XF 1.1 1.1.4: Anti-Spam Improvements for Registration

1.1.4 includes some additional anti-spam options for the registration form. These are small enough improvements that they can be done for a 1.1.x release. You will see some deeper integration of additional tools (such as the previously-shown StopForumSpam) in 1.2. As always, targeted attacks may potentially be able to mitigate some anti-spam techniques.

Built-in Registration Timer
A registration timer system is now built-in to the registration form. For a valid user, they simply cannot submit the form until the time is up. If a person submits the form without waiting long enough, they will need to wait again until to submit the registration.

ss-2013-03-11_16-39-03.webp


This can be configured in the admin control panel:

ss-2013-03-11_16-39-57.webp


Unique Registration Key
This ensures that the registration form must be displayed before any registration can take place, making more work for bots. Each key can only be used once. (This is not a particularly strong protection on its own, but every little bit helps.)

Integration with DNSBLs
There are several DNS Blackhole Lists (DNSBLs) that track spam or malicious IPs (Spamhaus and Tornevall, in particular). These can be queried on registration and if the requesting IP address is found on them, an action can be taken.

ss-2013-03-11_16-43-57.webp


In case you're wondering, we've made it much easier to see if there are users pending admin approval as well:

ss-2013-03-11_16-44-51.webp


Expect more in the future... :)
 
Can this be turned off Mike (set it to 0 or leave it empty)?

I have a timer in FoolBotHoneyPot that works okay for my needs at the moment (not that this isn't a great addition to XF, just that I've already got it via the add-on). (y)

Cheers,
Shaun :D
 
Back
Top Bottom