How to Prevent phpBB Registration Spam

For the ClassiPress forum I use a free software called phpBB. Up until a few weeks ago, I wasn’t having any problems with forum spam but now it seems the bots have me zeroed in. PhpBB does come with a simple captcha-style anti-bot option but for some reason it doesn’t seem to work very well. I have also enabled a feature to require email verification by clicking on a link before their account becomes active.They beat that too.

I must say, the bot engines out there today are pretty damn smart. They have figured out a way to automate and bypass both of these security measures so they can post spammy links to their products or just be a nuisance. Luckily the spammy forum posts haven’t been porn…at least not yet.

So today I finally got fed up with having to delete spam posts and ban users and installed a great phpBB3 mod. It’s called Anti-Bot Question and it does a great job beating the spam bots. As with any mod, it takes some time to set everything up (it took me about 1 hour total) but so far it’s blocked everything. Since the phpBB spam robot scripts know the exact order and number of fields on the registration page, this new field throws them off. They also don’t know how to answer the question so they are stopped dead in their tracks. Here’s the final result.

This mod basically adds a new field on registration where you can create any question/answer combo you want. In my case I used the basic “Is fire hot or cold?” question but you can use whatever you like. You set this question up on the “General” => “User Registration Setting” page at the bottom.

If you aren’t familiar with installing phpBB mods, then listen up. Most of them come with a .xml file which contain the instructions. Just open it up locally in your web browser and follow the steps. For this mod you will need database and ftp access. You will have to run a simple mySQL query that inserts new values into the config table and also edit 3-5 phpBB3 files.

After you make the updates, it usually won’t show up until you clear your cache. So on your “General” page, click the “run now” button for the “purge the cache” option.  Remember to make sure you backup your files before doing this mod and read the directions carefully!

It’s also worth noting that applying mods to your forum will probably get blown away when it comes time to upgrade phpBB. I recommend bookmarking the sites of any mods you make as well as adding comments to the code you update. That way when it comes time to upgrade phpBB, you’ll remember exactly what you changed the first time and can do it again with ease.

For those of you who wonder why I decided to use phpBB, it’s because of several reasons. I also recommend checking out a great site called Forum Matrix which lets you compare dozens of different forum solutions side-by-side.

UPDATE: After running phpBB for over one year, we decided it was time to purchase vBulletin. It’s a much more complete forum software and we especially like how it integrates with our existing systems.

Your rating: none
Rating: 2.8 - 4 votes