Sticky How to protect my forum from spam

There are several ways you can reduce the amount of spam postings on your website.

One way is to monitor and filter who is trying to join your website, as Cerberus has suggested.

Another way is to rein-in the ability to post your forum. If you allow anonymous (or guest) posting, then disallow it. Use the Kunena setting Security » Public Read/Write = No.

If you are being flooded, limit users' ability to post messages in rapid succession: Use the Kunena setting Security » Flood Protection = nn, where nn is the length of time, in seconds, that users have to wait before they can post another message. Fight fire with water.

If spammers still can't take the hint, you may have to remove the forum from public view and only allow access to registered users: Use the Kunena setting Security » Registered Users Only = Yes

If, these obstacles still do not deter spammers (they must be rather desperate) then you may need to safeguard your forum categories further. In the Forum Administration function you can set your categories (Forum security and access) » Review Posts = Yes. This means that you and your moderators will have to approve messages posted by your users before they are displayed. Hopefully, by this stage, those spammers of yours will give up their attempts and leave you alone.

Usually, such spam attacks don't last too long and spammers will leave you alone if it's too difficult for them to get their kicks from spoiling your site, and they'll look elsewhere.

Last, and not least, you are using Kunena 1.5.5. Please upgrade to K 1.5.11 to overcome a number of known security problems with that very old version. If you do not upgrade, and continue to experience security problems, you have to accept some of the responsibility.

Well, I just had a fun experience. :blush:

I was posting some test URLs in a post to see how the URLs were stored in the database because I'm working on another forum migration project.

Hit submit and Boom, I'm blocked and locked out of the site and out of admin. Slight panic. Had to go in to the database and unblock myself.

So, 1. Suggestion: don't block superadmins.

and 2. Is there detailed doc somewhere that explains precisely what will trigger the spam block? I wasn't posting spam, but I suppose it could have been interpreted that way. I need to know in order to decide how much to educate users and/or moderators (and myself -- doh).

There's no automated "blocking" feature in Kunena that I am aware of. You can configure some ability to prevent forum flooding, by requiring your users to wait a certain amount of time before they can post again.

Again, when all else fails, check and note what changes you make between your configuration settings and the default configuration settings and adjust them accordingly (and sparingly).

I suppose that your system (e.g Apache) had blocked the "administrator", because robots has tried to logg in too many times.
Solution: Create new username to superadmin group.
After that, block the current "administrator".
In the future, logg in that "new-username" as a superadmin.

xlgolffari

Hi Everyone:

Yesterday morning, my website experienced a spam attack which was aimed at the outgoing email function. A script attached itself to some component or core Joomla file and began to auto generate outgoing spam emails to random addresses which are all bogus. These in turn caused bounces.

One net result is that it caused my primary email address to exceed beyond the 150 outgoing emails per hour limit. As a result, I can no longer send out emails from my account.

I'm attempting to troubleshoot this and need assistance in narrowing down the likely culprits. Kunena seems to be one of them. I'm running version 1.5.8 which, as I recall does have some security vulnerabilities. Is this true? I'm also running Wordpress MU blogging, JNews, DT Register, AEC, Community Builder and some others.

I'd appreciate some help with this. I realize that all non Kunena issues are off topic here but any suggestions would still be appreciated. I have to get to the bottom of this quickly. My main question is: will re-installing a component generally eliminate this issue? If someone has a good source for resolving Joomla spam problems, please also let me know.

Sincerely,
Howard

I am seeing something like this. If a user posts anything with a url tag in it, bang, the Block User is turned on in their Joomla account. Now if that were the case all the time, I am certain something would have gotten reported before this, and quite loudly. That means it is most likely some issue between plugins.

Anyone have a suggestion on what would conflict so badly with Kunena?