surely Re-Captcha can't be so utterly ineffective?

The j_antispam plugin I was espousing earlier, sort of stopped doing its job properly, so, yesterday I found this plugin:

Have set it to a permanent answer to a simple idiot question that literally spells out the answer, and I haven't received a single spam post since (that plugin also has more complex maths, recaptcha, etc options). Suffice it to say, HIGHLY recommended.

However, this really does lead me to believe that some clever spammer has found a way to post to Kunena as a guest without having to validate the Re-captcha. I'm not trying to be a pain, but is there any remote way that this is technically possible or that there is a bug in Kunena's spam checking / Re-captcha integration code?

Please Log in or Create an account to join the conversation.

11 years 3 months ago #340 by loic
Replied by loic on topic security issue in kunena 2.0.4

someone is hacking kunena forums from the last 2 days : inserting topics about viagra,...
I am not the only one forum so i think it is a security issue of kunena 2.0.4

it seems he is not using frontend submission form he appear as a member without beeing registred...

Have a look :
search for "kunena Tentozeron" on google

Can you help us on that ?
thanks in advance

Please Log in or Create an account to join the conversation.

Time to create page: 0.644 seconds