Concerning Spam ...

Talk about all things not related to Nucleus... ;)
being_new
Posts: 45
Joined: Mon Apr 04, 2016 7:17 pm

Concerning Spam ...

Postby being_new » Wed Feb 22, 2017 8:44 pm

Hello all!
In fighting spam I found a simple solution, but need to make some slight changes to some script, but can't find which and where. I am able to read, write and change php scripts to a certain exctent, but not professionally. :(
(Using the banlist has only partially proven succesful, using Akismet failed for some reason not finding the proper add-ons ... URLs :( vanished.)
What I'm doing is this: On the template for an item page, I output a comment just prior to the comment form saying something in the order of: "You'll need a publication code that will sent to you by email", this being a "mailto."-link to an autoresponder linked to a little script creating some random code, that ist sent out. If the spammer enters an invalid email-adress, they will never recive that code. ;)
There is also an instrution to enter that publication code at the first line of the comment only and start the actual comment on the second line.
What I didn't find yet ist the code (script) that appends the comment to the the database, as well as the code that extracts the comment from the database to display it. My idea was ...
(a) just dump any comment that comes in without a valid first line (=publication code) and only store comments containing a valid publication code in the database, without that first line.
(b) not finding the script responsible for that part, I'd scan each comment for the presence of a vaild publication code before being displayed, and if so, displaying the comment without the first line. Otherwise, just skip the entire comment.
I'd need and request help to find the appropriate script(s) where I'd add some script lines to detect and strip said "publication code" either way, to prevent such comment from being appended to the database or being displayed.
I hope that I've communicated clearly enough what I need.
Sincere thanks in advance to anyone who is willing and able to help!
Helmut
PS: I'm using Nucleus 3.70 with the default-template.
User avatar
dis
Posts: 209
Joined: Mon Aug 19, 2002 3:56 am

Concerning Spam ...

Postby dis » Wed Feb 22, 2017 10:36 pm

Hi being_new :) I'm afraid I am mostly at your level as well, I can only tweak existing scripts a little but do not know enough for any real programming, so I cannot answer your question, but I just wanted to mention a plugin here in case you haven't heard of it.

The best plugin I have found for controlling comment spam so far is NP Comment Control. I just set it to 0 days and it holds all comments for moderation. It's quite easy to admin and just allow or deny comments from the queue. I haven't used it in a long time but I think it still works with the current 3.70, anyway feel free to try it if you wish! You can find it here: http://nucleuscms.org/wiki/doku.php/comentcontrol

(On checking it looks like the download site is not reachable. I don't know whether it is temporary - I saw it up only recently so you can try checking again in future. In the meantime I will see if I can find a copy and upload it here.)
User avatar
dis
Posts: 209
Joined: Mon Aug 19, 2002 3:56 am

Concerning Spam ...

Postby dis » Wed Feb 22, 2017 10:42 pm

Here is a copy of the last version from the site - 0.70. I just checked and I think I have a working version on a test 3.70 install.
Attachments
NP_CommentControl_v0_70.zip
(9.24 KiB) Downloaded 56 times
being_new
Posts: 45
Joined: Mon Apr 04, 2016 7:17 pm

Concerning Spam ...

Postby being_new » Thu Mar 02, 2017 10:44 am

Thanks a lot, dis!
I just now fetched the plugin and will be installing it soon - will report to you how it works out! I'm really grateful for the referral, as I'm being quite plagued by spammers ... :(
Wishing you the best!
being_new
Posts: 45
Joined: Mon Apr 04, 2016 7:17 pm

Concerning Spam ...

Postby being_new » Thu Mar 02, 2017 7:49 pm

Hi Dis, good evening!
Maybe you can point me to the right point to get this sorted out directly... may be I should have set or changed something before trying to install it.

I uploaded the files to the plugin-directory and then installed "CommentControl" at the Admin section - rather: I tried to install it, but failed. Got this error message:

mySQL error with query CREATE TABLE nucleus_plug_cc_pending( id int(11) NOT NULL auto_increment, cbody text NOT NULL, cuser varchar(40) default NULL, cmail varchar(100) default NULL, cemail varchar(100) default NULL, cmember int(11) default NULL, citem int(11) NOT NULL default '0', ctime datetime NOT NULL default '0000-00-00 00:00:00', chost varchar(60) default NULL, cip varchar(15) NOT NULL default '', cblog int(11) NOT NULL default '0', PRIMARY KEY (id)) TYPE=MyISAM;: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'TYPE=MyISAM' at line 1
- followed by this:

Warning: Cannot modify header information - headers already sent by (output started at /home/{myusername}/public_html/weblog/{my admin-dirname}/libs/sql/mysql.php:92) in /home/{myusername}/public_html/weblog/{my admin-dirname}/libs/globalfunctions.php on line 2158 (I guess this is simply because it output the above error).

Just one note about the above: I replaced the actual string by "{myusername}" and "{my admin-dirname}" to make it impossible that someone could use that data to intrude in my admin-section ...
User avatar
dis
Posts: 209
Joined: Mon Aug 19, 2002 3:56 am

Concerning Spam ...

Postby dis » Thu Mar 02, 2017 11:59 pm

Hmm.... I think Yama may need to help with this one. I don't know much but the part about MyISAM sounds like the plugin code may need to be updated. I'm sorry I can't help with that, I don't know enough to change the code myself! :oops: :( Let me check also and see if I have any newer updated versions saved...
User avatar
dis
Posts: 209
Joined: Mon Aug 19, 2002 3:56 am

Concerning Spam ...

Postby dis » Fri Mar 03, 2017 12:07 am

Nope, sorry, that's the most recent version I have. I've opened a ticket on Github so the Japanese team can take a look at the plugin and hopefully someone will be able to fix it when they have time. Fingers crossed! :)
being_new
Posts: 45
Joined: Mon Apr 04, 2016 7:17 pm

Concerning Spam ...

Postby being_new » Tue Mar 07, 2017 5:50 pm

Thank you so much, dis, for spending time on this! I'm truely grateful for finding someone so willing to help like you do! You are just great, thanks! (Will watch the topic for future posts!)
He
being_new
Posts: 45
Joined: Mon Apr 04, 2016 7:17 pm

Concerning Spam ...

Postby being_new » Wed Mar 08, 2017 7:29 pm

Hi dis!
You might be interested how I solved the problem:
The error-message did tell me everything required to create a table ... which I then did manually using myPHPAdmin in my server's control panel ("CPanel").
I then went back to "plugins" in the admin Area picking "install Comment Control"; though it was listed as an available plug-in (since the original install failed), it now went through without any error but saying "this plugin is already installed".
It seems that everything is now working well - I could pull up "administer" as well as "set option" (the latter two might be named slightly different in english, since I use another language setting).
Though I dont have any new comments yet (I spent about an hour every day to clean out all spam), I am confident that it will work fine ... if not, I will report here any problem encountered.
One more comment on spam: I also treied to install "NP_BadBehavior" and encountered the same problem ("syntax error") - and i also cretaed the table manually - and then the plugin installed perfectly well! (I hope, I'll know more after I got another mess of spam - or even better not! ;)
Thank you again for any help and hint you provided!
He
being_new
Posts: 45
Joined: Mon Apr 04, 2016 7:17 pm

Concerning Spam ...

Postby being_new » Thu Mar 09, 2017 2:48 pm

Hi dis!
It seems I cheered to early. :( - though both plugins seem to be installed properly, when I try to administer any one of the poplugins I get "you aren't logged in". - Thus, the manual installation of the DBs somehow corrupted the plugin-System.
Interstingly, right after installing them I could click "administer" and got "no comments pending" ... but once I logged out, I can't administer any more.
I also verified that the "you aren't logged in."-message does NOT come from either plugin ... (I appended a short string to the message in the code to see which script objects.) - the message comes from some other script which I have't yet located. Also, I'm getting notifications that comments are pending ... (but can't administer them.)
Also interesting: It seems that none of the plugins allows administration (provided there is such an option) - they all end with "you aren't logged in".
I will check on this further ...
He
User avatar
dis
Posts: 209
Joined: Mon Aug 19, 2002 3:56 am

Concerning Spam ...

Postby dis » Fri Mar 10, 2017 2:52 am

You are very welcome :) I forgot to leave the link to the github issue, you may like to check the progress of it there : https://github.com/NucleusCMS/NucleusCMS/issues/29 If you have a github account you can also add the information you posted here to the ticket there.

That's an interesting bug! The only thing I can think of for "not logged in" issues is cookies. Maybe check your cookie settings??

Also, I think "myISAM" is the old method and they have to change it to something else for the newer PHP versions, so maybe it worked partly when you manually created the table (that would get around the myISAM issue at the creating part), but it would not be enough to fix any other old code that needs to be updated for php 5.x-7.
being_new
Posts: 45
Joined: Mon Apr 04, 2016 7:17 pm

Concerning Spam ...

Postby being_new » Mon Mar 27, 2017 9:51 am

Hi dis, and thank you for your input! It is highly appreciated.
Regarding the "not logged-in" issue:
I found out if I click "update mailing list" (in the section just below the list of plugins, "update subscriptions" - (please note that the original names may be different as I'm using a german version) - I will get another "login dialogue" and can do so, and then it all works well.

Though, there is another small issue: Everytime I select "deny" for a post I'm being forwarded to the front end (website) and must hit "backward" in order to administer the next post. This is somewhat burdensome in the long run. I'd prefer either "no reaction at all" or setting a checkbox for each post to be denied and at the end of the page a link "deny all selected" or some such "mechanism".

Further a note on something I have implemented on my own: Having received tousands of posts containing terms like "generic|cialis|viagra|prozac|levitra|pharmacy|..." I added some code to simply quit processing if any of these is contained in a post (by means of preg_match in NP_CommentControl.php) - this reduced spam down to some 20 per day. I can now work pretty well with my blog. :) I guess this kind of option could easily be implemented in the "configure"-option of the plugin.
User avatar
dis
Posts: 209
Joined: Mon Aug 19, 2002 3:56 am

Concerning Spam ...

Postby dis » Tue Apr 11, 2017 7:51 pm

Hmm, i have not actively used the plugin in a while so I can't remember if that forwarding action (to the front page) after each deny is normal. I'll post again if I get some spare time to test this. I thought I remembered that I used to be able to select multiple comments to allow or deny at one time.

I believe Admun used to maintain this plugin but it's been a very long time since it was last updated. You can try contacting him at his website (http://edmondhui.homeip.net/nudn/) if you like - it's still up, but I don't know if he still supports it, so you may not get a reply. No harm trying though! :)

Great idea about the code by the way! You could post a copy of your modified plugin here to share it with other users if you like :)
being_new
Posts: 45
Joined: Mon Apr 04, 2016 7:17 pm

Concerning Spam ...

Postby being_new » Wed Apr 12, 2017 11:20 am

Follwing the suggestion from dis I not the changes I made to get rid of notourious spammers: the changes start at line 197 of NP_CommentControl.php

Code: Select all

     // Versuch besonders lästige und unbequeme "poster" zu sperren ... HWK 16Mär2017
     if (preg_match("/viagra|sildenafil|cell phone|generic|cialis|pharmacy|kamagra|antibiot|antiprec|prozac|celesa|levitra|Reebok|Adidas|Puma|Nike|http:\/\/|https://|sneakers|weight-loss|sunglasses/",$data['comment']['user'])) {
        //fwrite(STDERR, "Abuse of comment forms by an obnoxiously dumb spammer!./n"); // ggf hier IP Adresse anfügen, um sie im Log zu erfassen ...
        file_put_contents('php://stderr', "Abuse of comment forms by an obnoxiously dumb spammer who can't read!", FILE_APPEND); // HWK 26.3.17
        echo "This kind of error usually denotes abuse of this site's comment forms by an obnoxiously dumb spammer who can't read!<br>/n";
        exit(1); // A response code other than 0 is a failure
     } if (preg_match("/viagra|sildenafil|cell phone|generic|cialis|pharmacy|kamagra|antibiot|antiprec|prozac|celesa|levitra|Reebok|Adidas|Puma|Nike|http:\/\/|https://|sneakers|weight-loss|sunglasses/",$data['comment']['body'])) {
        //fwrite(STDERR, "Abuse of comment forms by an obnoxiously dumb spammer!./n"); // ggf hier IP Adresse anfügen, um sie im Log zu erfassen ...
          file_put_contents('php://stderr', "Abuse of comment forms by an obnoxiously dumb spammer who can't read!", FILE_APPEND); // HWK 26.3.17
        echo "This kind of error usually denotes abuse of this site's comment forms by an obnoxiously dumb spammer who can\'t read!<br>/n";
        exit(1); // A response code other than 0 is a failure
     }



Please don't be confused by my german comments, it's all said in english for error-output.
I'm not certain that this code is "perfect" or even "professional", but it works well for me and without errors.
By the way, though I don't know what caused it, the problem with "your arn't logged in" has vanished completely.
User avatar
dis
Posts: 209
Joined: Mon Aug 19, 2002 3:56 am

Concerning Spam ...

Postby dis » Wed May 10, 2017 10:44 pm

Thank you so much Yama! Helmut, I hope you see this update! :)

Return to “Free conversation”