how well does Xenforo do at keeping bots from joining the forum?

macuser

New member
bots have always been an issue with my SMF forum. They get past the questions I set up, and the captcha stuff. Does Xenforo keep them from joining or no?
 
bots have always been an issue with my SMF forum. They get past the questions I set up, and the captcha stuff. Does Xenforo keep them from joining or no?
If you set complex questions then there are almost no possibilities a bot can answer them. Avoid simple questions like "what's the color of the sun" or "what's the name of this forum". Those are easy to guess by bots.
 
Out of the box, its pretty much the same as SMF, but if you add the signup abuse addon then its a world of difference.
 
my questions are easy, that is what SMF suggested I used.

can you give me an example of what a complex question may look like? Thanks :)

If you set complex questions then there are almost no possibilities a bot can answer them. Avoid simple questions like "what's the color of the sun" or "what's the name of this forum". Those are easy to guess by bots.
 
Complex questions actually hinder humans. You need questions any real person can answer. And it shouldn't be a question about your topic/niche because they might be just starting out and not know anything about it.

Example:
"The dog is swimming in a lake, and the cat is in a desert. Which animal is wet?"
Possible answers:
dog
the dog

Bots are not figuring out human verification questions based on complexity. They do it based on a database of questions they've collected. That's why you need several questions (which randomly rotate).
 
This change is really all i did beside out of the box functionality, and it reduced our 20-30 spam posts to next to nothing.

 
I didn't think we were allowed to mention this word as to why I kept using X in my posts when referring to spam. 😁

On topic, though, I use human questions as @MySiteGuy suggested and they work fine. Almost anyone with a 3rd-grade reading level can answer them and are much easier than sometimes picking a storefront in a CAPTCHA.
 
I originally had several questions but then when one of them made its way into xrumer, I had no way of knowing which one it was, so had to scrap them all.

Now I just have a single question and as soon as it gets compromised, I create a new one.
Just mark and disable them. Later on they can be used again.
 
Q&A captcha coupled with first post moderation and no ability to edit profiles for new members means there has never been a single spam post on my forum.
I'd rather not hinder legitimate posters.

Basically I have a TON of flagged keywords.

Spammers sometimes get through... But they don't last long.
 
Last edited:
I'd rather not hinder legitimate posters.
What method do you use; Q&A, CAPTCHA, nothing?
Basically I have a TON of flagged keywords.
This would make for a good resource if allowed to be downloaded in a text file (due to censorship on this forum I believe) as I know some but not all, and it's an ever-growing list too.
Spammers sometimes get though... But they don't last long.
Do you delete a spammer? Keep their account? Ban IP?...
 
Top Bottom