XF 1.1 My Forum's Getting Lots Of Spam

HWS

Well-known member
  • #41
ALL of the Xenforo sites I know and I've visited today had and have a spam problem. It seems that this is a huge organized SPAM attack at all 1.300 known live Xenforo sites.

Except a single one: xenforo.com

Jack: Did you get SPAM registrations too today? And if not: Why are you left out of this attack?
 

polle

Active member
  • #42
I changed to approve manually the accounts and I just see how a bot registered, stay there like 5 minutes and nothing appears under users awaiting moderation.

How is that possible ?
 

Russ

Well-known member
  • #43
spammers.png

Yep, massive hit today, we added in some other spam API's just now, as well as added some QnA's. We'll see how it goes
 

polle

Active member
  • #45
How is it possible that the spammers know exactly all the sites using XF ?
 

M@rc

Well-known member
  • #46
I ended up turning off new member registrations in 5 of my 6 XF boards tonight, still took me an hour & a half to clean up the mess. Fortunately I was still up & working on line, I hate to see much crud would have been there if I'd hadn't noticed for another 8-10 hours.
I've turned off new registrations last night as well (and deleted all current spammers). Stopped all of the spammers right at the door, ;) (but unregistered users will turn their backs - that's the downfall).
However, I added a link to my FaceBook and Twitter accounts for people to contact me if they wish to open an account at the forum.

The spammer is definitely this guy: http://xenforo.com/community/threads/do-you-have-an-angryuser.34810/

On registration at my forum, there's an extra field to add. The user inserted "123456", the same number used for AngryUser (and every spam account created).
 

3rd AnGle

Well-known member
  • #47
funny.. i came in here to ask the same thing..

btw few of you suggested we should use both ReCaptcha and Q&A... how could we do that? I can see options for using either reCaptcha or QnA but not both in User registration option
 

HWS

Well-known member
  • #49
The spammer is definitely this guy: http://xenforo.com/community/threads/do-you-have-an-angryuser.34810/

On registration at my forum, there's an extra field to add. The user inserted "123456", the same number used for AngryUser (and every spam account created).
Yes, this obviously was a test run.

Add a new custom field to the registration process and check its entry. Like "Please write 'WORLD' into this field:" and check if the new user entered "WORLD". This will halt automated spam registrations until the spammer has changed his script.
 

Adam Howard

Well-known member
  • #53
151 Spammer hit my site today... New record... Lucky me (sarcasm)

ALL of them using v6 IP Addresses.

XenForo has for once fallen behind on this....
 

HWS

Well-known member
  • #54
Check this post http://xenforo.com/community/threads/can-we-prevent-registrations-from-a-specific-country.35196/#post-399609 and the posts after that.

For now only Russian version of Xrumer is updated. The update on the Xrumer english version is going to be released in a week. Botmaster has specially mentioned XenForo spamming capabilities of the updated Xrumer. This software can churn out 1000 posts per minute. Expect to get nailed like crazy :(
It seems that a big automated spammer script has got an update with Xenforo "support".

I think Xenforo developers should check that script (how it attacks Xenforo) and get out an update VERY soon to protect from that malware!

Otherwise we all have to live with that spam problem for a long time.
 

Adam Howard

Well-known member
  • #55
Add this into your htaccess

deny from *.andasio.com

Next for e-mail addresses in your XenForo add this to the ban list

*.andasio.com

If they're spamming that link add andasio.com to your censor filter
 

akia

Well-known member
  • #59
Its so random though! This isnt a normal thing as I think anyone in this thread would agree.. I get no spam bots what so ever as I have all the security addons in place ready.. but in 5 hours i now have 15 sign ups?!!? Bit random that.
I've found its mainly down to a piece of software called GSA Search Engine Ranker, it was recently updated to work with xenforo, ever since then I'm getting battered by spammers. You can tell as all the spam has quite a obvious signature.
 

Lykke

Well-known member
  • #60
Same issue on one of my forums here as well. Been spending a lot of time to clean up and they keep coming.

I just switched from captcha to Q/A - and now I get this error when trying to click on 'who's online' list:


Undefined variable: userActivity
  1. XenForo_Application::handlePhpError() in LNBlog/ControllerPublic/Entries.php at line 225
  2. LNBlog_ControllerPublic_Entries::getSessionActivityDetailsForList()
  3. call_user_func() in XenForo/Model/Session.php at line 312
  4. XenForo_Model_Session->addSessionActivityDetailsToList() in XenForo/ControllerPublic/Online.php at line 50
  5. XenForo_ControllerPublic_Online->actionIndex() in XenForo/FrontController.php at line 310
  6. XenForo_FrontController->dispatch() in XenForo/FrontController.php at line 132
  7. XenForo_FrontController->run() in /var/www/vhosts/cyreneforum.com/httpdocs/index.php at line 13
I do not have the error if I switch back again :(
 
Top