SMF needs help.

[pkeffect]

Upgrading the 14 forums I maintain to SMF 2.0 helped stopped spam registrations all for about 2 days. I woke up this morning to 350 emails from all those boards for new registered members. I have tried every way possible from within the forum settings itself to do something about this.

I had the same issues on SMF 2.x and 1.x... Can you guys design some security for your software that actually works and that you support besides a bunch of half assed coded mods in the customization section of which half work or have been updated for 2.0 final. You would think security of your software would be the top priority. If I am out of line with my post its because I am just sick of this.

[Illori]

take a look at the anti-spam mods on the mod site, also take a look at the built in anti-spam verification questions

[All Colours Sam]

Hi pkeffect.

There are a few thing to consider here.

1.- any measure anti-spam it's not 100% effective as bots are always evolving to overpass those measures, including humans who are paid to solve any anti-spam thingy you may install.

2.- Most, if not all, anti spam mods are made by volunteers and/or regular SMF users, SMF and the SMF staff does not have any interference over those modifications.

3.- Many people are successfully controlling spam by installing 2 or more anti-spam mods, having custom profile fields on registration, using cloudflare or honey pot project,  the combination of all those resources seems to be effective.

[pkeffect]

Thank you for the speedy replies and yes, I have tried 4 or 5 of the suggested options. It was turning people off from joining because of all the extra hoops they had to jump through or the practically unreadable capctha images that work too good.

What good is offering software if you have to mod the living hell out of it to make it work as it should out of the box. Why weren't or isn't any of the mods that help built into SMF as a default.

But I digress, it is free and finally open source again.

[Illori]

this might explain some to you

Captcha has no effect on hackers.

SMF has no known security issues with either 1.1.14 or 2.0


As for the catchable/spammer issue, there is very little that SMF can do about it, as already explained. There are several mods which use third party add-ins 0(and so would not be suitable for distribution wit the core product) which are very good at cutting down spamming.

[All Colours Sam]

What good is offering software if you have to mod the living hell out of it to make it work as it should out of the box. Why weren't or isn't any of the mods that help built into SMF as a default.

It's just the way SMF goes,   you cannot expect to have any single mod as a default in SMF simply because everybody it's different and everybody has different needs and expectations.

Some mods in older versions are now a default feature in SMF 2.0, for example the custom profile fields.

[pkeffect]

I'll mark this as solved even though it isn't.

this might explain some to you

Captcha has no effect on hackers.

SMF has no known security issues with either 1.1.14 or 2.0


As for the catchable/spammer issue, there is very little that SMF can do about it, as already explained. There are several mods which use third party add-ins 0(and so would not be suitable for distribution wit the core product) which are very good at cutting down spamming.

That's just laziness. And LOL for adding captcha to SMF when its basically useless. Great work.

[Illori]

That's just laziness. And LOL for adding captcha to SMF when its basically useless. Great work.

well if you dont like the way smf does things you are more then welcome to find another forum that has all the features you want in it by default.

[All Colours Sam]

@pkeffect  did you read my first response?

3.- Many people are successfully controlling spam by installing 2 or more anti-spam mods, having custom profile fields on registration, using cloudflare or honey pot project,  the combination of all those resources seems to be effective.

catpchas are not the only thing anti-spam you will find.

If you really want to protect your forum against bots  I strongly suggest installing 2 or more anti-spam mods, including honey pot project or even cloudflare.

[damoncloudflare]

Even CloudFlare won't catch all spam. You can, however, do some things in CloudFlare threat control and/or in .htacess if you know where the spammers are coming from. You can block by IP, ranges, country, etc.

[RandomDude]

That's just laziness. And LOL for adding captcha to SMF when its basically useless. Great work.

well if you dont like the way smf does things you are more then welcome to find another forum that has all the features you want in it by default.

Illori, that is not a very nice and professional answer to the frustrated user. And he is right, SMF Team should really figure out how to stop all of the spamming, at least by having some default anti-spam mod activated via the forum installation. Because SMF2 indeed has a really bad problems with spam, which I'm facing myself. I added some security questions, but since I do not plan to have angry users who have to answer my silly questions, I used "25+47=" type of questions. And my captcha security is set to medium since everything above that is a pain in the neck for users and their eyes. I doubt that my security questions will stop the spamming (medium captcha cannot), I'll probably have to install some mods eventually.

I do not want to be rude and I believe that pkeffect also didn't want to sound rude but I believe that I'm speaking in the name of all users when I say "Please, update your default anti-spam security of SMF2 in the upcoming updates."

[Illori]

no further features will be added to 2.0 as it is feature locked. the may at some point consider more anti-spam methods but none will require external sources to control the spam.