1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

bot/ spam

Discussion in 'General XenForo Discussion and Feedback' started by Frankie, Aug 20, 2012.

Thread Status:
Not open for further replies.
  1. Frankie

    Frankie Member

    Hi now my forum have so much spam/ bot. can anyone tell me how to stop it. thank you
  2. bogus

    bogus Guest

    Same here. Since a week i have spam like never before... All started after i tried to include an Layer Ad

    I have activated Captcha since the first Days. Also added AntiSpam via xenutils.

    Better, but still not solved...
  3. Digital Doctor

    Digital Doctor Well-Known Member

  4. Bram

    Bram Well-Known Member

    Under massive attack at the moment. Literally thousands of posts i have spamcleaned in the last hour.

    Why isnt there a sticky on Xenforo about this by CAM as a lot of other sites have been hit as well.

    What to do?
  5. ZippySLC

    ZippySLC Member

    Glad to see it's not just me. Xenutils + the blacklists seems to have helped significantly.
  6. Cal

    Cal Well-Known Member

    I've had like 50 new registers this week...all bots :(

    Whats up guys??
  7. luutruong

    luutruong Active Member

    seems bot from anywhere in the world? right???
  8. Divvens

    Divvens Well-Known Member

    First of all, it's KAM

    Secondly, they aren't responsible for bots/spam on your board. You as an administrator are held responsible for any such things on your site, XenForo has already given you tools to fight spam, you only need to use them efficiently. Spammers are a pain in the neck for everyone, may it be Xenforo communities, or Vbulletin communities or IPB communities (or for that case, any forum community). We are all united in the fight against spam.

    To help your board be spam free, here are my suggestions (which has helped keep spam out of my site for the last 3 days since the whole thing escalated out of hands).

    1. Install the free add-on XenUtiles which can be found here - http://xenforo.com/community/resources/8wayrun-com-xenutiles-tools.104/
    It allows you to set up StopForumSpam and 2 other databases which block known spam bots from registering on your site, there is also a log that is visible to you when bots/known spammers are stopped at registration.

    2. If you are using ReCaptcha, stop using it. Switch to Q&A Captcha, that way you can ask a question that humans can answer but not bots, don't ask easy questions such as 2x2 = ?, ask questions related to your site's niche so that real registrations still are able to get through but spammers are stopped there itself.

    There are chances that even with this method some bots get through, but its much less. Maybe 2 or 3 out of 100, which can be banned and deleted manually. These methods has saved me hours of work, since almost 500+ bots have been stopped on their track by XenUtiles alone.
    Please read what I posted above as a reply to Bram :)
  9. sonnb

    sonnb Well-Known Member

    You should have a look on this addon: http://xenforo.com/community/resources/sonnb-stop-spam-here.845/

    You would let you able to:
    - Check registration process: Using Stop Forum Spam db and hidden field.
    - Check Posting process:
    • Specified keywords
    • Links
    • Use Akismet DB
    With various options you would have bigger arm to catch almost the spammers.
  10. Bram

    Bram Well-Known Member

    The captcha questions are bypassed completely it seems. Added a few good ones ysterday and 99% of todays registrations are bots :(
  11. Swifty550

    Swifty550 Member

    What are you asking?
  12. Cal

    Cal Well-Known Member

    I disagree. Xenforo has been cracked by bots. It was going to happen sooner or later. It is the responsibility of the developers to put a security patch up.

    This is evidenced by all the webmasters on this forum alone having issues, some like myself who have been using Xenforo's given resources (and add ons) for over a year with no issues. Suddenly that's all changed.

    It makes you wonder what else has been compromised. Is Xenforo hackable now as well???
  13. luutruong

    luutruong Active Member

    same here....in my country almost sites use Xenforo be spammed...we are locking IP from anywhere in the world
  14. Divvens

    Divvens Well-Known Member

    Have you used any other forum software before? This has nothing to do with security, it's just spammers got a new software.

    Vbulletin has the same problems, without using add-ons your site is more vulnerable to spam posts containing porn and advertisements. Xenforo already does a better job at keeping bots away than default VB as per my experience, this has nothing to do with developers needing to put a security patch up. Everyone fights spam, even sites like Facebook face spam problems, its a administrators responsibility to use the tools given to them effectively.

    Just changing from just ReCaptcha to Q&A Captcha will stop most of the fake registrations on your site, unless the question you set up is too easy.
  15. Steve F

    Steve F Well-Known Member

    Try KeyCaptcha


    Just tried it from my iPad also and it works, we installed it last night on our site. It's free and has a Xenforo plugin. If they are getting past your new Q & A's then most likely it's human spam, not much you can do besides run XenUtiles also with SFS and bot scout enabled.
  16. Cal

    Cal Well-Known Member

    I've used IPB, VB, SMF, PHPBB....yeah I've been doing forums for about 10 years :unsure:. Just saying what I think on the matter.
  17. Slavik

    Slavik XenForo Moderator Staff Member

    Im going to be blunt.

    What a load of tosh.

    XenForo has been "mostly" bot free as Xrumer (the largest spamming bot program in the world) was not configured to a) scan for and b) complete registration from XenForo forums.

    A few days back Xrumer pushed an update to target XenForo forums. Thats why the spam has suddenly come to so many people. Nothing more. Nothing less.

    XenForo has not been compromised, it has not been hacked, there is nothing currently known as being "hackable" in the XenForo core.
    Adam Howard and Walter like this.
  18. Cal

    Cal Well-Known Member

    Noted, allow me to be blunt then

    " nothing currently known " is a big wide spectrum of uncertainty and to be honest it really holds no value in any topic. Slavik you most be joking.

    The fact is there is spam, it's widespread across all forums, and it's time to do something. Denial and bickering amongst ourselves wont work this time, sorry to bearer of bad news on that jazz.

    Now, if you all are done harping on me, I believe there a current issue with spam bots for you to discuss....
  19. Slavik

    Slavik XenForo Moderator Staff Member

    Whats to be uncertain about.

    To the best of my knowledge, the only 1 (one) exploit that XenForo in all the time since release has been a victim off relates to the SWF Uploader, and that was addressed here: http://xenforo.com/community/threads/xenforo-security-fix-for-1-0-0-1-1-2.32890/

    Otherwise there is no currently known public exploit available in XenForo. Given the high quality of the product, the exceptional skillset of K+M, and the incredible skillset of the community, if there was an exploit in there... someone would have probably found it.

    Until such time as an exploit is made known publicly, or privately via the ticket system, I will not allow people to make wild accusations, speculations or claims that XenForo has been "hacked".

    There has been spam yes, however there are multiple 3rd party solutions already working. http://xenforo.com/community/resources/sonnb-stop-spam-here.845/
    Xenforos built in Q+A system.

    Now if you want to discuss this reasonably and constructively I suggest you partake in this discussion. http://xenforo.com/community/threads/my-forums-getting-lots-of-spam.35195/
    Adam Howard, Divvens and Sheldon like this.
Thread Status:
Not open for further replies.

Share This Page