How do you deal with SMART Russian bots? Any tips? Banning Russian IPs didn't do anything, because they learned how to use VPNs from European and US.

Risa

Member
Yes, my forum requires Email Verification before Guests are able to post on my forum. I don't want to do Manual Approval for every new user, because I get hundreds of new Russian/Turkish spammer registrants per day.
NrRNAyh.png


I don't want to deal with shifting through this to find legit users to approve.

How do you deal with these guys?

I've banned hundreds of them. But I don't have the free time to play whack a mole with bots daily, especially when they come at me with dozens of them. I can ban 1-2 per day, but they come at me with dozens, that's a time sink!!!
mOic0kc.png


v5gPX9W.png

I've tried banning their email domains, but they keep coming back with hundreds of CUSTOM domains.


I did successfully detect a special pattern where the gmail spammers always
having 3 period dots, so I banned that specific "pattern", but immediately after, they came back with custom emails! Such as @candassociates.com and hundreds of other [custom].com names.


Dozens of Turkish and Russian IP addresses, but as soon as I blacklisted these 2 countries by IP,
they took a few days off, then RETURNED with VPN IP addresses from the United States and the UK!

uEo9YHc.png


Popular email providers like outlook.com and Gmail.com aren't completely safe, either! I've been mass spammed by Gmail-registrants. Until, I found a trick and put a stop to it.

But a few days later, they came back with custom domains.

I did the smart thing where I banned their entire countries (Russia and Turkey,) but then a few days later, they came back with VPNs from the United States and the United Kingdom! Obviously I'm not gonna ban US and UK IP addresses, but still.



What do you guys do to deal with these spammers? Is there any tool or code to block VPNs from registering? I'm pretty sure these botters are VPN users from Russia and Turkey.

Do your solutions cost money, or what's the 2022 updated modern solution to this?


Please provide a step-by-step guide or advice!
 

Sim

Well-known member
Is there one country (or a group of countries) where most of your legitimate users come from? Or do you have a very broad international userbase?
 

Risa

Member
Is there one country (or a group of countries) where most of your legitimate users come from? Or do you have a very broad international userbase?

All of my legitimate users are from the United States and the UK, and Canada, and Australia! But the Russian/Turkish spammers began to use VPNs that are from these Western countries, a few days after I blacklisted the IP addresses of their countries.
 

motowebmaster

Well-known member
[OzzModz] Registration Spaminator - Effective at automated Bots

Andy's Delete users addon - I delete some invalid users beforehand, but this has been helpful for what I miss

Are you utilizing all of Xenforo's features in the User registration section? I don't enable manual approval, but enabled almost everything else.

There are some bots being blocked at my firewall, roughly 100 per day, that are coming from places already considered "bad".

OzzModz Registration Spaminator was the last thing I did, after doing everything else.
 

Risa

Member
Are you utilizing all of Xenforo's features in the User registration section? I don't enable manual approval, but enabled almost everything else.

Yes, I am!



1656284644860.png


1656284590045.png
(The project honey pot key costed money, so I wasn't sure whether it was worth it, but I added everything else.)
1656284663314.png

Can you show a screenshot of what your settings look like?

https://[yourURLhere].com/admin.php?options/groups/usersAndRegistration/
 

Alpha1

Well-known member
This will solve all your problems:
It does take some configuring.
Cloudflare is useful as well in blocking bots.
 

MrPink

Member
So far, I've been really happy with the CleanTalk plug-in. It's cheap, it doesn't appear to create any sort of performance hit and it also stops connections from TOR exit points (yay!). Just yesterday it clobbered 1700 connections. And my personal nemeses, colocrossing, ponynet and digitalocean (oh, and let's not forget server-mania!)... BOOM.
 
Last edited:

Baby Community

Well-known member
https://snogssite.com/resources/ozzmodz-login-spaminator.88/

https://snogssite.com/resources/ozzmodz-registration-spaminator.87/

https://snogssite.com/

I was getting a lot of spam from America and England from Germany, Russia, China, South America... I was cleaning spam mail every day... Now I'm not doing anything... I'm so bored. There used to be a mail-approved membership in the community. Now I don't need email confirmation or anything.

@Ozzy47
thank you so much ozzy 47 he saved me a lot of trouble

79340D48-DB6D-436F-A74F-B1DEA0C0FD6B.jpeg

D9B204D9-F78D-4466-9813-93275F3EAF67.jpeg

E9147889-3C53-4F23-B7D2-497F3EB95182.jpeg
06D57A6F-E155-4A0B-A499-F66B1843C6D1.jpeg
439D4FA8-4D21-4DB0-B66F-6CF017349AFB.jpeg
9D6E1CAE-DED8-46D6-862B-946A2DFF431F.jpeg
 
Last edited:

GW2

Active member
https://snogssite.com/resources/ozzmodz-login-spaminator.88/

https://snogssite.com/resources/ozzmodz-registration-spaminator.87/

https://snogssite.com/

I was getting a lot of spam from America and England from Germany, Russia, China, South America... I was cleaning spam mail every day... Now I'm not doing anything... I'm so bored. There used to be a mail-approved membership in the community. Now I don't need email confirmation or anything.

@Ozzy47
thank you so much ozzy 47 he saved me a lot of trouble
Agree. I use @Ozzie47 (Snogssite.com) Contact us spamminator, and Registration spamminator, addons. I also use Geoblock registrations 1.1.2 addon (which uses Maxmind's Geolite2 database) to block access from most foreign IP addresses. (I allow access from US, Canada, UK, Australia and a couple of others...which filters out a lot of junk).

I do not use any of the captcha options because they are not needed with the 3 addons. I see basically no spam.

SCAMMERS are a different matter entirely. We have a few forums that are specifically for purchasing and selling vacation property. I have those forums set so that a moderator or admin must approve all posts in those forums. We have learned over time to spot suspicious users.
 

Risa

Member
I would not suggest using Q&A. They learn super fast and I was having to change them almost daily.
They are REAL HUMANS that we are fighting against lol

That's how they keep getting our CUSTOMIZED questions right!

They're wage slaves from 3rd world countries doing all this for pennies.

Imagine this as your full time job.
 
Last edited:

benFF

Well-known member
So far, I've been really happy with the CleanTalk plug-in. It's cheap, it doesn't appear to create any sort of performance hit and it also stops connections from TOR exit points (yay!). Just yesterday it clobbered 1700 connections. And my personal nemeses, colocrossing, ponynet and digitalocean (oh, and let's not forget server-mania!)... BOOM.
Same, been using it for years and have only had one or two slip through in that time.
 
Top