• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.4 Facebook Spammers

DaveL

Well-known member
#1
I seem to get most of my spam users signing up using their linked facebook account.

Am I right in thinking that when someone joins up via facebook they bypass the captcha and Q&A system?

Anyone else having issues with facebook spammers? If so, have you managed to limit it at all?
 

Mike

XenForo developer
Staff member
#2
They do bypass the CAPTCHA and email verification, mostly because that has already been done via the other sites. However, they're still run through other spam checks.
 

DaveL

Well-known member
#5
Im really struggling about the amount of Facebook spammers im getting on my site.

Is this possible?

Create a custom usergroup of facebook users which requires first post moderation? After the first post has been approved, on their second post they are moved to the usual registered usergroup?

Im guessing this could be achieved via promotions?
 

DaveL

Well-known member
#7
Disable Farcebook

:)
Not as easy as that. We get a lot of good quality members that sign up using their facebook accounts. The game my site is about has an active facebook community run by the games developers, so a lot of people cross over using their facebook accounts.
 

DaveL

Well-known member
#9
I believe @DRE once had this problem and he paid someone to create anti-spam for facebook. Can't remember the addon name.
Something like that would be ideal. Im guessing a fair few spammers are using the option of spamming forums via facebook registration as it bypasses all other security methods.
 

Mike

XenForo developer
Staff member
#10
Create a custom usergroup of facebook users which requires first post moderation? After the first post has been approved, on their second post they are moved to the usual registered usergroup?

Im guessing this could be achieved via promotions?
You can actually do this with promotions. They traditionally are designed to add permissions, but you can use them to remove permissions. You do just need to accept the caveat that the promotion may apply after the criteria doesn't match (until it's checked via cron) or not be applied when it starts to match (if it matches at registration, it should be ok).

You'd select the criteria "User's forum account is associated with their Facebook account" and "User has posted no more than X messages". While they match, add the user to a group that you've set some "Never" permissions for (to forcibly remove them).