Category: "Forum Hosting"

Will Google start punishing repeat spammers

Webmaster Pay attention to this;

Google published a blog post this morning named Repeated violations of Webmaster Guidelines explaining that if you have repeated violations of Google’s Webmaster Guidelines and those violations lead to numerous manual actions, Google may take a more serious approach to penalizing your site.
Google said “repeated violations may make a successful reconsideration process more difficult to achieve.” “Especially when the repeated violation is done with a clear intention to spam, further action may be taken on the site,” Google added.

https://www.seroundtable.com/google-manual-actions-repeated-20918.html

https://www.seroundtable.com/google-manual-actions-repeated-20918.html

Read More

Potential vBSEO vulnerability

This is just out from vBulletin:

It has come to our attention that there may be a potential security vulnerability in VBSEO affecting the latest version of the software (and potentially other versions as well). We’ve attempted to contact the vendor, but as they have been non-responsive we felt we should alert the community as many of our customers use this add-on software.

If you beleive your running a vulnerable version of the software, there is a simple fix: just comment out the following lines in the file vbseo/includes/functions_vbseo_hook.php:

if(isset($_REQUEST[‘ajax’]) && isset($_SERVER[‘HTTP_REFERER’]))
$permalinkurl = $_SERVER[‘HTTP_REFERER’].$permalinkurl;

should be changed to:

// if(isset($_REQUEST[‘ajax’]) && isset($_SERVER[‘HTTP_REFERER’]))
// $permalinkurl = $_SERVER[‘HTTP_REFERER’].$permalinkurl;

If you are running the “Suspect File Versions” diagnostics tool, you will additionally need to generate a new MD5 sum of the above file and edit upload/includes/md5_sums_crawlability_vbseo.php to use the new MD5 sum on the line:

Please be aware that you are making these changes at your own risk. We don’t know if making this change affects the terms of your VBSEO license and we can’t be responsible if making this change breaks your site.

CVE-2014-9463 has been assigned to this potential vulnerability by cve.mitre.org.

Read More

XenForo Update – Media Gallery 1.0.1 Maintenance Release is Available

Media Gallery 1.0.1 adds the following  improvements to the Gallery:

  • Sort media and albums by a weighted average (like the XF Resource Manager). The upgrade rebuilds the weighted average.
  • Show a new/random media block in the sidebar by enabling it in Admin CP > Applications > Gallery Options > Blocks Options
  • Search tags from the sidebar, even with the  content tag cloud disabled.
  • Report Albums
  • New permission control hard deletion of comments

Important bug fixes include:

  • Fixed incorrect link used in the like summary bar after submitting a like.
  • Prevent un=viewable categories from listing on album pages
  • Root media URL is Always canonicalized.
  • Fixed character encoding issues found when fetching media title / description from a media site
  • Clean attachment properly when media items are deleted
  • Gallery BB Code works better with multiple editors
  • Hide features from touch devices
  • Allow inline moderation of albums to apply to soft deleted albums
  • Ensure media cache is rebuilt for an album once a media item is deleted
  • Some display issues on some older iOS devices
  • Ensure that user tagging alerts respect permissions and are cleaned up if the tag is removed
  • Improvements to the rendering of GALLERY BB Code and limits on the number that can be submitted per post
  • Data too long errors when importing from XFR User Albums due to using description instead of filename

To upgrade your URLJet hosted site contact urljet.com

Read More

vBulletin 5.1.4 Newly Released

vBulletin 5.1.4 Released. You can upgrade  tof vBulletin 5 Connect, 5.1.4. In this version themes is expanded are expanded to help customize your forum and  Site Builder reworked. Importantly, over 140 issues and enhancements have been resolved or addressed.. Available in Spanish, German and French languages .vBulletin 5 Connect sites should upgrade to this vBulletin 5.1.4 at your first opportunity.  More detail can be found here: http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4205364-vbulletin-connect-5-1-4-is-now-available

Read More

Google Updates

Seems Google has rolled out some new updates with specific importance to forums owners and managers. We’re getting feedback the newest update focuses on inbound links and DMCA compliance. Other recent changes; Google wants access to *js and possiably css. Any robots blocking for *js should be removed. As always, check you disabvow list too.
Starting 10/17/2014
Penguin Update – Ongoing
Expected to impact Impacts under 1% of English queries. However it may impact other languages in different degerees.
Reported to help sites recover from earlier Penguin updates that changed link profiles.
Sites most at risk are ones with poor link profiles.
Starting 10/1/2014
Google adds depth to the in the news box. Google confirmind their In The Nes box has expanded to cover more than traditional news sites. Blog Post, videos, Reddit and other content form non-news sites may appear.

Read More

Google Chrome and SHA-1 SSL Certificates

SHA-1 chrome penalty

chrome degraded ssl

Please be aware of the upcoming changes that affect how websites using SHA-1 SSL’s Certs are
displayed in the Chrome browser.

SHA-1 is no longer considered to be sufficiently secure and will be completely phased out in
the next few years. To encourage prompt adoption of more secure algorithms, Starting with
Google Chrome 39, Google start to degrade websites using SHA-1 certificates. The changes start
November 2014.

Initially, the warnings is limited to a “Secure, but minor errors” icon, in the form of a lock
with a yellow triangle. Later versions will display a red crossed-out lock.

SSL Users can prevent a downgraded user experience by following these steps:

– Check which algorithm your SSL Certificate uses.
https://sslcheck.globalsign.com/en_US
Is one checker that works

– If the website uses a SHA-1 SSL Cert expiring after 12/31/2015,
the certificate will need to be reissued to SHA-256.

To prevent a degraded user experience its important to take prompt action. Please do not
hesitate to contact us at: urljet.com

Read More

How To Stop Forum Spam

How To Stop Forum Spam and Take Back Control of Your Forum

If one thing sucks the enthusiasm out of site Administrators, it’s the never ending battle against spammers. I say battle as effect of forum spam are truly unwarranted and often create long lasting problem like email blacklisting, spam posts and can even slow the speed of your forum.

It’s important to understand the techniques spammers use and know a bit of why spam exists to be able to effectively prevent it. A forum can be attacked with both automated scripts (aka “Bots”) and/or Human “Bots” as well. Yes, a “Bot” could be human but more times than not they simply bypass registration security and go on something like cruise control, for lack of a better way to describe it. What every site owner must realize is just as forum security evolves to combat spam, spammers are also evolving in their methods in order to bypass new security measures. It’s a constant battle.

Why are there “Spambots”? Well that’s simple. For the most part it is to promote their content or links on other sites, with high traffic and page rank being the most valued targets. So if your forum is large , you’d better believe there’s a target on it.

What we’re trying to do here is give you, the site owner needed information and proven methods to help battle the onslaught of spam on their site. Hopefully you’ll find this interesting and informative and we hope to hear back on your spam stopping techniques.
____________________

*Please note that not all of these modifications or methods listed will work for you, some will work better than others, and some in combination will work best instead of just one being utilized. We’ll try to identify conflicts in advance and mark them w/ an  *asterix indicating that you should not use two w/ a * at the same time.

Legend:
Blue *’s indicates mods that are similar in functionality and should not be used in conjunction with each other.

Anti-Spam Modifications:

Recently,  many forum owners have seen an increase in spam registrations and in some rare cases the registration page is being hit so hard it’s almost like a denial of service attack. If this sounds familiar try this mod from BOP5:

Be creative in your prevention methods! Here’s a list of methods, utilities and modifications you could possibly use in helping cleanup if a spammer does hits:

* Paul M recently added in a new modification prefix “Anti-Spam Options” so as new modifications are released, if the author chooses the prefix correctly you will start to notice more listed here for example: http://www.vbulletin.org/forum/forum…i-Spam+Options

Methods:

Some vBulletin 3.x mods will work on vBulletin 4.x, here’s a article by BirdofPrey5 that list quite a few compatible modifications.

Another method that’s proven quite effective is banning spammers using the hourly cleanup cron job or cleanup.php by adding in code similar to the below. PLEASE NOTE this method is based on custom profile fields and requires you to manually monitor spam to determine patterns and repeated entries that make no sense and plainly labels the users as spammers. This does not remove posts; it only bans the spammer to prevent further activity.

The default profile fields in vBulletin are:

  1. Biography
  2. Location
  3. Interests
  4. Occupation

You have the ability to create new profile fields via AdminCP > User Profile Fields > User Profile Field Manager

Using data entered by spambot in the default fields can be used against them however it’s not as effective as utilizing custom fields to help determine a pattern and fight against it! Here are descriptions of the default and other (custom) fields in the query shown so you can see how to go about this:

  • user.username = The members username on the forum.
  • userfield.field1 = Biography
  • userfield.field2 = Location
  • userfield.field3 = Interest
  • userfield.field4 = Occupation
  • userfield.field5 = A Custom field where you required them to enter in let’s use “Youtube Profile URL” as our example here and you used it in some creative way to show a image/link to their Youtube profile below their avatars in posts and profile or other etc etc.
  • userfield.field6 = A Custom field where you required them to enter in let’s use “Facebook Profile URL” as our example here and you used it in some creative way to show a image/link to their Facebook profile below their avatars in posts and profile or other etc etc.
  • userfield.field7 = A Custom field where you required them to enter in let’s use “Twitter Profile URL” as our example here and you used it in some creative way to show a image/link to their Twitter profile below their avatars in posts and profile or other etc etc.
  • userfield.field8 = A Custom field where you required them to enter in let’s use “LinkedIn Profile URL” as our example here and you used it in some creative way to show a image/link to their LinkedIn profile below their avatars in posts and profile or other etc etc.

The key thing to note here is that you need to study new registrations and develop your own ways to identify the spammers using the default and custom profile fields before this will work effectively.

*Please Note: This can affect your users in such a way it might be a complete disaster. If you are not comfortable with how this works (sql queries in particular), setup a test site and test your changes first. You can clone your live site and place it in a /testvb folder on the server (htaccess protect it per the license agreement) this will keep you from slipping and causing issues on your LIVE/Production site.

PHP Code:

// Spam Management – Move all spammers based on profile fields to usergroup 8 i.e. Banned Users
$vbulletin->db->query_write(“UPDATE ” . TABLE_PREFIX . “user AS user
LEFT JOIN ” . TABLE_PREFIX . “userfield AS userfield
ON user.userid = userfield.userid
SET usergroupid = ‘8’
WHERE userfield.field7 LIKE user.username
AND userfield.field8 LIKE ‘%12345%’
AND userfield.field3 != ”
AND userfield.field5 != ”
AND userfield.field7 != ”
AND userfield.field3 LIKE userfield.field5
AND userfield.field5 LIKE userfield.field7
“);

Now we interpret the above query as:

Update the user table and join the user table with the userfield table (these tables are separate, we join so we can compare and execute what we want to do) and set the users usergroupid to 8 (the banned usergroup by default) where their Twitter Profile URL matches their Username:

AND (where) their LinkedIn Profile URL contains something like 12345 in any part of the field (why we use the %’s on each end so it reads the field and if for example they entered in 123456 it catches that because it contains 12345 – Also you may want to note that no one’s LinkedIn profile is going to be 123456 i.e. http://www.linkedin.com/in/123456
AND (where) their Interests is not empty
AND (where) their Youtube Profile URL is not empty
AND (where) their Twitter Profile URL is not empty
AND (where) their Interests is like thier Youtube Profile URL
AND (where) their Youtube Profile URL is like their Twitter Profile URL

Logic tells you that if you made the custom profile fields and use them in certain ways… that http://www.linkedin.com/in/123456 or http://www.facebook.com/123456 (even though that will redirect to http://www.facebook.com/ohmycarling the user in question would never enter in /123456 he/she would enter in /ohmycarling see my point?) and when you notice the word Man or Woman in the code shown below, well it seems a common mistake bot scripts to put Man or Woman data in the Biography field.

Now for the != parts near the bottom. This is required when you close out your comparing two fields using a like and if they were both empty it could cause issues as without the != if both are empty and the query moves them, possibly identifiying a normal user as a spammer. Not a good thing, so be careful when creating your own query!

If your are banning the user, go ahead and update their user title as well. This query compliments the first one above:

PHP Code:

$vbulletin->db->query_write(“UPDATE ” . TABLE_PREFIX . “user AS user
LEFT JOIN ” . TABLE_PREFIX . “userfield AS userfield
ON user.userid = userfield.userid
SET usertitle = ‘Banned’
WHERE userfield.field7 LIKE user.username
AND userfield.field8 LIKE ‘%12345%’
AND userfield.field3 != ”
AND userfield.field5 != ”
AND userfield.field7 != ”
AND userfield.field3 LIKE userfield.field5
AND userfield.field5 LIKE userfield.field7
“);

Where to add these codes? Makes sure scheduled tasks are enabled then edit the file cleanup.php You’ll find it in the /includes/cron/ folder. Add your version of the query just below:

PHP Code:

// ########################################################################
// ######################### START MAIN SCRIPT ############################
// ########################################################################

Save the file and upload, when the scheduled task next runs if any accounts match your custom query they will be moved into the banned usergroup.

**To Test a query beforehand you can use SELECT for example here is a query to show you the results BEFORE actually running a query:

Code:

SELECT *

FROM vb_user AS user

LEFT JOIN vb_userfield AS userfield

ON user.userid = userfield.userid

SET usergroupid = ‘8’

WHERE userfield.field7 LIKE user.username

AND userfield.field8 LIKE ‘%12345%’

AND userfield.field3 != ”

AND userfield.field5 != ”

AND userfield.field7 != ”

AND userfield.field3 LIKE userfield.field5

AND userfield.field5 LIKE userfield.field7;

*Prefix added, remove if you are not using one

WARNING: TEST ALL QUERIES BEFORE YOU EXECUTE THEM! Do not perform any query on your database without doing a database backup and without knowing how to use it if required!

Here are some links provided by Lynne to help you perform a backup:

Now let’s see another example…
You try to see how I used the logic here:

PHP Code:

$vbulletin->db->query_write(“UPDATE ” . TABLE_PREFIX . “user AS user
LEFT JOIN ” . TABLE_PREFIX . “userfield AS userfield
ON user.userid = userfield.userid
SET usergroupid = ‘8’
WHERE userfield.field1 = ‘Man’ OR userfield.field1 = ‘Woman’
AND userfield.field6 = userfield.field7
AND userfield.field3 = userfield.field7
AND userfield.field8 = ‘123456’
AND userfield.field3 != ”
AND userfield.field6 != ”
AND userfield.field7 != ”
“);

The query for usertitle update:

PHP Code:

$vbulletin->db->query_write(“UPDATE ” . TABLE_PREFIX . “user AS user
LEFT JOIN ” . TABLE_PREFIX . “userfield AS userfield
ON user.userid = userfield.userid
SET usertitle = ‘Banned’
WHERE userfield.field1 = ‘Man’ OR userfield.field1 = ‘Woman’
AND userfield.field6 = userfield.field7
AND userfield.field3 = userfield.field7
AND userfield.field8 = ‘123456’
AND userfield.field3 != ”
AND userfield.field6 != ”
AND userfield.field7 != ”
“);

Session Table Issues?
Here’s a quick method if you happen to notice a sudden increase of the number online when nothing has warranted such behavior. Monitor your session table to see possible spammers online however a query like this is only effective if the bot logs in multiple times in which you will see different ip addresses (possibly hundreds) all as the same logged in user (OR the same IP address for countless users) and accessing different locations as well (some even show as logging in again). With it added to your cleanup.php cron job it will interrupt their actions on the fly and upon refreshing your session table you’ll notice quite a few less entries.

PHP Code:

$vbulletin->db->query_write(”
DELETE FROM ” . TABLE_PREFIX . “session
WHERE userid = ‘15065’
“);

To delete the users session based on IP use:

PHP Code:

$vbulletin->db->query_write(”
DELETE FROM ” . TABLE_PREFIX . “session
WHERE host = ‘127.0.0.1’
“);

^ Replace the 127.0.0.1 with the problematic users IP address.

*Yes you can truncate the session table HOWEVER that is not advised, if you do truncate then it simply kicks EVERYONE off the site all at once and they must relogin and also navigate back to the page they were on prior.

**If you have any issues using queries that you develop it may be due to using a table prefix in your database (recommended actually) so the perfect example of what to add in is right above us i.e. ” . TABLE_PREFIX . ” should be pasted before any Table names in the queries otherwise you will receive a error and here is a example:

PHP Code:

$vbulletin->db->query_write(“UPDATE ” . TABLE_PREFIX . “user

As you can note, the code ” . TABLE_PREFIX . ” goes directly in front of the table name without spaces which then converts into the prefix you have listed in the config.php file!

In the other queries shown that you can run via phpmyadmin directly you will need to modify them to add in the prefix so for example if you have a table prefix vb_ then it would resemble this:

PHP Code:

UPDATE vb_user AS user
LEFT JOIN vb_userfield AS userfield
ON user.userid = userfield.userid
SET usergroupid = ‘8’
WHERE userfield.field7 LIKE user.username
AND userfield.field8 LIKE ‘%12345%’
AND userfield.field3 != ”
AND userfield.field5 != ”
AND userfield.field7 != ”
AND userfield.field3 LIKE userfield.field5
AND userfield.field5 LIKE userfield.field7;

_________________________________________________

Contributions to this article from these valued vBulletin community members:

  • Lynne
  • Last Superman

Read More

Taking Your Online Community Offline or How To Use Meetups To Generate Buzz

Taking Your Online Community Offline or How To Use Meetups To Generate Buzz

Building an online community requires you to think outside the box. Sure, the majority of your interactions with members will occur online, mostly on your forum and social media, but should this be the only place you are interacting?

I think not.

Forums are about human interaction. They are a place to discuss ideas and conversate around a topic. The web is becoming more and more social. Why? Because deep down we all crave human interaction and acceptance. We want to belong. We want to share our experiences with people who share our interests.

It’s time to look up from the computer screen. There are other ways to promote your forum.

Using Events To Introduce People to Your Community

Event marketing is a tool used by the pros because they understand that loyalty is easier won through face time. People connect more with those they meet in person. You can use this to your advantage when promoting your forum.

You do have some choices to make though, each with their own advantages and disadvantages.

Conferences. The place where the big kids hangout. Industry conferences are a big deal. Influencers and industry folk from all corners attend, and you’ll get the chance to rub elbows with some of the big names in your niche. If you are thinking about attending a conference or tradeshow it’s best to plan in advance, especially if you’ll have to travel to the event.

Key to success: Maximize the opportunity by planning well in advance and coming prepared. Look sharp, know your USP, know what’s going on in your industry, and bring some business cards.

Drawbacks: Unless you’re lucky enough to live in the city of the event, there is a good chance you’ll have to travel.

Meetups. These are usually less formal than larger conferences or trade shows, but the smaller group and informality is something you can use in your favor. Plus, chances are you can find some groups near you that share your interests, making them perfect prospects for joining your community.

Key to success: Learn as much about the Meetup group as you can ahead of time and be yourself when you get there. Spend your first Meetup getting to know people. Talk less of yourself and more of others.

Drawbacks: Not as big as a conference or trade show. Not necessarily a bad thing though.

Hosting your own event. This is by far the most difficult to pull off. It requires the most planning and the most attention to detail. Not only do you have to decide on the program and make all the arrangements, you’ll be responsible for making sure people show up.

Key to success: Plan. Promote. It is essential that you are a people person. In fact, it is absolutely necessary. Hosting an event requires a lot of work. If it’s a success, you’ll walk away a winner.

Drawbacks: If no one shows up it could be a disaster.

How To Start Marketing Your Community Through Events

The fastest way to get started is through Meetup. Nearly every city has a Meetup group around an activity or interest. Sign up for Meetup and start exploring the different groups. Pick a few to attend and the next time they have an event make sure you show up with your best foot forward. Starting this way makes it easy. Most Meetups only last a few hours, so you’ll be able to find time to attend.

Tradeshows and conferences are next on the ladder. These events are usually more formal, but it really depends on your niche. The difference here is there will be speakers and different forms of entertainment. Before deciding to host your own event it is a good idea to attend a few conferences to get an idea of what to expect.

One last tip: Meetup let’s you offer ‘Perks’ to members of any group that decides to approve it. The cost is only $5/mo. per group. If you chose right you can get a steady stream of traffic (and members) visiting your site.

Have you ever used Meetup to promote your website?

Read More

Why You Should Build Your Own Forum Vs. Starting A Community Elsewhere

Why You Should Build Your Own Forum Vs. Starting A Community Elsewhere

The benefits of hosting your own community, versus starting one on LinkedIn or Facebook are tremendous. While it may seem like the slower road to having your own discussion group, creating your own forum pays off in the end, with traffic and rankings.

Let’s get right to the quick of it: when you spend time building a community on a platform you do not own, you are not in control. If the platform you are creating your community on decides to discontinue the service, or it falls out of popularity, the work and time you invested is lost.

The Importance Of Community

Community has become essential for online business. A community shows that what you offer is trusted. It’s more than social proof, it’s a referral network and word-of-mouth rolled into one. Having a community will also increase your authority and influence, not to mention help your business bring in more leads and sales.

Social Networks — Forums, Evolved (Sort Of)

Social media sites like Facebook, LinkedIn and Google+ are great sites to connect. They each have their advantages and disadvantages, but in each you are limited in some way. Every one of these sites give users the ability to create topical groups, where they can moderate their community and have discussions.

From my experience, having serious serious discussions, or active conversations on a single topic, is a bit of a headache. Perhaps more so if there are a lot of people joining in. It just becomes too difficult to filter through what’s going on, and in the case of LinkedIn, finding your old comments can be a chore in itself.

You Should Own Your Community

Perhaps one of the greatest disadvantages to creating a community on a social network, versus going the DIY route is the fact that you do not own the content that is being created. Wherever you have built your community, at the end of the day, they are in control. Should they decide to discontinue the service, or drastically change it, you and your members are at the mercy of their whims.

Now, if you built this community yourself, using a self-hosted platform like XenForo or vBulletin, not only would you be in absolute control, you would also benefit from:

  • Search traffic reaching your site
  • Ranking for long-tail keywords
  • User generated content
  • Increased domain authority

That is only one part of the picture. You are also free to monetize your community how you see fit, and build it into a web property that can funnel new business and customers.

Have you ever thought about building a forum? What questions do you have?

Read More

Social Support Is Here To Stay or Why Your Business Needs A Forum

Social support is here to stay, and guess what? The big names know this. From Dell to HP, online companies are reorganizing support channels in an effort to meet customer needs. With the ubiquitous of social media, it’s not really a matter of choice. In fact, the number of companies handling a quarter of their support inquiries on social media doubled in 2012.

Social media opens up new points of contact for businesses, and if your company has a Facebook page or is using Twitter, there is a good chance your customers will be using these channels to get information. This may be in the form of a sales question, or even a support issue. People want answers, and with the speed and availability of information online, we’ve all come to expect these answers faster.

Why You Need A Forum For Your Customers

If there is one thing that can be said about your customers is that they will talk about your business, good or bad. What you need to think about is: where do you want that conversation to occur? I’ll answer that for you — on your own web property.

You may be familiar with the term “owned media”. If you’re not, owned media is content that you own. A forum falls into that category, and for a greater explanation of the benefits and differences of paid, earned, and “owned” media, take a look below:

Paid, Earned, Owned Media

Paid, Earned, and Owned Media

Benefits Of Using A Forum For Customer Support

One of the prime benefits of using a forum for support is that any answers that come up along the way, once addressed, can be built into a resource or knowledgebase. This actually saves you time and money down the road. Instead of having to explain the same instructions to every customer that asks, you can refer them to the resource. Plus, if you structure your forum correctly and make things easy to find, your customers can find the resource directly, which saves them time.

You also have to measure the value of having a community built around your brand. A perfect example of this in action is this developer on Themeforest. As you can see, his theme has been purchased over 30,000 times, has been featured on the site, and has an excellent rating. The theme itself is high quality and designed well, but what really adds power to this developer’s sales is the level of support, and the community that he has built around his theme.

An example of a community support forum.

An example of a community support forum.

This developer handles support issues using a forum and has structured each thread to make it easy to find information. There is also an area for people to show off their websites that are using his theme, and he also showcases these on his website. Another aspect of having a forum, which you will see here, is other members helping each other with questions. This is another benefit of using forums for customer service: your members tend to help each other, making your job easier.

It can’t be left out that having a forum also builds transparency around your business, and adds plenty of social proof. If you build a community, offer value, and are responsive to your customers, your forum will not only be a support channel — it will help drive sales.

Oh, and let’s not forget the SEO benefits. Depending upon your niche, if you make the forum open to all, the content that your forum produces will get indexed in Google.

Still not convinced? Check out this infographic from HP for more stats on community forums and social support.

Social Support Is Here To Stay or Why Your Business Needs A Forum

Read More