Chinese SPAM regardless SPAM settings!

[fionix]

Hi Guys,

I have some chinese guy spamming the forum with hundred of threads and the same message from several user accounts and IP's.

I setup the Question / Answer captcher but now this guy is back spamming the forum.

So for now I have set the forum for manual approval to stop this idiot but it's not something long term since it makes it all complicated.

Is there a way to block all Japanese / Chinese characters? Is there something that can stop a spam server like this to post the spam on the forum?

What can I do?

 

[whynot]

I setup the Question / Answer captcher but now this guy is back spamming the forum.

This guy is most probably a bot.
Bots cannot read questions unless they are too simple.
Q:Who is the current president of the USA? A: Trump
Q:What color is the sky? A: Blue

Make the Q&As more difficult and change them as soon as some human solved them.

 

[AndyB]

You might like this add-on:

https://xenforo.com/community/resources/registration-check.6496/

 

[bevans84]

It it's the same stuff I've been getting, try this
Copy the following 可以帮助同学朋友 (translates to "Please don't hesitate to contact me")
Paste it into spam phrases in Spam Management and set the action to Reject.

I'm sure there will be variations on it, but it can't hurt.
I believe this is, in fact, human spam.
I'm also trying to make a list of the universities that are being used in the messages.

 

[fionix]

Thank you, that solved the problem for now.

 

[bevans84]

Not really, two new ones last night. One chinese and one english.
Oh well, I felt pretty smart there for a little bit. Back to manual approval.

 

[fionix]

Put this in the Spam phrases:

[url*
#(?<=\W|^)(微信)(?=\W|$)#iu
/\b(?:[0-9\p{Han}\p{Bopomofo}\p{Hiragana}\p{Katakana}\p{Hangul}０-９Ａ-ｚ]+)?微信(?:[0-9\p{Han}\p{Bopomofo}\p{Hiragana}\p{Katakana}\p{Hangul}０-９Ａ-ｚ]+)?\b/iu
/\b(?:\w+?)?[\p{Han}\p{Bopomofo}\p{Hiragana}\p{Katakana}\p{Hangul}０-９Ａ-ｚ]+(?:\w+?)?\b/iu

And you will get rid off it.. I found it in another thread where other forum users posted it! Works great, really awesome.

 

[HappyWorld]

Paste it into spam phrases in Spam Management and set the action to Reject.

I just noticed that feature. So what if i choose "reject" and someone posted some message containing spam phrase?
He will be insta-banned?

 

[bevans84]

It just goes to the "Oops" popup for me. The account wasn't banned.

 

[nrep]

I'm having huge problems with Chinese spam too. It looks like they'll post a message which just contains a few numbers in the title/body, then they'll try and post Chinese character messages which then get caught by the filter posted here.

Any other suggestions on how to keep them away? It's driving me nuts.

 

[fionix]

You can use cloudflare in front of all of this and JS challenge Chines trafic. I got total rid of all of this spam doing it this way.

I use the paid service of cloudflare btw.

 

[Toxic]

Put this in the Spam phrases:

[url*
#(?<=\W|^)(微信)(?=\W|$)#iu
/\b(?:[0-9\p{Han}\p{Bopomofo}\p{Hiragana}\p{Katakana}\p{Hangul}０-９Ａ-ｚ]+)?微信(?:[0-9\p{Han}\p{Bopomofo}\p{Hiragana}\p{Katakana}\p{Hangul}０-９Ａ-ｚ]+)?\b/iu
/\b(?:\w+?)?[\p{Han}\p{Bopomofo}\p{Hiragana}\p{Katakana}\p{Hangul}０-９Ａ-ｚ]+(?:\w+?)?\b/iu

And you will get rid off it.. I found it in another thread where other forum users posted it! Works great, really awesome.

Will this work in xenForo 1.5.x too? I am due to upgrade to 2.x soon, but wanted to know if this work on this version as well.

 

[iaresee]

You can use cloudflare in front of all of this and JS challenge Chines trafic. I got total rid of all of this spam doing it this way.

I use the paid service of cloudflare btw.

Can you say more about how you set this up? What's your site traffic like and what did it end up costing you? Thanks!

 

[Stuart Wright]

Do you have any valid members contribute from China?
If not, block the whole country using an anti-spam addon.

 

[AndyB]

You might like this add-on:

https://xenforo.com/community/resources/country-registration-check.7277/

 

[Ozzy47]

Or this addon,

[OzzModz] Country Registration Ban

Ban countries (or entire continents) from registering on your site and optionally remove the register tab when someone is from a country that is banned. This add-on uses MaxMind's GeoLite2-Country database and MaxMind's DB Reader. This add-on...

xenforo.com

 

[Paul B]

Or use ipset for iptables.

No add-on required.

 

[rdn]

But if you check those chinese spam users IP, they mostly use a proxy from US/EU.

 

[iaresee]

Yea, most of them are bouncing through VPNs so blocking IPs isn't going to help me. A regex for common characters they use is probably my best bet.

I'm curious to know if reCAPTCHA v2 has been broken by bots? The uptick has hit my forum and another gear forum at the same time.

 

[iaresee]

I added:

*大学*
*外毕业证*

to my regex block list for spam detection. Those are common character patterns in all the posts in the last two weeks. That should help for now but this is very cat-and-mouse.