Lots of new members

Kindred · December 15, 2014, 08:51:18 AM

timetraveller.... it's much better to intercept and stop them before they even register in the first place.

TheDragon · December 15, 2014, 10:09:25 AM

we get lately 1-3 per week - and got 100 in 2 days / all got stuck at waiting admin approval / even before I read these other posts on the topic / this morning I bumped captcha from easy = to hardest, changed my Q&A from answer 2 of 3 to 3 of 5 (and redid the ones that were there) = got ZERO new registrations since

Question / for the 75 still in Que (the first 25 we allowed in a as read only (ie can not post)
so, I was thinking - JUST IN CASE - we have some real people in the mix - how about I send a reject letter to all - and say - if you are real human just re-register ??
or something similar ??

and
please do not YELL at me
I share the following for the 'owners'
I still use 2.04 and had the same issues as those with 2.09
I have lots of hand edits to my site CSS and some php and do not want to lose it with upgrades

Kindred · December 15, 2014, 10:13:19 AM

TheDragon --- applying patches using the package manager means you don't lose coding. Don't be an idiot... 2.0.4 has KNOWN security issues.
But that is neither here not there for this spammer influx.

Captcha is useless -- actually, captcha, at this point, is worse than useless - it affects real, live users badly... and does nothing at all to even slow down spambots.

TheDragon · December 15, 2014, 10:25:55 AM

ok - will try a master back and patch away

Douglas · December 15, 2014, 11:17:20 AM

Everyone needs to follow Arantor's advice in Question #12. I'm actually surprised that I hadn't even considered that option.

I'm going to drive both FF and Hogville's questions to 20 with 3 required.

To further throw these spambots off... don't be afraid to use images. The questions can and will parse BBC code, so I am now incorporating that into the mix, as well.

::hangs head in shame:: I should've been more aware of communication between operators of spambots. Thanks, Arantor, for the nudge.

Arantor · December 15, 2014, 11:22:32 AM

The collaboration thing is nothing new but it's previously only been on a small scale. This new avalanche is, well, new. Not entirely unexpected, but most certainly not welcome.

And, anytime Douglas

Gwenwyfar · December 15, 2014, 11:33:12 AM

Quote from: Douglas on December 15, 2014, 11:17:20 AM
Everyone needs to follow Arantor's advice in Question #12. I'm actually surprised that I hadn't even considered that option.

I'm going to drive both FF and Hogville's questions to 20 with 3 required.

To further throw these spambots off... don't be afraid to use images. The questions can and will parse BBC code, so I am now incorporating that into the mix, as well.

::hangs head in shame:: I should've been more aware of communication between operators of spambots. Thanks, Arantor, for the nudge.

Interesting to know about the bbc, I thought it was just text. Could make some nice new questions out of that. Didn't have any problems with bots so far other than some huge lists of completely unreadable gibberish posted as visitors, like once a day until I realized I had left the captcha on. I disabled that, leaving just questions and its been fine every since, but always better to be prepared

(Don't quite get the point of those spammers I got though, what would they achieve when nothing they wrote is even readable? Just being a pain in the ass is not profitable, and if it was that, posting once a day is not a pain in the ass either. It was similar to this, but filling a huge post: "sfh dfg rtyh4rutwyi teghleriufw wertfhweui weduwhdu" )

Sweetwater · December 15, 2014, 07:06:32 PM

Quote from: Sweetwater on December 15, 2014, 07:30:47 AM
Been getting flooded as well.

Slowed it down initally by banning all .ru domains then added a stack of other countries that have nothing to do with what my forum is about, but a few are still getting through. Then added some more unique local questions. They had worked out my existing questions, so there's some new ones. See if that stops them.

New questions have them stumped for the time being, I also changed the order of them as it looks to consistently grab the same 5 questionsfrom the 10 available.

No new bots registered for 12 hours.

Great tip on the BB code, will add that.

wunderbunny · December 16, 2014, 06:19:32 AM

Quote from: Arantor on December 14, 2014, 01:12:41 PM
I'd also suggest looking at the wiki page previously mentioned, it offers some useful suggestions. There are a variety of anti spam mods available, and making your site further from the norm will certainly help.

As a very first line of defence, my Misc Anti Spam mod will help a little

@Arantor, I've followed your advice. Thank you. It has been very helpful.

I installed Stop Forum Spam and the spambot registration stopped immediately. I also copied the banned IP ranges to the .htaccess file (not sure if this is a good idea). Then I re-wrote all my registration questions, installed your Misc Anti Spam mod and switched OFF Stop Forum Spam. No spambot registrations.

For now, I disable registrations at night and re-enable them in the morning. I will restore Stop Forum Spam because I'll never know when the spambots will update their database.

user1234 · December 17, 2014, 07:13:47 AM

Quote from: Arantor on December 14, 2014, 02:59:09 PM
Yes, that is how it works.

Thank you Arantor. I increased my question list to 28, and still require 5 to be answered.
It is going on 3 days with no spam registrants whatsoever (or any others, which is normal).

News:

Lots of new members