Solution to phpBB Forum Spam
February 10th, 2007
During the last year my support forum saw a huge increase in registrations and posts made by spammers. A few common prevention techniques I applied did not work and I was forced to close the forum for new registrations for a while, until I had time to find better methods of dealing with spam. Fortunately, this turned out to be a fairly easy task, thanks to the excellent phpBB Antispam HOWTO page which lists the drawbacks of some existing techniques and recommends a few mods, developed by the site owner himself.
Textual Confirmation: The core of the solution is that a user/bot performing the registration is required to answer a simple question. In case of a real person, the answer will be provided, but every bot will stumble and fall. This really worked.
The site also suggest the Links Rejector mod, which allows phpBB to reject posts that contain links and are made by guest users. So, after a long period of accepting posts by registered users only, today I turned this protection off and my forum now accepts posts by guests again. As long as they don’t post links, of course. It’s nice to be free again.
I must add that each time a spam registration or a guest post is rejected, these tools send a notification to the forum administrator and to the community spam database. It’s not clear who uses that data and for what (the mods above certainly don’t care about them, it’s not a learning system), but hey, they helped me, so if this helps build a “community database” that’s fine with me.