Contact & Registration spam stopped almost 100% at zero cost

[Link to Best Solution in post #6 above]

Thanks very much.

Actually, I just discovered that XENFORO offers several options for automatically screening new registrations.

I only just this morning read up on the built-in CAPTHA opions to check for 'Human vs robot'

. . . . . . . . . . . . .​

How CAPTCHAs work | What does CAPTCHA mean?

https://www.hcaptcha.com/
Solve your fraud and abuse problem today

Instantly detect and deter human and automated threats.


Free CAPTCHA Alternative

Cloudflare Turnstile is a free tool to replace CAPTCHAs

 
Put in the most simple Xenforo built-in (FREE) registration security Captcha feature and it works just fine!

1708719714032.webp
 
Last edited:
I have observed (on both my site that i recently bought and a friends that I help moderate) that we don't have any issues using Turnstile and some site specific custom user fields.
And on one of those site, we have over 2000 visitors a day (and many registrations that get declined). I still work on my site itself to get to a similar level, but I have issues creating content.
 
Thanks for your tip on this subject.

I had never heard of "turnstile" - so just did an internet search and found

"Cloudflare Turnstile is a free tool to replace CAPTCHAs"

and I recall that 'Cloudflare' was mentioned by others on this thread.
When I first set up my Xenforo forum a few years ago, I was just unaware that 'Captcha'
was the technical term for a "I am a Human and not a robot" test.

Never had a problem with my Xenforo forum until this month
when the built-in Xenforo option to use the registration 'Stop-forum-Spam' test
forced over 315 new registrations into the 'needs admin approval queue.
 
MapleOne said:
View attachment 298402


I use both spaminator addons, have captcha enabled, everything possible and still get Contact Form spam.

The spaminator addons by OZZY have so far exceeded my expectations but on the contact form I was still getting spam, dozens a day now and to my best guess it was a human entering or the spaminator addon would have disallowed it.

So disabled both spaminator addons and added the verification word above for new registrations and on the contact form. I also disable the captcha and I got literally zero spam for a long time until someone manually added the word HUMAN and then I changed it to Canada and it stopped once more.

So I bookmarked .../admin.php?captcha-questions and in one lick I change the verification word and again that almost completely stops it.

However (and there is always a however)...

Lately a persistent spammer from India keeps hitting the form manually so I got creative doing this.....


Question #1: What is the Canadian province that starts and ends with the letter " O "
Answer: Ontario

Question #2: What is the Canadian province that starts and ends with the letter " A "
Answer: Alberta

Could you help me,where can I edit the contact form? Thank you.
Again that stopped the manual spammer instantly and since my site is for Canadians everyone knows the answers.




So from my experience changing the Captcha question and answer is the most effective way to stop spam of both registrations and on the contact form. If one goes through I go to my bookmark and change the QUESTION & ANSWER in seconds and the spam is zero again. On average it takes weeks before someone gets through and I have to do it again.
Click to expand...
 
The images don’t work for me in Safari on iOS 17 (my device can’t get 18, but WebP images work fine elsewhere online)
 
1.webp



I use both spaminator addons, have captcha enabled, everything possible and still get Contact Form spam.

The spaminator addons by OZZY have so far exceeded my expectations but on the contact form I was still getting spam, dozens a day now and to my best guess it was a human entering or the spaminator addon would have disallowed it.

So disabled both spaminator addons and added the verification word above for new registrations and on the contact form. I also disable the captcha and I got literally zero spam for a long time until someone manually added the word HUMAN and then I changed it to Canada and it stopped once more.

So I bookmarked .../admin.php?captcha-questions and in one lick I change the verification word and again that almost completely stops it.

However (and there is always a however)...

Lately a persistent spammer from India keeps hitting the form manually so I got creative doing this.....


Question #1: What is the Canadian province that starts and ends with the letter " O "
Answer: Ontario

Question #2: What is the Canadian province that starts and ends with the letter " A "
Answer: Alberta


Again that stopped the manual spammer instantly and since my site is for Canadians everyone knows the answers.




So from my experience changing the Captcha question and answer is the most effective way to stop spam of both registrations and on the contact form. If one goes through I go to my bookmark and change the QUESTION & ANSWER in seconds and the spam is zero again. On average it takes weeks before someone gets through and I have to do it again.
 
Now if the culprit adds the question to a bot you simply change the word to stop the next bot.

So far I am totally free of registration spam and contact form spam.


This is what the registration form looks like

6.webp


The term: Enter Verification Word was just a simple language edit from the stock Insert Answer here term.

I entered the word HUMAN in all caps to make it stand out in the language file because you cannot bold it there but I set it so HUMAN, Human, or human would be accepted.
 
MapleOne said:
View attachment 298402


I use both spaminator addons, have captcha enabled, everything possible and still get Contact Form spam.

The spaminator addons by OZZY have so far exceeded my expectations but on the contact form I was still getting spam, dozens a day now and to my best guess it was a human entering or the spaminator addon would have disallowed it.

So disabled both spaminator addons and added the verification word above for new registrations and on the contact form. I also disable the captcha and I got literally zero spam for a long time until someone manually added the word HUMAN and then I changed it to Canada and it stopped once more.

So I bookmarked .../admin.php?captcha-questions and in one lick I change the verification word and again that almost completely stops it.

However (and there is always a however)...

Lately a persistent spammer from India keeps hitting the form manually so I got creative doing this.....


Question #1: What is the Canadian province that starts and ends with the letter " O "
Answer: Ontario

Question #2: What is the Canadian province that starts and ends with the letter " A "
Answer: Alberta


Again that stopped the manual spammer instantly and since my site is for Canadians everyone knows the answers.




So from my experience changing the Captcha question and answer is the most effective way to stop spam of both registrations and on the contact form. If one goes through I go to my bookmark and change the QUESTION & ANSWER in seconds and the spam is zero again. On average it takes weeks before someone gets through and I have to do it again.
Click to expand...


Have you heard of XRumer?

xenforo.com

Search results for query: xrumer

xenforo.com xenforo.com

They have a database of Q&A captcha questions which gets added to every time the system comes across a question it doesn't already have.

It's only a matter of time before your captcha is added to the database and the spambots will get through.

By using Q&A captcha you're actually feeding the system with more data!

Yes, you could keep changing it - but that requires effort.

I find a combination of extensive geoblocking of certain countries and using Cloudflare turnstile does a pretty good job of blocking bots.
 
  • Like
Reactions: Xon
Yeah Xenforo converts the images to .webp which my forum does not do, it leaves them as .png's so I think some people just cannot see .webp images.

Very weird.
 
You must log in or register to reply here.
Back
Top Bottom