2010-11-18, 01:39 PM
Pages: 1 2
2011-01-07, 10:53 PM
I'm currently getting about one 'bot trying to register each hour.
If these are humans, I can't believe they're wasting their time so badly: I've just deleted several hundred of their never-approved registrations, so my forum can't be listed as an easy mark.
If these are strictly 'bots, how are they getting past the captcha?
This is the plug-in referenced earlier, by which one can add the requirement to answer a preordained question:
The file is made unavailable unless you're logged-in. I've tried and tried to register at mybbcentral, but they are not sending me a reg-reply email, so I can't access the plug-in file referenced here.
I'll send a message to the admin at mybbcentral, but in the meantime could anyone please post that plug-in file here? (as long as that's not considered bad form in some way)
If these are humans, I can't believe they're wasting their time so badly: I've just deleted several hundred of their never-approved registrations, so my forum can't be listed as an easy mark.
If these are strictly 'bots, how are they getting past the captcha?
This is the plug-in referenced earlier, by which one can add the requirement to answer a preordained question:
Quote:http://mybbcentral.com/thread-1496.html
The file is made unavailable unless you're logged-in. I've tried and tried to register at mybbcentral, but they are not sending me a reg-reply email, so I can't access the plug-in file referenced here.
I'll send a message to the admin at mybbcentral, but in the meantime could anyone please post that plug-in file here? (as long as that's not considered bad form in some way)
2011-01-07, 11:05 PM
They can get past the CAPTCHA as they are often human created accounts, which are then handed over to bots at some point.
That plugin can't be posted here as it's a paid plugin that requires a subscription. That plugin isn't going to do anything to stop a human and even bots can solve those. It puts the answer to the question as a hidden form field, all the bot has to do is go through the hidden fields on the page and find the one with the answer, put it in the box, and it's got past it. The answer is effectively given to them.
That plugin can't be posted here as it's a paid plugin that requires a subscription. That plugin isn't going to do anything to stop a human and even bots can solve those. It puts the answer to the question as a hidden form field, all the bot has to do is go through the hidden fields on the page and find the one with the answer, put it in the box, and it's got past it. The answer is effectively given to them.
2011-01-07, 11:30 PM
Matt, my forum is a fairly special-interest group, so questions can be tailored to that group and your average spammer simply won't have the answers.
However, if as you say the plug-in is structured so the answers are right on the page itself - as hidden form fields accessible to bots - then you're right, it won't help much.
Since I'm manually approving/rejecting each applicant anyway, I'd have been happy with a plug-in that included the answer with the submission for my approval...
Is there no other, better 'bot-busting option available (other than Isabel's suggestions above)???
However, if as you say the plug-in is structured so the answers are right on the page itself - as hidden form fields accessible to bots - then you're right, it won't help much.
Since I'm manually approving/rejecting each applicant anyway, I'd have been happy with a plug-in that included the answer with the submission for my approval...
Is there no other, better 'bot-busting option available (other than Isabel's suggestions above)???
2011-01-08, 11:04 AM
Have you tried this?
http://mods.mybb.com/view/registration-s...y-question
http://mods.mybb.com/view/registration-s...y-question
2011-01-09, 10:19 PM
Thanks, 9ee4!
It's installed, I'm trying it now!
We'll see if it has any effect, I'll post back here in a week with a report.
It's installed, I'm trying it now!
We'll see if it has any effect, I'll post back here in a week with a report.
2011-01-10, 06:32 AM
This is my practice of stopping spammers.
I had set the option "awaiting activation users pruning" from
ACP->Configuration->Settings->User pruning
Prune unactivated users? - ON
Days registered before pruning unactivated users - 1
so that most of the spam registrations are done by spam bots and they never activate account. by the above settings, these accounts will be pruned automatically within a day restricting most of the spam members.
if you see some weird usernames and they have activated accounts and never participated forums, they may probably the human spammers. at that time, check their email in google. if it shows results that the email is of known spammer which is recorded at stopforum spam or any other network, you can ban them manually.
stopforumspam plugin is working fine in stopping known spammers.
I had set the option "awaiting activation users pruning" from
ACP->Configuration->Settings->User pruning
Prune unactivated users? - ON
Days registered before pruning unactivated users - 1
so that most of the spam registrations are done by spam bots and they never activate account. by the above settings, these accounts will be pruned automatically within a day restricting most of the spam members.
if you see some weird usernames and they have activated accounts and never participated forums, they may probably the human spammers. at that time, check their email in google. if it shows results that the email is of known spammer which is recorded at stopforum spam or any other network, you can ban them manually.
stopforumspam plugin is working fine in stopping known spammers.
2011-01-10, 06:56 PM
Thanks, Godfadda!
Good practice for an active forum, definitely.
Mine is not heavily trafficked, so the spammers have a 10-to-1 advantage, it seems!
Other than them, I'd normally just moderate/admin a couple times a week!
I located the stopforumspam plug-in, and will install it if my current test using the security-question registration check does not work.
But, so far at least, it seems to be doing the trick. We'll see.
Good practice for an active forum, definitely.
Mine is not heavily trafficked, so the spammers have a 10-to-1 advantage, it seems!
Other than them, I'd normally just moderate/admin a couple times a week!
I located the stopforumspam plug-in, and will install it if my current test using the security-question registration check does not work.
But, so far at least, it seems to be doing the trick. We'll see.
Pages: 1 2