Using email as a primary means to contact me has some disadvantages, such as long threads that make it hard to find information and lags in my responses. So in response I’ve created a Slack workspace: https://phpbbservices.slack.com.
If you join my workspace you can ask me questions anytime. Hopefully I’m on my computer and can respond quickly. Otherwise I will respond when I am available and you can look for my response in the workspace’s channel of your choice.
If you use the #general channel what you post is public to anyone in my workspace. So most of the time use the direct message feature to keep our conversation private.
We’ll see how this goes. I’m fairly new to Slack too so you may know more about it than I do!
Happily, there was a lot more work in July than there was in June. I am noticing that I tend to get called in for more complex projects and fewer simple projects. One effect this has is that these projects can span months. I worked on two projects like this during July that I do not detail below, but will when finally completed. They will have amount to nice sales when they finally cash in. Both projects are complex upgrades from phpBB 3.0 where there were many customizations by previous developers (including me). Moving them to phpBB 3.2 involves a lot of talking, compromise and prototyping. Both involve standing up test instances of their forums and iterating through them getting the style and features right. As for the other work I did in July:
Upgraded a forum from phpBB 3.0.12 to 3.2.2. I had to do it minus the tools I usually have. I had only SSH access. As such there were various technical issues. Trying to make a database backup took a long time in phpBB. But with root privileges I was able to do it very quickly. There were issues uploading files. I had to change the Unix group I was in to get the file permissions correct. I seemed to lose ability to create directories using Secure FTP. I worked closely with client who did some work and gave me additional privileges. There was an unexpected issue with /config directory that did not properly upload and a missing line in the config.php file. Th install folder was not recognized. I had to fix some database issues with upgrade, mostly done from the command line. I reapplied styling changes including logo, various buttons and some help links. Search indexes would not work (MySQL fulltext) so I created phpBB native index instead. I removed dead modules and updated spambot countermeasure to use reCaptcha V2.
Troubleshooting. The host set PHP 7 as the new default version of PHP, which caused issues bringing up the phpBB 3.0 forum. I could only revert back to PHP 5.6 on a phpBB 3.0.12 forum but it came up. Later, I upgraded the forum to phpBB 3.2.2 which does work with PHP 7. There were no issues. I placed the logo, changed the spambot countermeasure to reCaptcha V2, added a home link, and removed dead modules.
I created two MySQL database triggers to add forum notifications, similar to work for another client in May. This was more involved since 17 forum notifications were needed for each user in the group. I also wrote SQL to make the phpbb_forum_watch table contain rows for all existing users in the newly registered users and registered users groups, so the new triggers would work for people in these groups. I analyzed an issue with notification emails being checked by default. It looks like the two critical ones (new topics in subscribed forums, and replies to topics in subscribed topics) are set by default. I suggested not to turn additional email notifications on by default but it can be done with a trigger if necessary.
Fixed a digests issue on version 3.2.7 of my digests extension for a client. Digests were not going out reliably with their cron. A manual test worked fine. To fix cron job I removed /forum from the path since the forum is in a subdomain and added /usr/bin to the curl path.
Issue of FatalErrorException in container_builder.php line 146, which brought the forum down. /cache/development folder had 755 permissions. Removed it, changed config.php so phpBB development mode was disabled, cleared the cache manually, and the forum came back up.
I upgraded a forum from phpBB 3.0.5 to 3.2.2. The old style was not available, so a new style choice had to be made. The default prosilver style was used. There were some minor issues during upgrade that I had to puzzle through. I added the old logo. I recreated the MySQL full text search index. I added reCaptcha V2 spambot countermeasure and enabled it. I removed some dead modules including old AutoMOD modules. I added a home link.
Troubleshooting. There were issues with users not getting email notifications when registering or for forum/topic replies. First I advised setting email package size to 0. That did not seem to work, so I was asked to test it. I created an account and verified that both the registration email was received and forum notifications were received. It is now working correctly. Some permissions looked odd: newly registered could only reply to topics and registered users could not post in most forums.
Installed the mChat extension on a new forum with the Flat Style Blue style. Used cPanel to upload the extension. Later, I made text changes to mChat (changing its title to “Live Chat” among other changes) and removed credit lin,e substituting one provided by user. Some days later, I installed the forum icons extension and an archive of forum icons mentioned in the topic for the extension. The next day, the client requested some tutoring so I created a tutorial video using SnagIt. I demonstrated adding an extension, using cPanel, Filezilla, Dreamweaver, File Manager, making a sized and transparent logo and swapping the default logo, changing phpBB’s default text.
A site got hit by malware and was recovered. After recovery, I was asked to check the extensions and base code for malware. I upgraded my digests extension and the Cleantalk extension to the latest versions. I compared files with a 3.2.2 reference and found no malware. Later in the month, I removed unneeded phpBB software files, probably from previous versions, that remained in the forum folder. I also enabled the contact form check in Cleantalk because contact form spam was happening. Even later in the month, more spam was reported. Cleantalk extension was somehow disabled. I reenabled it. I removed spam users via Cleantalk once it was reenabled.
Troubleshooting. There were regular HTTP 500 errors accessing certain folders in the ACP. When I finally found the web server error log, the log indicated that the /cache/production/twig folder could not be written to. 755 permissions existed. I changed the permissions to 777 and deleted the files inside it that had 755 permissions and the issue was resolved.
Troubleshooting. The forum could not send mass emails. Since he has Siteground hosting, passed on what I learned when I set up my hosting: create an account on the domain and configure phpBB to use SMTP. It took a little back and forth with Siteground technical support but this approach eventually proved fruitful.
This job was a referral from a recent client. I was asked to straighten out an inconsistent .htaccess file for the site. Issue were http to https redirects weren’t happening, index.html page needed to be hidden if called directly and certain hotlinking needed to work right.
The Cleantalk extension was disabled, so spam started to appear, same issue as another client had this month. I updated the Cleantalk extension to the latest version and reenabled it. I found about 20 spam users that I deleted.
I installed the Detailed Online View extension, a development quality extension, after warning client it was a bad idea to use any extension that was not approved. It is accessed through the Who’s online link.
This will hit you if a subscriber needs a table of content and you installed version 3.2.7 of the digests extension. What happened was that in cleaning up the code I decided that the assign_vars method should be simplified to use assign_var when only one template variable needs to be connected to a template. Except that the messenger class used for email is a subset of the template class and it doesn’t support the assign_var method. So it fails. You can see the patch here.
As I have noted before, since I work with many clients I have developed hopefully informed opinions about many web hosts. Perhaps I should not paint with a broad brush but I do have one suggestion: avoid any web hosts owned by the Endurance International Group.
Web hosting tends to be a low profit business. With so much competition, customers will shop around for the best deal. This results in many hosts offering cheap plans for $5 or $10 per month. Web hosts can hope to find profitability in volume but since there is a lot of competition profitability usually comes from consolidation. The Endurance International Group buys web hosts. It looks like they find profitability through throwing all these companies under one umbrella and one hosting center.
I used to host with Hostgator. I found their support good and their infrastructure above average, yet their pricing was very reasonable. Then they were bought out by the Endurance International Group. Almost immediately afterward their support became crappy and I noticed delays accessing my domain as well as infrastructure related issues. When my hosting contract was over, I was happy to move somewhere else.
When you call these companies for support, you are immediately placed into a third-level support queue. After you finally connect with a human, these brain-dead support people follow scripts that are designed basically to not solve your problem and make you go away. Moreover, I found myself far more knowledgable about hosting and how to solve problems than they were. They could rarely even cover the basics. If you needed real help I found I had to badger for second-tier support.
All this is to keep their costs low since one support center for dozens of companies is obviously cheaper. But it results in inferior service, as evidenced by my experience with hostgator.com.
Endurance International Group own a lot of hosts, most pretty obscure. Among those they purchased you may be familiar with include Hostgator, Bluehost, Hostcentric, iPage and Site5. You can see a full list of the brands they bought on this Wikipedia page.
Given the low margins, the hosting business is likely to continue consolidating. There is certainly a lot of smoke and mirrors in this business. What used to be good hosting can turn into poor hosting pretty quickly when they get acquired. This is true of MediaTemple, at least it’s Grid Service, based on my latest experience since it was bought by GoDaddy. Right now my recommended hosts include Siteground for most hosting and Rackspace for dedicated and virtual server hosting.
It’s quite clear to me though that you are likely to be unhappy with any hosting owned by the Endurance International Group. So avoid.
Emailing from phpBB is often problematic. In a previous post I looked at various ways to make sending email from phpBB more reliable.
In this post I look at why you might want to configure phpBB to use SMTP (Simple Mail Transfer Protocol) to send emails. If you are using a Windows web server (IIS), this is usually required. You can change these settings in ACP > General > Client communications > Email settings, which can be set halfway down the page.
By default, phpBB hands off email to PHP using PHP’s mail function and hopes for the best. If the mail function returns FALSE, the email should not have gone out. You won’t necessarily be know if it fails, however. Known email sending failures appear in phpBB’s error log: ACP > Maintenance > Error log.
Even if the PHP mail function returns TRUE, it may be a false report. In many cases TRUE only means that the mail was accepted. Whether TRUE means “accepted” or “successfully sent” depends on how your host’s email server is configured.
Once accepted by the email server, the email is likely to be closely examined. If it has some of the markers of being spam, it will probably get blocked from actually being sent out. In this case, you probably won’t know about it. You can greatly improve the odds that emails will go out successfully if you:
Create an email account that uses your forum’s domain, ex: email@example.com
Assert this email address in phpBB: ACP > General > Client communications > Email settings. Set this email address for Contact email address and From email address.
By default on Linux web servers (most typical kind of hosting), PHP’s mail function sends outgoing email to a sendmail process. Essentially, emailing is the job of your server’s operating system, so you can’t control it. Because you can’t control it, sendmail will be configured generically. Any other domains on the server you are using will send email out through the same sendmail process.
However, if you use SMTP to send email instead, you have to authenticate yourself with the SMTP mail server. By properly authenticating yourself, emails are likelier to go out. The downside is that it’s a bit of a hassle to set up SMTP. I discovered this on this site when I moved my hosting to siteground.com. It uses WordPress which by default also uses sendmail. Emails weren’t going out. A call to Siteground’s tech support revealed that SMTP was a better way to go. They provided the credentials to use and now my WordPress email notifications go out quickly and reliably. This should work for phpBB too.
Don’t assume that you can use an external SMTP server like GMail. Many web hosts will block outgoing SMTP email. If it’s allowed, by all means go ahead. You should check with your web host for the proper email settings to use.
One possible downside is that outgoing email quotas are likely, but that’s probably also true if your host uses sendmail. Your web host can tell you what policies if any apply to your hosting. See the previous post for instructions on how to properly set your email package size and to set up a system cron, if necessary. Make sure it works by sending a test email, an option available on the email settings page.
June was a very slow month. This wasn’t bad as March was so crazy and I was teaching a class too. Summers are often slow around here as people have other things to do with their time.
I used the month to get out version 3.2.7 of my digests extension instead. I actually did quite a bit of analysis for clients, trying to work through the requirements of a job. A lot of my work these days involves very complex upgrades where many things have to factored and considered by the client before moving forward. I expect some of these will get authorized and worked on in July. Anyhow, it was nice to have a break. Overall though I’d prefer work to be more regular rather than either light or super heavy.
I upgraded the Cleantalk extension for a client to latest version (5.6.5) per client’s request. I also changed the spambot countermeasure from simple image to reCaptcha V2.
I upgraded a forum from phpBB 3.0.12 to 3.2.2. There were lots of issues associated with the client’s hosting. FTP did not work reliably (regular timeouts) meaning lots of files had to get requeued and resent. Upgrade was to place forum in a new /forum folder instead of root folder. There were issues upgrading on web server, so I converted database on my machine. I had to empty the migrations table to get it to work. One error discovered later by the upgrade: missing row in the phpbb_acl_options table meant that I could not install extensions. Once I added it, the manage extensions link appears in the Administration Control Panel. I installed the Absolution V3 style. Installed Thanks for the Post (RC) extension and Banner Scroll (RC) extensions. I had to move some files for the banner scroll extension into /forum/images folder. Lots of work tweaking the style. I abandoned provided site logo and reverted to earlier one as it worked better with the style. I tweaked the logo so it is kind of centered, hard to do with CSS blocks. Added G+, Facebook, YouTube and Twitter icons to navigation bar. Installed reCaptcha V2 as spambot countermeasure. Later: finally got SSH access and that allowed me to move files and images folder. I removed all other content in public_html directory.
Configured Cleantalk for a client with two similar websites. I used Cleantalk to remove spam accounts from both of their domains. Additional work troubleshooting an issue with moderation, not quite understood yet, want to know if it recurs. I removed items in moderation queue by approving each then deleting manually from the topic. There were still issues with Cleantalk extension being unable to communicate with Cleantalk server. Both allow_url_fopen and CURL are enabled in PHP. Probably an outgoing firewall issue. I asked client to talk to web host about the issue and provided a list of servers that should be allowed to communicate with. Later, I was asked to resolve signature issues on one domain for a particular issue. The role was not assigned for many forums for the person’s group and in the case of some forums the Registered Users group permission for signatures was set to NEVER meaning the special group’s permissions were being overwritten. Later, I disabled search on another of the client’s domains because he had integrated a Google Custom Search field.
I migrated a forum and also upgraded it. BitNami was installed (phpBB 3.2.2) on new host so rather than simply migrating to new host I converted the database on my machine instead. SSH was my only tool, so I used it to change and import the database from the command line and make file changes manually using vi. I installed seven additional language packs. I removed dead modules. I installed reCaptcha V2 spambot countermeasure. I placed the old logo on the default prosilver style. About a dozen files would not copy over, and caused Filezilla to crash. This client was kind enough to leave a comment on my home page expressing satisfaction with my work.
I upgraded a forum from phpBB 3.1.3 to 3.2.2 on a Windows server running IIS. I provided guidance on a Joomla issue which led the client to take care of that issue first with a Joomla expert. The upgrade went fine and I reapplied logo on the prosilver style. However mysterious issue with posting (no refresh screen after posting) remained. I eventually determined it was due to incorrect integration of email by the forum. When posts are made, post notifications are sent. This was causing the error. I suggested raising issue with web host or moving to Linux hosting. Did not install Social Media login extension, although we discussed this.
This extension is still not approved. The phpBB extension review team found more issues, all very minor.
It’s taken a long time to put out a new release because I had to wait a few months for a review, and then I had to puzzle my way through bugs that were introduced into phpBB’s migrator in phpBB 3.2.2 which in many cases kept digests from installing correctly. It’s all pretty annoying but issues like this are bound to creep in from time to time. Anyhow, version 3.2.7 is released. With this release I’ve retested installing digests from a database upgraded from phpBB 3.0 with the digests mod installed. Apparently I hadn’t retested this since the 3.1 version of digests. Using this approach you can retain your digest settings from the mod.
Most of the change log is pretty technical and arguably irrelevant but you should pay attention to bug fixes and functionality changes.
Fixed HTML5 validation issue with Edit Subscribers, closing </textarea> was missing
Fixed HTML5 validation issue with Balance Load, added three <col> tags
UCP dialog error fixed by adding additional code to jQueryUI interface
Moved posts are not included in a digest
Configuration variable phpbbservices_digests_strip_tags added by the migrator, was missed from earlier version
Changes in functionality:
When the manual mailer is run, the file name includes a hash for added security
Extension team review fixes:
Replaced isset($_REQUEST[‘config’]) with $this->request->is_set(‘config’)
Replaced addslashes($balance) with $this->db->sql_escape($balance)
Removed !defined(‘IN_PHPBB’) in mailer
Moved code to load messenger class inside the mail_digests function in cron/task/digests.php
Replaced sizeof() with count() as sizeof() is an alias of count()
Removed redundant conditional operators where unnecessary
Removed unneeded casting of function return values where unnecessary
Used $html_messenger->assign_var() when only one template variable needed to be set instead of $html_messenger->assign_vars()
Included ACP and UCP .css file through a switch, so they would not be loaded by other modules
Edit subscribers now shows alternating row colors properly
Included ACP and UCP .js file through a switch, so they would not be loaded by other modules
Fixed some variable names that were not using camelcase
addToStack() function logic now uses jQuery
Removed redundant conditional operators where unnecessary
Added var in front of variables that did not use them
Removed query for f_list privilege, unneeded
Used constants DIGESTS_DAILY_VALUE, DIGESTS_WEEKLY_VALUE and DIGESTS_MONTHLY_VALUE instead of literals
Properly indented code in templates
Properly indented code in templates
helper class is no longer passed to main_listener class as it is no longer needed
Brought copied functions up to date with functions in version 3.2.2 of /includes/functions_messenger.php
Lots of work to simplify and address issues, some related to bugs in the migrator introduced in phpBB 3.2.2
Conversion from digests mod: now properly converts configuration variables, modules and schema changes during enabling the extension if these remain in the database after upgrading from phpBB 3.0. This allows digest settings to be retained. Apparently this functionality never worked on phpBB 3.2. To get around what look like migrator bugs in phpBB 3.2.2, old modules are deleted with a direct database call. Note: if AutoMOD was used to install Digests, you need to remove AutoMOD modules manually. The symptom is an ACT_CAT_MOD tab appears in the ACP.
Updates configuration variable to point to new digests web page URL
Helper container removed as it is no longer needed
common.php linkage removed as it is not used anymore
Things were a bit slow in May, at least for the first two weeks. Curiously all my work was for existing clients. The theme of my work in May: getting rid of spam and preventing it.
May 4. I helped fix an outgoing email issue on GoDaddy hosting. phpBB notifications were being blocked by GoDaddy from going out, something that you would never know if you don’t call their technical support line and press them. GoDaddy detected malware on the domain but after running a scan could not find any. They required that the customer certify that there was no malware on the site before unblocking outgoing email. In response I created an email forwarder for the domain and made this the board contact email. Not having an email address for outgoing mail associated with the domain is often the root of these problems. Customer called GoDaddy, they reenabled outgoing email and notifications started going out again.
May 12. Issues with spam posts on the forum despite using the reCaptcha V2 spambot countermeasure setting in phpBB. Customer was paying extra for a GoDaddy Securi service that automatically detected and removed suspected malware, but which removed some valid software introducing issues. Securi zeroed out some software files that kept me from logging in. After I eventually figured out the problem, I replaced the two files and I was able to log in. Earlier I had removed copies of mods in the store folder (used when the board was using phpBB 3.0 software) that were flagged by GoDaddy as malware. There were recent spam posts and it’s unknown how they happened. It’s possible the spammer solved the reCaptcha manually. I deleted about 150 inactive and likely spam registrations via SQL. I provided user with a list of posters since 4/1/18 so he could make a judgment as to whether these were spam registrations. I provided instructions on removing these users and their posts. I reinstalled Tapatalk since it was not working. I had to do it through File Manager since FTP wasn’t working. mChat extension wasn’t working either. I tried to reinstall that too but it didn’t work. I needed to reupload all phpBB software files since components were probably removed by Securi. Noticed navigation icons were removed too. Talking with GoDaddy they disabled the firewall and got me FTP access again. I re-uploaded folders where Securi had changed things. This seemed to fix remaining issues. After purging the cache, mChat started working and icons reappeared. Uploaded Cleantalk but not enabled. Providing instructions for configuring it if client wants to use it. Had GoDaddy disable firewall. Customer may want to stop paying for it.
May 12. Since my last work for client they moved their forum to a dedicated server. Could not get in with FTP credentials. Used file manager instead. Installed release candidate of Thanks for the Posts extension. It will work with Tapatalk if the mobiquo directory is replaced. Did that and tested and it seemed okay. Installed a beta Modern Quote extension. Hid the portal page link because a sidebar would not show on right due to styling issues. Changed server settings, cookie settings and .htaccess file to accommodate HTTPS. There were some issues with getting cookie settings to work correctly. I also had to change some URLs in the posts table to https and fix some ads that were showing http in the URLs. To accommodate a Discord chat widget client wanted on the sidebar, I created a .css file it uses and linked it in in overall_header.html. I placed it at the bottom of the right sidebar in a custom widget in the Board3 portal, but there were connection issues since the service was not authorized that the client fixed. I fixed a phpBB Gallery integration issue. In the config table, the row containing phpbb_gallery_num_comments was blank when it needed an integer, trigger a SQL error. Set it to 1 since there was only 1 comment in the gallery so far. Fixed edit mchat post issue so an admin could edit the chat post due to white text on white background. Applied mChat patch to force the window to scroll to bottom in mChat. Fixed background and text color of Discord widget with an inline style to the widget since the board portal stylesheet was overruling it. Clock widget bottom part did not refresh on Chrome, but does on Firefox. Not sure it can be fixed (browser quirk) so client removed it. Checked background color issue for multi-quote. It’s black for me. Does not appear to be permissions based.
May 13 – Changed the background color for Gallery display, was white, commented out in CSS. User provided a watermark and I added that. Changed cookie name, forces a new login.
May 14 – Sorted through issue with Gallery watermarks (should be applied to subsequent images) and virtual URLs it creates. Disabled Image upload extension.
May 16 – Mostly answered new questions, changing some settings such as a PHP maximum upload size. Installed Search User Topics extension.
May 28 – Client asked me to update the version of Tapatalk to 2.1.10. However, it didn’t integrate well with version of mobiquo supporting the Thanks capability. To get things stable, we eventually reverted back to Tapatalk version 2.0.8.
May 16 – Time consuming phpBB upgrade on dreamhost.com virtual private server from phpBB 3.0.14 to 3.2.2. Over 1.2M posts, took 3 days! Running a database update quickly failed. Tried the command line interface instead. Even then it was excruciatingly slow. Broken SSH connection overnight meant a restart which bogged down. A chat with tech support finally revealed the upgrade slowness issue: insufficient RAM for the database. Bumped it to about 600MB and the conversion finally completed. Everything was straightforward thereafter. Used the black style which I changed to make red type rather than blue to match the look under phpBB 3.0. I replaced the logo. I added the latest Tapatalk extension and enabled it. I added Cleantalk extension and gave instructions on how to enable it with a key from the website. Turned on its spam firewall feature. I created a robots.txt file to deny all robots. I enabled reCaptcha V2 spambot countermeasure. Changed group color for administrators so they could be seen easily in styles.
May 17 – Additional work. MySQL too many connection errors kept happening. Spent time with tech support on this issue. MySQL settings cannot be changed for the VPS type of account. Some users were reporting bogus login errors. Disabled Cleantalk and think that will solve the issue until Cleantalk is properly set up. Added prosilver_se style for visually impaired users who can’t see dark style well. Installed Quick Style extension so styles could be easily changes. Changed blue text colors to white but cannot change color of icons since they are images — would need new set of icons colored correctly. Client wants to jump to the first unread post of a topic when clicking on topic icon. Found a hack for it but advised against it.
May 18. Investigated some new issues. The search index unavailable message when posting, but post was saved. Changed search index to phpBB Native. Installed Naruto shipuuden style and tweaked it to place logo and make it look right.
May 19 – Answered some questions. Installed Thanks for the Posts (Release Candidate) extension. I did more tweaking of newest style to make it look more uniform.
May 20 – Answered a lot of questions. Think the too many MySQL connections issue is either related to Tapatalk’s mobiquo directory or needing to change the storage engine for tables to InnoDB. Updated Cleantalk extension to latest minor version. Changed PHP from 5.6 to 7.0. Uploaded version of mobiquo for Thanks for the Post extension.
May 21 – Installed ShareOn extension. I found a way to get to MySQL prompt for potential change of tables storage engines to InnoDB. Changed a lot of forum permissions. Explicitly gave Thanks for the posts permissions where necessary. Verified it worked in Tapatalk with the replacement mobiquo folder they provided.
May 22 – I changed all table storage engines from MyISAM to InnoDB. The search wordmatch table took about six hours to convert. This resolved the MySQL too many connections problem, probably because tables were being locked and unlocked more efficiently and at the row level instead of the whole table level. I also installed the Media Embed plugin. I wrote a little blurb of instructions for client’s users and provided a screenshot for using the Media Embed plugin.
May 24 – I installed Advanced BBCode Box 3 extension to make it easier to embed videos.
Client #4. To address a persistent spam problem, I installed the latest version of Cleantalk and changed spambot countermeasure to reCaptcha V2.
Client #5. To address another spam problem, I installed Cleantalk extension on two domains.
Client #6. Client had a major spam attack with thousands of spam posts and spam registration. Configured reCaptcha V2 on phpBB 3.2.1. Then installed Cleantalk extension. However, there were issues while removing spam with Cleantalk, first hosting timeouts, then duplicate rows in phpbb_notification_types table. Emptying this table eventually worked. Removing spam was a combination of some SQL on the backend plus Cleantalk extension.
This is an update on an earlier post on removing spam posts.
Removing spam posts is hard because it requires actually reading the post and deciding if the post is spam or not and then using moderator tools to remove these posts. If your forum is overwhelmed with spam posts, this is a Herculean endeavor. Ideally though posts could be “read” by software and it would make the judgment on whether it is spam or not.
The Cleantalk extension for phpBB 3.1.x and 3.2.x can do just this as well as lots of other really cool tricks. My customers love Cleantalk, but the service is not free. However, it is so inexpensive that it easily justifies spending $8/year for the service. You can subscribe on the Cleantalk website. As of this writing, you can try it for free for 7 days. After 7 days, it won’t bring down your forum but it will stop working.
What is Cleantalk?
Cleantalk is essentially a huge database of addresses of known spammer sites. While it’s not perfect, based on the experience of my clients it is about 99% perfect. I originally recommended it as a spam registration solution for my clients. It still does that but is less necessary since phpBB 3.2. This is because since phpBB 3.2, version 2 of Google’s reCaptcha is supported. Unless it gets hacked, as long as you have it properly configured as a spambot countermeasure it should prevent virtually all spam registrations.
However, it has two powerful features that still keep it relevant for phpBB forums.
Installing and enabling Cleantalk
Cleantalk is installed like any other extension. While it can be downloaded from phpbb.com, you should download it from Cleantalk instead or from its GitHub page. This is because as of this writing the version on phpbb.com does not include the spam firewall feature, and you will probably want to enable this feature. You can access it through the Administration Control Panel: ACP > Extensions > Antispam by Cleantalk. Before you can do much with it you have to enter your Cleantalk key which you can get from their website or by pressing the button in the extension that should retrieve it for you.
Removing spam users and spam posts
As you can see from the image, once the extension is enabled and the key is properly configured there is a prominent Check users for spam button on its page within the Administration Control Panel. If you have lots of users, it may hang. Based on my experience though the next time you go into its interface you will see a list of potential spammers.
As I said, it is not perfect. So I recommend that for users with posts to check these out these users topics to make sure their posts are spam before deleting them. For those you want to delete, check the boxes next to their usernames and then press Delete marked. You can also press Delete all to remove all users and their posts. You may have to go through many pages to delete all spam users and their posts, but this is obviously much faster than doing a visual inspection of all your posts.
This is a new feature which as of this writing is not available if you download the extension from phpbb.com. It keeps almost all spammers from hitting your site at all. Instead, Cleantalk’s servers grab it first. In the event the user is legitimate, there is a link that will take them to your website.
Why is this useful? Because it reduces the stress on your server by limiting it to legitimate traffic only. It speeds up the performance of your forum and makes it less likely that you will have to pay for the cost of a higher class of hosting to handle your traffic. Isn’t that worth $8 a year?
Stopping contact form spam
Cleantalk has one other useful feature: the ability to stop contact form spam. Of course you can disable the contact form (ACP > General > Contact page settings) and that will solve that issue. Or you can have Cleantalk essentially moderate it for you, passing on only valid contact forms to you. Simply check that option on the extension’s page and submit the form. Somewhat oddly, the phpBB group did not tie the contact form to the spambot countermeasure feature of phpBB. Perhaps that will come in a future release.
In any event for forums that get lots of spam and/or lots of traffic, using the Cleantalk service with the Cleantalk extension for phpBB is a no-brainer providing you know about it. Now you do!