Martin Wynne
Member
Since upgrading to 2.2.10 I'm seeing a lot more spam registrations.
Is this just a coincidence or related to the upgrade?
Thanks.
Martin.
Is this just a coincidence or related to the upgrade?
Thanks.
Martin.
XF 2.2 2.2.10 - more spam?
- Thread starter Martin Wynne
- Start date
MapleOne
Well-known member
Use hCaptcha - I got a number of bad registrations and an insane amount of contact form spam even with Google reCAPTCHA v2 activated.
As soon as I switched to hCaptcha the contact form spam went to zero and hardly ever a spam registration.
Turn it on here:
yourdomain.com/admin.php?options/groups/usersAndRegistration/
I think the bots are getting past reCAPTCHA and being less popular hCaptcha is still stopping them.
Baby Community
Well-known member
Community platform by XenForo® v2.2.10I'm only 2.9, I haven't moved to 2.10..
I have now switched....
But none of the addons needed to be updated according to the new version. also my favorite addon didn't need to be updated according to the new version
[OzzModz] Registration Spaminator 2.1.1
MapleOne
Well-known member
The OzzModz is the best spam extension by a far margin, I think he has a few different versions. One for registrations and one for the contact form.
That said, I have had zero spam using hCaptcha so because the OZZModz are $30 each I kind of saved myself 60 bucks.
I keep the OzzModz in mind in case I ever need them but seriously for most people switching to hCaptcha will do a decent job at no cost.
Rhody
Well-known member
No difference here, on a couple niche forums that I manage. (one of them turns 25 years old this week!) We've probably had 1 or 2 spammers get through registration in the past few years, but they end up in the moderation queue for review.
The tools built into Xenforo work well, combined with Q&A Captcha challenge question. STOPFORUMSPAM helps a lot, as does DNSBL.
We also use COUNTRY REGISTRATION CHECK by XF2, to block a few countries that are known sources of spam. (yes they could use a proxy to get around it, but usually do not)
Each new registration generates an email to the mods, to look over their registration answers in case something looks spammy. It shows the said location as well as the IP lookup location, for comparison. We added some custom fields at registration about the subject of the forum and their business, to help spot a fake. We use REGISTER EMAIL from XF2 to generate the emails.
The only issue we have is that simple common usernames (first names) get flagged in error, and end up in the approval queue. It's a minor inconvenience, to approve those daily.
The tools built into Xenforo work well, combined with Q&A Captcha challenge question. STOPFORUMSPAM helps a lot, as does DNSBL.
We also use COUNTRY REGISTRATION CHECK by XF2, to block a few countries that are known sources of spam. (yes they could use a proxy to get around it, but usually do not)
Each new registration generates an email to the mods, to look over their registration answers in case something looks spammy. It shows the said location as well as the IP lookup location, for comparison. We added some custom fields at registration about the subject of the forum and their business, to help spot a fake. We use REGISTER EMAIL from XF2 to generate the emails.
The only issue we have is that simple common usernames (first names) get flagged in error, and end up in the approval queue. It's a minor inconvenience, to approve those daily.
Last edited:
Baby Community
Well-known member
I used rcaptcha... But I didn't see any benefit.
Black Tiger
Well-known member
Beste would be a combination of hcaptcha and a (configurable) amount of custom questions (so not 1, but 3 or 5 for example, which is harder to learn for bots too).
However, Xenforo decided to keep it an or/or thing and I thought I had a feature suggestion for it, but too few people interested.
On PHPBB and vB and SMF a combination of both stopped all spam.
So that is still an improvement, still wonder why this has ever been made an or/or option.
However, Xenforo decided to keep it an or/or thing and I thought I had a feature suggestion for it, but too few people interested.
On PHPBB and vB and SMF a combination of both stopped all spam.
So that is still an improvement, still wonder why this has ever been made an or/or option.
Similar threads
