2010-11-12, 07:51 PM
I know this has been discussed on a few occasions, but I'm running all the "extras" to block the fake signups. I wonder if there is another problem?
Everyday I have 5-20 users that signup from Pakistan, Russia, China, etc and enter in websites for drugs in the bio and on the forum threads.
I have IP blocks in place (which is a joke because its easy to use a proxy server elsewhere).
I have the "StopForumSpam" module installed.
I tried the "Akismet" program to stop spam, no luck either.
I'm using extra profile fields with questions...if not answered correctly we automatically zap the member.
I have SEVERAL different websites with the myBB forum software (other clients of mine). All are unrelated to each other. What is strange is that most of them are experiencing the same issue. Also hosted on different servers.
Nothing against the myBB programmers & development team, but I am concerned there is some exploit making it easy for this to happen.
I'm running version 1.60 for two of the forums which are constantly hit.
Another one is running 1.4.8 which has only 10 members (very low profile site) and deleted 6 "new" members which were fake.
I've reinstalled ALL the php files, just to rule out any tampering. Installed modules were looked at pretty closely by our tech and don't show any issues. Even with everything "extra" turned off, we still get the signups. Passwords all changed, including the database and FTP.
I fail to understand why someone would take the time to get a new IP, new email address and answer the required questions over and over. Best case it takes 5 minutes to rush through each signup.
Is it possible there is some automated system or bot doing exploiting myBB sites?
Everyday I have 5-20 users that signup from Pakistan, Russia, China, etc and enter in websites for drugs in the bio and on the forum threads.
I have IP blocks in place (which is a joke because its easy to use a proxy server elsewhere).
I have the "StopForumSpam" module installed.
I tried the "Akismet" program to stop spam, no luck either.
I'm using extra profile fields with questions...if not answered correctly we automatically zap the member.
I have SEVERAL different websites with the myBB forum software (other clients of mine). All are unrelated to each other. What is strange is that most of them are experiencing the same issue. Also hosted on different servers.
Nothing against the myBB programmers & development team, but I am concerned there is some exploit making it easy for this to happen.
I'm running version 1.60 for two of the forums which are constantly hit.
Another one is running 1.4.8 which has only 10 members (very low profile site) and deleted 6 "new" members which were fake.
I've reinstalled ALL the php files, just to rule out any tampering. Installed modules were looked at pretty closely by our tech and don't show any issues. Even with everything "extra" turned off, we still get the signups. Passwords all changed, including the database and FTP.
I fail to understand why someone would take the time to get a new IP, new email address and answer the required questions over and over. Best case it takes 5 minutes to rush through each signup.
Is it possible there is some automated system or bot doing exploiting myBB sites?