News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

Prevent new user (spammer) accounts from creating multiple posts

Started by mrhope, July 19, 2017, 03:08:29 PM

Previous topic - Next topic

mrhope

SMF 2.0.11

We've got some Chinese spammers that continue to hit our site in the early morning when no moderators are on and often post dozens sometimes hundreds of posts. Is there a way to prevent new users from creating multiple posts or a setting/permission that would make new users have to wait an extended amount of time before being able to make another post?

Currently I've made it so all new users must have their posts approved thinking that would help deter the spammers, but it's likely that they're bots because they're not stopping. We've also got a captcha mod and random questions in the registration and they still persist.

Any ideas would be appreciated.

Kindred

Read the FAQ on spam and spammers...  implement questions as a security/antispam measure, at the very least (20 questions, ask 1 or 2 for members to join)
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Bob Perry of Web Presence Consulting

Quote from: mrhope on July 19, 2017, 03:08:29 PM
SMF 2.0.11

We've got some Chinese spammers that continue to hit our site in the early morning when no moderators are on and often post dozens sometimes hundreds of posts. Is there a way to prevent new users from creating multiple posts or a setting/permission that would make new users have to wait an extended amount of time before being able to make another post?

Currently I've made it so all new users must have their posts approved thinking that would help deter the spammers, but it's likely that they're bots because they're not stopping. We've also got a captcha mod and random questions in the registration and they still persist.

Any ideas would be appreciated.

What I normally do with those persistent ones is a little involved but very effective if done properly... many administrators have a bad habit of deleting the accounts of these users, I don't, when they make themselves obvious, AND THEY ALWAYS DO VERY QUICKLY... and since I have my system set up very similar to yours in that you require a moderator or admin approval first, before you remove the post, go to the user profile of the poster and do a permanent ban to the user, for this situation I normally only apply a "cannot post" ban and check every box available for each trigger that the system displays to you... save... this method forces them to create a new account with a different email address, easy for them to do but if they also use the same ip address it will be pointless for them to attempt a post, they can easily spoof a new ip address but then you stay right on top of them again and do the same thing again with this new one, they may be persistent, but you must not let them get a foot hold on your nerves, it takes effort to keep your system clear of trash, but it is definitely doable... they give up eventually...
Best Regards,
Bob Perry



"The world is moving so fast these days that the man who says it can't be done is generally interrupted by someone doing it." Elbert Hubbard

Kindred

bob...

that's a complete waste of system resources...

delete the account.
stop the spammers form registering in the first place.
problem solved.

Seriously.... all these people who have issues with spammers posting are obviously not properly using the questions feature.

Using Questions along with BadBehavior+HttpBL, I have not had a single spammer register on any of 5 different sites in over 2 years.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Bob Perry of Web Presence Consulting

Quote from: Kindred on July 20, 2017, 06:23:51 PM
bob...

that's a complete waste of system resources...

delete the account.
stop the spammers form registering in the first place.
problem solved.

Seriously.... all these people who have issues with spammers posting are obviously not properly using the questions feature.

Using Questions along with BadBehavior+HttpBL, I have not had a single spammer register on any of 5 different sites in over 2 years.


You know as well as I do that there are those spammers that are just as smart as you or I and can easily circumvent this advice you give... it is a great deterrent for the most part and I encourage all to do it, but it is NOT an end all concrete solution, nor is my own method for dealing with these attackers and troublemakers, but it is NOT a waste of resources...
Best Regards,
Bob Perry



"The world is moving so fast these days that the man who says it can't be done is generally interrupted by someone doing it." Elbert Hubbard

Steve

Quote from: Kindred on July 20, 2017, 06:23:51 PMUsing Questions along with BadBehavior+HttpBL, I have not had a single spammer register on any of 5 different sites in over 2 years.

I'd say that was pretty concrete.

Take a look at this: http://www.simplemachines.org/community/index.php?topic=531660.msg3776163#msg3776163
DO NOT pm me for support!

a10

Quote from: Steve on July 21, 2017, 08:43:33 AM

Take a look at this: http://www.simplemachines.org/community/index.php?topic=531660.msg3776163#msg3776163

^^^ that question system still works great, zero bots for years. Got a dozen+ questions, 3 active, changing questions a few times a year just in case (a few minutes work).

But won't stop human rats (got maybe a dozen of those registrations \ year), those needs admin approval to stop, or mods like mentionned in posts above, stopforumspam or similar.

Regarding the op's case, if not too much work, enable admin approval when no admins present, and disable when someone is on watch :O)
2.0.19, php 8.0.23, MariaDB 10.5.15. Mods: Contact Page, Like Posts, Responsive Curve, Search Focus Dropdown, Add Join Date to Post.

Advertisement: