MyBB Community Forums

Full Version: Stop Forum Spam for MyBB not working
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4
I am still getting about 60-80 each nite. I am continually blocking IP's and odd emails which helped some, but there are so many with hotmail or gmail accounts that are common that I cannot disallow.


Any idea of a patch or anything at this point?
Take some of the IP Addresses, plug them into who.is or some similar service, determine their countries, then block that entire country.
I could do that, but it still doesn't answer the question as to what has changed. For many people this started in the last several days. It wasn't a problem before.
About six days ago, the software that powers most spambots (xrumer) was updated. I won't give specific details of what was updated, but it is more powerful now. That's probably what changed.
I had the same problem on my BBO in past few days. 350 Spam Bots. And, that too my forum has 124K Posts. I tried installing a Custom Robots.txt, Along with Fassim Antispam Plugin, Registration Security's (Custom Design by me) and Check Validation Plugin to make this work. And, I disabled Captcha. It worked like a charm. I suggest you do the same.
I can confirm that the SFS plugin does work as intended. As long as the SFS service is up, the username/email/ip address exists in its DB and the confidence score is breached, registration will be denied.

Remember to use a mix of spam protection plugins to help protect any online form you have on your website. ReCAPTCHA alone cannot be trusted 100% of the time.
ha ha, reCaptcha doesn't work at all anymore. I got 76 new users last night, all bots, that got by it. The only people that reCaptcha is keeping out is the honest legitimate people that have problems reading what is supposed to be typed.
Security registration question fixed - for now.
I noticed that they did not (could not?) pass the question:
"what letter comes after x and before z?"
So I structured the five other questions along those lines.

Six plus 1 equals what?
7 less one equals what?
This is a nonsense question, try again.
Shy
1. Checking at registration time isn't enough. You have to have a cronjob running that contentiously checks users that registered the last x days. The cronjob bans new stopforumspam matches en then mails me their username (along with their postcount, so I can remove posts when needed).
2. We (me too) are totally dealing with this problem the wrong way. Instead of changing captcha's and security questions, we should nofollow all links by new users. Doing this, and clearly mentioning this at the registration page (in English, Indian and Russian) will scare them off, as forum spamming is a (dated) linkbuilding technique. Take away the incentive to spam.
One thing I noticed on the security questions, is that when I check the stats that show the number of and percentage of right and wrong, the total number of answers for all 4 questions is wwaaaaaayyyyy less than the amount of new registrants I have recieved in the past several days. This seems to tell me that they are bypassing this question all together.

I just installed the "Checkbox Validation" plugin as mentioned above. We will see what happens..............................
Pages: 1 2 3 4