Hello everybody,

Over the Internet there will always be someone who might want to harm your website’s activity just for fun or for some material reasons. We’re writing this article in order to help our AVChat customers who are getting spammed.

Here are the steps that you can do in order to prevent future incidents.

1. Search for logs and look for his or her IP

In case you’re not online while the user is spamming so that you can see his IP in the chat:

  1. if someone notifies you by e-mail, you can take a look over the TEXT CHAT TRANSCRIPTS and search for the desired username and find his IP
  2. from time to time, you can also take a look over the text chat transcripts and search for known spam links or known users and find their IPs.

This is where you can find the text chat transcripts:

  • On WOWZA: wowza_install_dir/applications/avchat30/avchat3_transcripts
  • On FMIS:  fms_install_dir/applications/avchat30/sharedobjects/_definst_
  • On Red5: red5_install_dir/webapps/avchat30/avchat3_transcripts

Here’s how a tipical text chat transcript looks like:

avchat transcripts

Once you have the IP:

  1. you can ban him from the AVChat admin interface.
  2. You can also limit access to the entire website (check out chapter 6 bellow).

2 . Banning malicious users by IP, cookie and username

In case an admin is online, here are 3 ways to find the spammers:

  1. if the spam happens in a public room, as an admin you can just click on the user and then click the Ban… link in the side menu that shows up.

  1. if the spam happens in private chats, as an admin, you can see private chats if the setting $avconfig[“adminCanViewPrivateMessages”] located in avc_settings.xxx is set to ‘1’.
  2. if the spam happens in private rooms, as an admin, you can join private rooms without being asked for a password. You can do this if the following setting $avconfig[“adminCanJoinPrivateRoomsWithoutPermission”] located in avc_settings.xxx is set to ‘1’.

The ban pannel allows you to ban each user in the chat by IP, username or cookie. Here’s how the ban pannel looks like:

Banning the username is not strong unless you have AVChat integrated and guests are not allowed.

Banning by cookies cannot be removed.

How to view existing bans

Go to your AVChat admin interface and click the “Active Bans” button located in the upper side.

3. Edit your badwords.xml

Some spammers are generally posting links to certain sites. You can ban those sites from showing up in the text chat.

All the banned words are kept in a badwords.xml file. This file is located in your AVChat installation folder.

Open it with a text editor and add a new line for each word that you think relates to the spammer.

4. Turn off automatic link highlithing

Links are detected by AVChat and automatically turned blue and underlined to look like a REAL web links. You can turn this feature off to prevent the spammer’s links from being clicked on.

This is a more radical solution since it will effect everyone not just the spammer.

To turn the feature off, open the avc_settings.xxx file with a text editor, search for this variable: $avconfig[‘interpretLinks’] and set it to “0”.

This way, whetherver the URLs posted in the text chat should not be interpreted and transformed to clickable links.

As you can see in the picture bellow, the link from the default welcome message is interpreted and clickable and the URL posted by the user was censored:

censored links

5. Forbid all URLs in the chat

This is an even more radical method. You can censor all links posted in the chat.

Here’s how to do it:

Open the avch_settings.xxx file and search for this variable: $avconfig[‘allowUrls’].

Setting it to “0”, all URLs will be censored with asterisk (*).

6. Blocking the IP on the entire server (Linux only)

If nothing of these steps are getting success, here’s the extreme method to ban an IP.

You can ban a specific IP on the entire server.  Banned IPs will not be able to access anything from your server, including the website where you host AVChat.

This method does not work in Brazil where they have only dinamic IPs.

You can do this only if you have a VPS or dedicated server with root access.

This can be done in several different ways, e.g. with iptables (firewall) rules or by setting up a reject route.

The command for route ban is:

/sbin/route add -host reject (replace the IP with the desired one).

and for firewall:

/sbin/iptables -A INPUT -s -j DROP (same IP replacement as before).

Then, make sure you save the firewall:

services iptables save

To view blocked IP addresses, here’s the command:

iptables -L INPUT -v -n

In case you can’t manage this by yourself, you can ask your hosting admin to do it.

Hope this helped !

Leave a Reply

Your email address will not be published. Required fields are marked *