I have strange thing. A spambot called JerrodET keeps on spamming.
Well, that is what it is made for, but I had it banned the first time AND I have account admin approval checked.
How is this possible? It comes right in and even with the same name. And he still is on the banned list.
I have no mods installed or other changes since the conversion from VBulltin.
There are some good anti-spam mods that i haven't had to use because nobody really bothers my site any more.
have you tried banning it via it's full IP address range ?
sorry if this is of little help but i thought it worth mentioning.
I'm also puzzled as to how they can start posting without admin approval (?)
Thanks for your reply.
I do not have a anti-smap mod yet since I am still working on it after conversion. I thought I could keep them out with admin approval. And it does work since I see many smappers stuck there.
I run boards for a long time, but never seen this strange thing happen.
What mods are you running?
Quote from: Kindred on November 12, 2017, 09:05:10 AM
What mods are you running?
Ehmz...?
Quote from: peter500I have no mods installed or other changes since the conversion from VBulltin.
Lol... whoops...reading on a mobile and missed that.
The only time we have ever seem spambots bypassing the reg process has been because someone installed some sort of registration mod that was badly formed
Installing recaptcha by Google should prevent future bots.
Quote from: Study Force on November 12, 2017, 11:50:00 AM
Installing recaptcha by Google should prevent future bots.
Meh. https://east-ee.com/2017/02/28/rebreakcaptcha-breaking-googles-recaptcha-v2-using-google/
3/3/2017 – Update #2:
It seems that Google has fully patched this: raising the minimum number of digits from 4-5 to 10-12 and introducing new digit recordings that are harder to speech recognize, as well as background noise. The POC has stopped working as a result. It's been fun while it lasted
Thank you all for thinking with me. I will add captcha, that will probaly do the trick.
Is the number version better than the 'I am not a robot' version?
Not actually necesarry.
Have you read the article from the faq on preventing spam?
Good questions are the number one best way to prevent spammers
As an example: Re: Spammers and spamming... (https://www.simplemachines.org/community/index.php?topic=531660.msg3776163#msg3776163)
Quote from: Sir Osis of Liver on November 12, 2017, 03:21:17 PM
3/3/2017 – Update #2:
It seems that Google has fully patched this: raising the minimum number of digits from 4-5 to 10-12 and introducing new digit recordings that are harder to speech recognize, as well as background noise. The POC has stopped working as a result. It's been fun while it lasted
Just because one guy stopped updating his proof of concept does not mean those who come after him stopped.
It's also still possible to buy 1000 completed CAPTCHAs for $2 USD
Point is, all anti-spam measures are constantly under attack, and must be continuosly updated. Don't think you'll ever find one that can't be beat.
That was the point being made, yes, that unilateral "do this to fix the problem" advice doesn't work here.
It also doesn't work in China where Google Recaptcha is supposed to be blocked.
It's like with all kind of encryption and security. They constantly are trying to find something new or something to bypass it.
As a result, the ones who protect themselves are always 1 step behind when something is broken, a flaw is found or a new trick is discovered.
That's why I agree with Kindred on this:
QuoteGood questions are the number one best way to prevent spammers
And best change those regularly to something else. Little work for adequate prevention.
Quote from: Steve on November 12, 2017, 07:04:29 PM
As an example: Re: Spammers and spamming... (https://www.simplemachines.org/community/index.php?topic=531660.msg3776163#msg3776163)
Still using that question system, around 15 with 3 active, all bots failing, 100' thousands of registration attempts stopped (ref. server logs) every year. No sign whatsoever of them cracking this. A few "human bots" registering (one or two every couple of months), immediately deleted and no big deal, to stop this final trickling one may implement something like the stopforumspam mod in addition to questions.