I have a spammer that for what ever reason I CAN NOT stop from posting. I have banned their user name, banned their membership, banned their IP and every morning I check our site and multiple posts promoting garbage can be found on a dozen or more topics.
www.sawmillandtimberforum.com
(http://www.sawmillandtimberforum.com)
I am using VS 2.0.13
Anti-spam by CleanTalk 2.00
Anti Bot: Are You Human/Bot? 3.0
Bot Buster 1.1
Any suggestions on a package to stop this kind of activity is appreciated.
Thanks
See if anything here helps- http://wiki.simplemachines.org/smf/Spam_-_my_forum_is_flooded_with_spam,_what_can_I_do
Is the spammer using different usernames and IPs?
Is it actually a person or a bot?
Thanks! Will see what tomorrow brings after the changes.
Same user name and IP yet both name and IP on ban list and deleted. Get up in the morning and bam! Same name and IP in multiple posts with product advertising and links to buy found in numerous topics on the forum.
Dont know how to tell if it is a person or bot?
Have you tried banning the IP in .htaccess?
if you ban the account and then delete the account, it has the potential to undo the ban...
banned accounts should not be deleted...
That being said, deleting the account and stopping the spammer form registering in the first place (see the link above on a list of things you can do to prevent the spammers from getting in) means that you won't have to ban the account...
also, if it keeps up, as Sir Osis said, add the IP Address as a DENY line in your .htaccess file
Example of good registration questions:
http://www.simplemachines.org/community/index.php?topic=531660.msg3776163#msg3776163
Use the reCaptcha mod. Its less likely that your forum will be filled by spammers using the reCaptcha mod because it costs money to use services that can solve them. Its unlikely a small forum will be attacked by spam bots using recaptcha but then again anything is possible..
http://custom.simplemachines.org/mods/index.php?mod=1044
The questions feature is actually more effective than reCAPTCHA
(I have seen spammers chew through the reCAPTCHA. I have not had a single spammer get through the questions in 2 years)
Quote from: Kindred on January 28, 2017, 03:59:35 PM
The questions feature is actually more effective than reCAPTCHA
(I have seen spammers chew through the reCAPTCHA. I have not had a single spammer get through the questions in 2 years)
The questions feature didn't work for me.. I even used tricky questions, not ones that can be easily googled for the answer like 1+1. I used incorrect wording. Using SMF's original captcha on difficult, I have had over 1,500 bots sign up to my test forum in the space of a month.
SMF really does need something to combat bots. I installed recaptcha and there are no more bot registrations. I have the stats to prove it.
Its easy to say something but have no information to justify your statements.
https://www.uniquez-home.com/index.php?action=mlist;sort=registered;start=0;desc
Just so you understand what that is. Non of those users that are not white are real members they are bots. The white members are from when I implemented the recaptcha and those are not bots.. Only 3 members since turning it off and they are confirmed not to be bots.
reCpatcha works if your running small forums. If your like running into the hundreds of thousands you will have problems no matter what you use.
Quote from: oOo--STAR--oOo on January 28, 2017, 05:40:22 PM
Quote from: Kindred on January 28, 2017, 03:59:35 PM
The questions feature is actually more effective than reCAPTCHA
(I have seen spammers chew through the reCAPTCHA. I have not had a single spammer get through the questions in 2 years)
The questions feature didn't work for me.. I even used tricky questions, not ones that can be easily googled for the answer like 1+1. I used incorrect wording. Using SMF's original captcha on difficult, I have had over 1,500 bots sign up to my test forum in the space of a month.
SMF really does need something to combat bots. I installed recaptcha and there are no more bot registrations. I have the stats to prove it.
Its easy to say something but have no information to justify your statements.
reCpatcha works if your running small forums. If your like running into the hundreds of thousands you will have problems no matter what you use.
I use reCAPTCHA and the questions and a couple other anti-spam addons and haven't had a single spammer since. I cleaned up easily a couple hundred accounts off my forums who were spam accounts. I semi-vet everyone that registers on the forums and so far they seem to all be real people.
Regarding the questions ... you should have a pool of 20-30 questions with 3 or 4 randomly chosen as being required for registration. It really does work according to the many users here who use them this way.
We know that the standard Captcha does not work well... that is why recaptcha is part of 2.1
However, while recaptcha may work for you, it is a standard and thus, can and has been broken by some bots. Questions, on the other hand... even with the standard Captcha turned off, as I said, has prevented spammers for the past 2 years on my sites... including several popular and active ones.
Quote from: Steve on January 28, 2017, 06:17:59 PM
Regarding the questions ... you should have a pool of 20-30 questions with 3 or 4 randomly chosen as being required for registration. It really does work according to the many users here who use them this way.
Maybe I didn't create good enough questions but I did try :). Not saying it doesn't work but I would like the registration to be easy and accessible. Following some HCI principles. Everyone has their preferences.
Quote from: Kindred on January 28, 2017, 06:23:08 PM
We know that the standard Captcha does not work well... that is why recaptcha is part of 2.1
However, while recaptcha may work for you, it is a standard and thus, can and has been broken by some bots. Questions, on the other hand... even with the standard Captcha turned off, as I said, has prevented spammers for the past 2 years on my sites... including several popular and active ones.
To be honest, I am quite surprised that the questions seem to be top of the line, or near top, for anti-spam. I would have thought that those would be the easiest to break. It seems like someone could write a script that would get all of the questions from a site by constantly refreshing and looking at specific elements then a real person could implement the answers that would help the bot automatically solve the questions and then bypass the questions.
Quote from: Linkjay on January 28, 2017, 06:45:38 PM
Quote from: Kindred on January 28, 2017, 06:23:08 PM
We know that the standard Captcha does not work well... that is why recaptcha is part of 2.1
However, while recaptcha may work for you, it is a standard and thus, can and has been broken by some bots. Questions, on the other hand... even with the standard Captcha turned off, as I said, has prevented spammers for the past 2 years on my sites... including several popular and active ones.
To be honest, I am quite surprised that the questions seem to be top of the line, or near top, for anti-spam. I would have thought that those would be the easiest to break. It seems like someone could write a script that would get all of the questions from a site by constantly refreshing and looking at specific elements then a real person could implement the answers that would help the bot automatically solve the questions and then bypass the questions.
reCapctha can be solved in 2 ways, one is by using an API that takes the image and uploads it to them, their software has image recognition and can then send mouse coordinates back to click in these tiles or tell you what the image is. I did actually create a bot that did this, but with googles new reCapctha it no longer works. The 2nd method is by sending the data to an api that has real people actually solving the captcha for you, they send back the response and the bot then gains access. These services cost money cause real people are solving them.
I don't know of any automatic method of cracking them. Google seems to have it covered for now :D
I have had my share of spammer problems. I'm a lazy old fuddy-duddy and don't relish messing with software. So I finally concluded banning usernames, email addresses or even email providers, IPs etc. are nor help.
I simply created a new user group "Account Suspended and set the permissions so that this species can access a few boards, but cannot start a topic, cannot post a comment, cannot upload stuff, cannot like/unlike, cannot change karma, cannot vote in polls etc. etc.
So I get hits, my Member List gets fatter, and these folk cannot do anything that I don't want them to do.
Used in conjunction with "Admin Approval" this works fine for me.
Forums Staff also follow a SOP regime and regularly scrutinize newbie account activity. If inline advertising and/or commercial site links are founds in any post of profile, such member is immediately transferred to the "Account Suspended group and the offensive post/topic/profile field deleted.
This, off course, requires a sizable Staff and a rota whereby Staff can decide convenient times to be online. Someone from my Staff is always online, whether visible or not, usually a tandem of an Admin and Global Moderator.
Among my 2000+ Members currently, there are 76 Staff. They themselves choose when to be online. Most of them are young and all are volunteers. Their locations make a very comfortable mix of various time zones.
Only after multiple bans of user name and IP, deleting of the account, (They came right back), adding tougher questions appears to have solved the problem.
Thanks for all the input!
dont delete the account after banning it, this will always delete the ban.
Only username triggers, not IP/email/hostname ones.
actually... if you set all triggers in the same "bundle", then deleting the user will (I believe) invalidate the entire ban bundle.
Just tested it, even with a ban group with only a username trigger, deleting the user's account will just leave the ban group there with no triggers.
When I started helping out on our forum, we had installed:
- the Join Reason mod
- the Stop Spammer mod
- the httpBl mod
I have kept it that way, since we have had ZERO spam in the last few years. (~20K user forum)
We have, however, had a few instances where people were erroneously detected as spammers. The issue with these honeypot approaches is that the IP address is an imperfect way to do this. We deal with those exceptions manually. This only happens about once every year or two.