• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Fake User Sign-Ups

#1
Despite having CAPTCHA on. I seem to have 4/5 user register with random fake account each week.
All using @outlook.com addresses.

Anyone got any tips for filtering these out better other than manually admin approval for each sign up.
 

Carlos

Well-known member
#2
Change to a different CAPTCHA program. I use SolveMedia. (Even I get the occasional spammer, but it's not crazy, so I just delete and...)

You can ban/discourage the IP addresses one by one or ban the @outlook.com address.

Just a caution, though: There are real users who use outlook, like me. It's managed by friggin' Microsoft, but there are still spammers who sign up, dispose, then re-use. Just keep all of this in mind.
 
Last edited:

petertdavis

Well-known member
#3
CAPTCHA doesn't seem to have much of an impact on spammers. Bot spam and manual spam seem to get through CAPTCHA easier than real members. At least for the demographic my forums serve. CAPTCHA is more of a nuisance. You could try blocking certain countries, like Pakistan for example, I get a lot of spam account signups from Pakistan and no real members. No sense in letting Pakistan access my sites. There are a few good addons in the resources that you could try out. I've found that playing with the settings in the core Xenforo can really help too, like the Registration Timer for example, I put that up to 30 and it cut down on the spam accounts on some of my forums but not others. Really it's a matter of seeing what works better for your own site.
 

rainmotorsports

Well-known member
#7
Question & Answer CAPTCHA works well. I use it on my site and I've hardly had any spam registrations.
The problem with those is xrumer has a database of questions and answers. Once someone gets around to adding yours they are useless. They are very effective to start with and even once someone starts manually adding yours, if you keep up on it then it stays effective. Beyond that its just about making it easy but not common.
 

Carlos

Well-known member
#8
The problem with those is xrumer has a database of questions and answers. Once someone gets around to adding yours they are useless. They are very effective to start with and even once someone starts manually adding yours, if you keep up on it then it stays effective. Beyond that its just about making it easy but not common.
I agree. I was just about to say that, actually.
 

Anthony Parsons

Well-known member
#10
Anyone got any tips for filtering these out better other than manually
You shouldn't be getting any bot spam, period, if using the latest XF, as it has built-in honeypots. No anti-spam has broken that yet. If you also use Keycapthca, that is impenetrable to bots, especially if not using the latest version or honeypots add-on.

There's not a great deal you can do human spam. Yes, you can use @tenants block country add-on which stops registration from selected countries. They can view the site, purely stops registration only, so you can block high spam locations for some months until they've given up, then unblock them after six months or so. They should have given up on you by then.

The single best solution to deter human spam, without blocking countries, is to use @tenants human anti-spam add-on which stops them posting any type of link, sneaky link, na da... until they reach x level you set.

I have 150,000+ users a month, and I'm lucky to see one or two actual spammers get through who resort to no links, just spam text. That gets moderated within minutes... thus they give up really fast also.

Spam is not a problem with XF + Tenants human anti spam with the right settings. The easier you make it, the more spam you get. Legitimate members aren't there to post links in their first 50 posts... and if they are, then they aren't the member you want, as they just want to link bomb and leave, so their contribution to your site is worthless.
 
#11
You shouldn't be getting any bot spam, period, if using the latest XF, as it has built-in honeypots. No anti-spam has broken that yet. If you also use Keycapthca, that is impenetrable to bots, especially if not using the latest version or honeypots add-on.

There's not a great deal you can do human spam. Yes, you can use @tenants block country add-on which stops registration from selected countries. They can view the site, purely stops registration only, so you can block high spam locations for some months until they've given up, then unblock them after six months or so. They should have given up on you by then.

The single best solution to deter human spam, without blocking countries, is to use @tenants human anti-spam add-on which stops them posting any type of link, sneaky link, na da... until they reach x level you set.

I have 150,000+ users a month, and I'm lucky to see one or two actual spammers get through who resort to no links, just spam text. That gets moderated within minutes... thus they give up really fast also.

Spam is not a problem with XF + Tenants human anti spam with the right settings. The easier you make it, the more spam you get. Legitimate members aren't there to post links in their first 50 posts... and if they are, then they aren't the member you want, as they just want to link bomb and leave, so their contribution to your site is worthless.
I completely agree.
However its not "Spam" posts it's fake accounts signing up with random email addresses.
Currently I have to manually approve every member and reject the spam users.