banning accounts upon key words/phrases

[metulburr]

I requested an anti spam plugin and someone responded back with the plugin code. 

it blocks a post from being made and deletes the account. This is based on key words and key phrases within the post and the title. And the option to select post count for the user it works on to avoid false positives. But obvious we would just set it to 1 post and ignore everyone else. 


So my question is....
What are some key words/phrases that are most likely spam posts that are a newly registered user's first post. 

I could undo some deletes for the purge spammer to get a list of recent spam. But was wondering what you guys see that purge spammers more often than i do.

The one thing i can think of is http:// in the thread subject

[micseydel]

I'm not enthused about this. Post count doesn't sound good enough at all to prevent false positives, especially when we want to grow this forum. I wouldn't mind putting them in a moderation queue, but deleting accounts without human review sounds like a bad idea to me. Spam isn't too bad here anyway, I feel like.

[Kebap]

Key words won't work 100%. I have tried it on other forums. Would not encourage to trigger automatic purging by an untrustable measurement like that.

[metulburr]

ok. What about just blocking the post and commenting out the banning portion?

"http://" is used quite often in the thread subject with spam. When would would a legitimate user put this in the thread subject on their first post? In this way they just get an error instead saying their post is being triggered as spam...giving them a chance to fix it if it is a false positive.

[Dragonexpert]

I just finished building a plugin for a user that lets you scan a post for select words. If it contains a specific word, it gives an error message and the post won't go through. If the person is alright with the project being on Github, I could let you see it.

[micseydel]

People do stupid stuff, so I can see it happening. I think the tradeoff here of less spam vs friction isn't worth it, since I feel like the spam really isn't bad, and friction will prevent this forum from growing. And by "error message" do you mean something telling them explicitly what to change or just that the post failed? I'm ok with having a specific message telling people not to have "https://" in their subject line.

[Dragonexpert]

The error message says your post contains one or more words that are not allowed.

[metulburr]

And by "error message" do you mean something telling them explicitly what to change or just that the post failed? I'm ok with having a specific message telling people not to have "https://" in their subject line.

Im playing with (testing) the original plugin from the OP. I commented out the banning user call, and it blocks messages with words/phrases given in ACP options. It does not allow the post to go through and sends the user to no permission page. I personally would rather have an error message above the editor, like the no links plugin (im tinkering with it trying to do just that). As is now, it currently sends the user to the no permission page with a list of reasoning's why they are there. And then i added clause to spam content in posts. I did not specify http :// in this message because i thought that would give away to spammers what to fix....but if you want me to i can?

[metulburr]

The error message says your post contains one or more words that are not allowed.

Does yours check the subject line and post or just the post?

[metulburr]

This is the plugin from OP

code

<?php
/****************************************************************************
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.
    
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
    
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
****************************************************************************/

if (!defined('IN_MYBB')){
    die('This file cannot be accessed directly.');
}

$plugins->add_hook('newthread_do_newthread_start', 'auto_ban_trigger');
$plugins->add_hook('newreply_do_newreply_start', 'auto_ban_trigger');

function auto_ban_info(){
    return Array(
        "name" => "Auto-block",
        "description" => "It automaticaly blocks users who write specific words on threads or posts",
        "website" => "https://amxmodx-es.com",
        "author" => "Neeeeeeeeeel.-",
        "authorsite" => "https://amxmodx-es.com",
        "version" => "v1.1",
        "guid" => "",
        "compatibility" => "18*"
    );
}

function auto_ban_install(){
    global $db;
    $ap_group = Array(
        'name'            => "autoban",
        'title'            => "Auto-Block",
        'description'    => "",
        'disporder'        => 1,
        'isdefault'        => 1
    );
    
    $gid = $db->insert_query("settinggroups", $ap_group);
    
    $autoban_settings = Array();
    $autoban_settings[] = Array(
        'name'            => "autoban_enabled",
        'title'            => "Enabled?",
        'description'    => "Enable/disable Auto-ban plugin.",
        'optionscode'    => "yesno",
        'value'            => "1",
        'disporder'        => 1,
        'gid'            => $gid
    );
    
    $autoban_settings[] = Array(
        'name'            => "autoban_words",
        'title'            => "Ban words/phrases",
        'description'    => "Here you setup the words/phrases you would like to check for an instant ban separated by comma \",\"",
        'optionscode'    => "text",
        'value'            => "",
        'disporder'        => 2,
        'gid'            => $gid
    );
    
    $autoban_settings[] = Array(
        'name'            => "autoban_minposts",
        'title'            => "Max posts",
        'description'    => "The auto-ban will only be applied for users with less than this amount of posts",
        'optionscode'    => "numeric",
        'value'            => 10,
        'disporder'        => 3,
        'gid'            => $gid
    );
    
    $autoban_settings[] = Array(
        'name'            => "autoban_banreason",
        'title'            => "Ban reason",
        'description'    => "The ban reason when a ban is triggered by the plugin",
        'optionscode'    => "text",
        'value'            => "SPAM",
        'disporder'        => 4,
        'gid'            => $gid
    );
    
    foreach ($autoban_settings as $setting){
        $db->insert_query("settings", $setting);
    }
    rebuild_settings();
}

function auto_ban_uninstall(){
    global $db;
    $db->delete_query("settings", "name IN ('autoban_words','autoban_enabled','autoban_minposts','autoban_banreason')");
    $db->delete_query("settinggroups", "name='autoban'");
    
    rebuild_settings();
}

function auto_ban_is_installed(){
    global $db;
    $query = $db->simple_select('settinggroups', '*', "name='autoban'");
    if ($db->num_rows($query)){
        return true;
    }
    return false;
}

//$plugins->add_hook("datahandler_post_validate_thread", "auto_ban_trigger");

//$plugins->add_hook("datahandler_post_validate_post", "auto_ban_trigger");

function auto_ban_trigger(){
    global $mybb;
    
    if ($mybb->settings['autoban_enabled'] == 0){
        return false;
    }
    
    if ($mybb->user['postcount'] < $mybb->settings['autoban_minposts']){
        $message = $mybb->get_input('message');
        $subject = $mybb->get_input('subject');
        
        $phrases = explode(',',$mybb->settings['autoban_words']);
        foreach ($phrases as $phrase){
            $phrase = trim($phrase);
            if ($phrase == ''){
                continue;
            }
            if (stristr($message, $phrase) || stristr($subject, $phrase)){
                //ban_user($mybb->user['uid']);
               error_no_permission();
                //$post->is_validated = false;
                //$post->set_error(sprintf("Your post has been marked as spam, and notified admins and mods. ", "Auto-Block"));

            }
        }
    }
} 

function ban_user($uid){
    global $db,$cache,$mybb;
    $query = $db->simple_select("users", "uid, usergroup, additionalgroups, displaygroup, username", "uid='{$uid}'", array('limit' => 1));
    $user = $db->fetch_array($query);

    if (!$user['uid']){
        return false;
    } else if (is_super_admin($user['uid'])){
        return false;
    } else {
        $query = $db->simple_select("banned", "uid", "uid='{$user['uid']}'");
        if ($db->fetch_field($query, "uid")){
            return false;
        }
    }
    
    $lifted = 0;
    $bantime = '---';
    $reason = $mybb->settings['autoban_banreason'];
    
    $query = $db->simple_select("usergroups", "gid", "isbannedgroup=1", array('order_by' => 'title', 'limit'=>1));
    $group = $db->fetch_array($query);
    $db->free_result();
    
    $group = $group['gid'];
    
    $insert_array = array(
        'uid' => $user['uid'],
        'gid' => intval($group),
        'oldgroup' => $user['usergroup'],
        'oldadditionalgroups' => $user['additionalgroups'],
        'olddisplaygroup' => $user['displaygroup'],
        'admin' => intval($mybb->user['uid']),
        'dateline' => TIME_NOW,
        'bantime' => $bantime,
        'lifted' => $lifted,
        'reason' => $db->escape_string($reason)
    );
    $db->insert_query('banned', $insert_array);
    
    // Move the user to the banned group
    $update_array = array(
        'usergroup' => intval($group),
        'displaygroup' => 0,
        'additionalgroups' => '',
    );
    $db->update_query('users', $update_array, "uid = '{$user['uid']}'");
    $db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'");
    $db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'");
    
    $cache->update_banned();
    return true;
}