XF 1.4 I am quite literally having a nightmare with spam :(

D

Duncan Wraight

Member
Morning folks,

I've been using XenForo for just over a year now on www.thetabletennisforum.com.

Past 3 months or so we've been getting hit by spam... incessantly.

I run quite a few WordPress websites and I use CleanTalk.org to moderate those. One of those websites has good Google ranking and pulls in about 30,000 to 40,000 unique visitors per week yet I don't get any spam thanks to the WordPress/CT combination. When I check the reports for CT there's a ton of spam trying to hit the website, but none of it getting through - last month it was 26,000 users/comments.

On my XenForo install I've probably only had about 1,800 spam users/comments but a significant portion of those have gotten through.

Here's what I've got setup, options-wise:
  • Check new registrations against CleanTalk
  • Check new registrations against the StopForumSpam database (mod when 1 flag, reject when 3 flag, count flags from past 60 days)
  • Check DNBSL on registration (Project Honey Pot)
  • Manually approve reg if user shares IP used by a banned user
  • 10s reg timer
  • Check 3 messages
  • Akisment API key
Plugin-wise:
  • Antispam by CleanTalk 1.0.0
  • KeyCAPTCHA 2.2
I've tried Q&A CAPTCHA ("What is table tennis also known as?", "ping pong", "ping pang", "pingpong"), reCAPTCHA and KeyCAPTCHA. I'm now back using Q&A ("What is the four letter acronym of this website?").

I'm no expert with this, at all. I don't know if I'm possibly bamboozling XenForo by using too many different spam-checking services. Therefore I'm here to seek some advice from fellow users or XenForo staff.

I've bullet-pointed my main concerns and would appreciate any advice which addressed them:
  • A lot of new registrations are bots. I'd estimate that 50% of them are getting through my spam filtering options. I have ~700 members and I think around ~400 of them are bots. I can't find any way of identifying the bots en masse - I've gotten rid of all .ru mail users but the remaining bots are on @Outlook, @yahoo and @gmail, but so are a lot of our human users.
  • Once bots have registered, they tend to put weblinks in their profile. Is there any way I can search for all users with profile posts?
  • When the bots start posting, XenForo catches about 80% of the posts and they go into "Moderation". However, this means that for Administrator users, we've got page after page of green-highlighted spam posts (not visible to standard users). To remove these from the forum entirely, I have to manually click through them and delete them. That's pretty much the same as not having any spam filtering!
  • The other 20% of posts have to be manually deleted/spam cleaned
Thanks in advance,
Duncan
 
Sort by date Sort by votes
Duncan Wraight said:
Morning folks,

I've been using XenForo for just over a year now on www.thetabletennisforum.com.

Past 3 months or so we've been getting hit by spam... incessantly.

I run quite a few WordPress websites and I use CleanTalk.org to moderate those. One of those websites has good Google ranking and pulls in about 30,000 to 40,000 unique visitors per week yet I don't get any spam thanks to the WordPress/CT combination. When I check the reports for CT there's a ton of spam trying to hit the website, but none of it getting through - last month it was 26,000 users/comments.

On my XenForo install I've probably only had about 1,800 spam users/comments but a significant portion of those have gotten through.

Here's what I've got setup, options-wise:
  • Check new registrations against CleanTalk
  • Check new registrations against the StopForumSpam database (mod when 1 flag, reject when 3 flag, count flags from past 60 days)
  • Check DNBSL on registration (Project Honey Pot)
  • Manually approve reg if user shares IP used by a banned user
  • 10s reg timer
  • Check 3 messages
  • Akisment API key
Plugin-wise:
  • Antispam by CleanTalk 1.0.0
  • KeyCAPTCHA 2.2
I've tried Q&A CAPTCHA ("What is table tennis also known as?", "ping pong", "ping pang", "pingpong"), reCAPTCHA and KeyCAPTCHA. I'm now back using Q&A ("What is the four letter acronym of this website?").

I'm no expert with this, at all. I don't know if I'm possibly bamboozling XenForo by using too many different spam-checking services. Therefore I'm here to seek some advice from fellow users or XenForo staff.

I've bullet-pointed my main concerns and would appreciate any advice which addressed them:
  • A lot of new registrations are bots. I'd estimate that 50% of them are getting through my spam filtering options. I have ~700 members and I think around ~400 of them are bots. I can't find any way of identifying the bots en masse - I've gotten rid of all .ru mail users but the remaining bots are on @Outlook, @yahoo and @gmail, but so are a lot of our human users.
  • Once bots have registered, they tend to put weblinks in their profile. Is there any way I can search for all users with profile posts?
  • When the bots start posting, XenForo catches about 80% of the posts and they go into "Moderation". However, this means that for Administrator users, we've got page after page of green-highlighted spam posts (not visible to standard users). To remove these from the forum entirely, I have to manually click through them and delete them. That's pretty much the same as not having any spam filtering!
  • The other 20% of posts have to be manually deleted/spam cleaned
Thanks in advance,
Duncan
Click to expand...
I had a similar issue with human spam a few months ago and use this add on Stop Human Spam and it has stopped, it was human spam as well. If you decide to go this route, I would be more then happy to share all of my current settings on my site. I don't like moderating new users and don't.
 
Upvote 0 Downvote
I've had terrific luck by looking at the countries that the spammers are coming from. If you want to use this approach, the TPU addon mentioned above is really terrific, as it gives you finer grained control and a very easy way to update your settings. It's a really nice addon.

Duncan Wraight said:
When the bots start posting, XenForo catches about 80% of the posts and they go into "Moderation". However, this means that for Administrator users, we've got page after page of green-highlighted spam posts (not visible to standard users). To remove these from the forum entirely, I have to manually click through them and delete them. That's pretty much the same as not having any spam filtering!
Click to expand...

Try either permanently deleting the offending messages or having them moved to a special subforum. The following options will work (from the spam options part of the Admin CP )

upload_2015-1-21_17-23-30.webp

Duncan Wraight said:
Once bots have registered, they tend to put weblinks in their profile. Is there any way I can search for all users with profile posts?
Click to expand...
I did a SQL query to find everyone who had put down a home page and manually banned the members who had a spammy link there. Yes, arduous, and I wouldn't pressure anyone else to do it, but profile page spam is getting more and more common.

On our site, 70% of our signups are from a specific region in Pakistan, with a specific ISP. I can easily block this combo in the new TPU spam app:
https://xenforo.com/community/resources/tpu-detect-and-block-spam-registrations.2973/
https://xenforo.com/community/resources/tpu-detect-spam-registrations-javascript.2974/
(the two work together)
 

Attachments

  • upload_2015-1-21_17-25-49.webp
    upload_2015-1-21_17-25-49.webp
    24 KB · Views: 6
Upvote 0 Downvote
@NixFifty that's probably true – but if they are hiring people to do that only in third-world countries, then it must mean by targeting them it is, still, a relatively low paying job. Maybe not if their living standards are lower or the conversion rates are different, etc.
 
Upvote 0 Downvote
chrishill said:
@NixFifty that's probably true – but if they are hiring people to do that only in third-world countries, then it must mean by targeting them it is, still, a relatively low paying job. Maybe not if their living standards are lower or the conversion rates are different, etc.
Click to expand...
Some of those countries, if you are making $10 a day you are hitting it big time.
 
Upvote 0 Downvote
What's the best way to stop spammer registrations from adding a link in the About: section of the profile page?

Do I need to manually remove that section from display on member pages?

I don't see a way to prevent it using the user group permissions for the Registered group.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Seeker-Smith
  • Question Question
XF 2.2 Spam check
Replies
1
Views
216
Seeker-Smith
Seeker-Smith
S
  • Question Question
XF 2.2 Old users are becoming SPAM everyday !
2
Replies
21
Views
925
Ozzy47
Ozzy47
jayhawku
  • Solved
XF 2.2 A handful of users not getting the confirmation email...
Replies
6
Views
291
jayhawku
jayhawku
N
  • Question Question
XF 2.2 Rendering a custom mention in Html
Replies
1
Views
223
Newsman
N
El Porcharo
  • Question Question
XF 2.2 Debug a not working template modification
Replies
0
Views
304
El Porcharo
El Porcharo
Top Bottom