XF 2.0 I'm fed up with spammers posting 500 posts a day on xenForo

Marco Famà

Active member
hi guys,

I literally had to close the board a few moments ago cause I can't keep up with using Tapatalk or the ACP to moderate and kill all this ****e threads

for the sake of clarity, this is my Spam Management page and how I've set it up (which, if I'm not mistaken, should be robust enough to kill):

Time-Lapse-Network-Forum-xenforo-anti-spam-options.jpg



yes, I am getting so much that is not a nice experience anymore to run my forum, as spam banning is now the work I have to do instead of replying to users.

My questions are:
1) am I doing anything deep wrong with the above settings?
2) any premium low cost solution as Akismet on WordPress or let xenForo clean up the current system (over 1000 spam threads to be killed, can you imagine??)?
3) any way I can clean it up on the database table (xf_forum) and how to do it safely with no risk?

thank you All / @Brogan
 
Last edited by a moderator:

Marco Famà

Active member
P.S. Anyone knows how to kill all the previous approval queue messages? I've got 2000+ and XF doesn't really make it is to bulk mark them as read / done / erase without going to each of them, unflagging the "Notify user for the decision" etc

thanks
 

JustinHawk

Well-known member
@JustinHawk thanks, didn't know about it - cool! I can see it is free for limited usage, I could give it a try!

you should only worry about usage if you have more than 100+ user registration every day.

P.S. Anyone knows how to kill all the previous approval queue messages? I've got 2000+ and XF doesn't really make it is to bulk mark them as read / done / erase without going to each of them, unflagging the "Notify user for the decision" etc

thanks

follow this > https://xenforo.com/community/threads/approval-queue-bulk-action.142807/

or drop via database. table name : xf_approval_queue
 

Marco Famà

Active member
killed the whole via database - thank you so much

PS: unfortunately I cannot download your asset as it say Your ip: '188.65.1.1' seems to be proxy or vpn. if you believe it to be wrong you can contact us via contact form. :D that is hilarious, I am the spammer haha!
 

JustinHawk

Well-known member
PS: unfortunately I cannot download your asset as it say Your ip: '188.65.1.1' seems to be proxy or vpn. if you believe it to be wrong you can contact us via contact form. :D that is hilarious, I am the spammer haha!

blocked probably because of its type.
Usage Type: Data Center/Web Hosting/Transit
and fraud Score: 90 lol

Send me a conversation with username and email, i will manually create an account for you.
 

Marco Famà

Active member
hey guys

just wanted to follow up on this: it worked finally.

Bad news is: I got banned from Google because of this sh**** spammers. I'm so furious.

I asked Google to review the whole thing after cleaning up

thanks again for your support
Marco
 

greenchicken

Active member
I am still on 1.5.x I use this old add on and I have a forum with over 1.3 million posts and the only spam I get are manual signups, also make sure you set it where a new member can't post links for x amount of posts Capture.PNGC2apture.PNG
The pink is just half a page logged today
 

Overscan

Active member
I simply don't let new users make a first post without approval. Once they make a post and I approve it, then you are promoted to a group which allows posting without moderation.

The small number of spammers who make it through the standard safeguards inevitably give themselves away by not being on topic.
 

ScratchMang

Member
I took a slightly different approach, although this might not work for everyone depending on the geographical audience of the forum you run but for mine it works. As my Forums are locally based, I made the decision a few years ago to write a script to update my Firewall every three days which basically does the following...

Downloads the Latest ARIN database of IP's and the countries they are assigned to.

Parses the file to "Whitelist" all IP addresses that are assigned to either Canada or the USA.

Drop (not reject, drop) all traffic from the rest of the planet.I drop as the IP looks dead, whereas a Reject indicates that there is a live host responding to the http(s) request.

Yeah I know it seems a bit harsh, but in reality 99% of my users are from Canada, 1% from the States. There may be a couple of people who are travelling internationally who on a whim may want to use the forums, but for what amounts to less than 1% of 1% I'm willing to take that hit.

End result is that virtually all, and I do mean all of the bogus registrations, SPAM and crap stopped, overnight, it's been 6 years or so now I've had this implemented and I have little or no issues with spam, hacking attempts or bogus registrations any more.

Again, this might not be the best solution for everyone, but for those who are running forums where 90% or more of your target audience is local and not international, it makes a huge difference.

Advantage here is you can be a bit more selective as to which countries you want to allow. And it's a BASH Script that works on a LAMP system so some modifications would need to be made if your backend is Windows....

If you're interested in the script drop me a PM....


Scratch
 

Mendalla

Well-known member
Drop (not reject, drop) all traffic from the rest of the planet.I drop as the IP looks dead, whereas a Reject indicates that there is a live host responding to the http(s) request.

Wish I could do something similar. I'm similar to you in that most of my users are Canadian. However, we have a smattering of other nationalities (an American or two, an Aussie, a Brit). So instead, I'd have to focus on where most of my problems come from (Russia and the former Soviet republics) and leave the rest.
 

Codeless

Active member
why not you just remove permission of posting content from normal members . and create an separate group for normal users so if bots registered they cant make post on forum . or add a custom feild and mark is required like

Which camera you use ?
Sony
Canon
Nikon
Panasonic


etc so bots don't understand it . also make prefixes for every section and users must select prefix to post content i think both way will avoid to spammers
 

ScratchMang

Member
That add-on would do the trick, however it's at the forum level, so hackers/spammers can see there's a forum there, my solution, such as it is, works at the firewall, before any webpage is rendered or sent to the client, dropping packets from unwanted countries before they see the forum.

Both do the trick, just different approaches...
 

ScratchMang

Member
That add-on would do the trick, however it's at the forum level, so hackers/spammers can see there's a forum there, my solution, such as it is, works at the firewall, before any webpage is rendered or sent to the client, dropping packets from unwanted countries before they see the forum.

Both do the trick, just different approaches...


Also, as an aside I run a few other sites on the same server ( WordPress and a couple of other things for family) so everything on the server is "protected" not just the forums which I forgot to mention as part of the reasoning to do this with iptables/ipset rather than internally with xenforo...

But again both solutions work, just differently 😁
 
Top