XF 1.1 My Forum's Getting Lots Of Spam

[System0]

edit by jake - I just posted a resource that consolidates all of the information from this thread into one guide:
http://xenforo.com/community/resources/dealing-with-forum-spam.980/

I've never had any problems with spam before but when I checked my forum today I saw lots of spam threads. Some were in Russian though many were in English.

I checked some users and they had fully validated their account using Gmail. The spam is undoubtedly automated though.

Some users have signed up using the domain andasio.com.

At the moment I am getting a new thread every few minutes and the IP addresses are all different so there doesn't seem to be any way to stop it

(note: I haven't installed any new add ons or mods in a while so I don't think that's the issue)

I used to have this problem with vBulletin though this is the first time I've ever had a problem with XenForo. It's kind of taken me by surprise to be honest.

Any idea how this is happening and how I can stop it?

Thanks,
Kevin

 

[Stimo]

Ok ive installed this XenUtiles (think thats what its called) and i can confirm that I have not had any spambots get through since!

 

[Brent W]

or just block them altogether?

My main email is a gmail account. Thinking as an end user I'd be upset trying to join a forum and having it blocked.

 

[sonnb]

My main email is a gmail account. Thinking as an end user I'd be upset trying to join a forum and having it blocked.

Agree. Gmail is most be used email today .

 

[Adam Howard]

or just block them altogether?

I personally block YAHOO (yahoo, rocket mail, ymail)

You'd be surprised on how many spammers that stops. But more importantly, Yahoo is completely unreliable for e-mail delivery. I had a user point that out to me. Signed up for a few Yahoo accounts and waited for my e-mail conformation to my site. Some came and some came really, really, really later than expected... ie... Between 3 days to 4 months. 2 others never came at all.


*@rocketmail.*
*@rocketmail.*.*
*@yahoo.*
*@yahoo.*.*
*@ymail.*
*@ymail.*.*

 

[Walter]

Gmail? Yahoo? Why not block the whole Internete by pulling the plug of your server?

 

[Slavik]

FWIW Keycaptcha have a XenForo addon.

https://www.keycaptcha.com/captcha-for-cms/

 

[MattW]

FWIW Keycaptcha have a XenForo addon.

https://www.keycaptcha.com/captcha-for-cms/

Sweet! Just installed and tested, and it's working Now let's see if it reduces the number of registration attempts.

 

[Wildcat Media]

A few days into using Q&A with my "VIP Code" concept, we have not had one single Spam registration. I will probably do up a full article on it at some point. Too busy right now--trying to "sell" the idea of converting vB3.7 to XF on our "big board." I think it'll fly.

 

[Wildcat Media]

I simply switched to Q&A and have had no registered users since. No XenUtiles or anything.

Exactly. It worked for a few years for me in phpBB2 using the VIP Code modification (where you are essentially putting the "answer" for the Q&A elsewhere on your site), and so far has worked 100% on two XF forums for me now.

ReCAPTCHA is broken and useless at this point, seeing how spam registrations blew right past it. Given how convoluted their letters have become, I can barely read them when I have to use ReCAPTCHA at any other site. I usually have to refresh a couple dozen times to find something that is not mangled beyond readability.

 

[Steve F]

KeyCaptcha seems pretty slick, it has Xenforo plugin which makes it a seamless install. Working on the site in my sig if you want to take a look. Wish there was a add-on that would allow that and Q & A on the register page. Looking at traffic it seems these spam bots are landing directly on the register page.

Edit: KeyCaptcha seems to work well with touch screen devices, tried my iPad and it works nicely

 

[Andy.N]

KeyCaptcha seems pretty slick, it has Xenforo plugin which makes it a seamless install. Working on the site in my sig if you want to take a look. Wish there was a add-on that would allow that and Q & A on the register page. Looking at traffic it seems these spam bots are landing directly on the register page.

Edit: KeyCaptcha seems to work well with touch screen devices, tried my iPad and it works nicely

Do you have XenUtiles or anything to log registration? Would be interesting to see the stats after you install this.

 

[Steve F]

I do, but Bot scout seems to be the one stopping the majority of the spam. Just installed KeyCaptcha last night and don't see any stats in the KC account page yet for any spam captured.

 

[MikeMpls]

KeyCaptcha seems pretty slick, it has Xenforo plugin which makes it a seamless install. Working on the site in my sig if you want to take a look. Wish there was a add-on that would allow that and Q & A on the register page. Looking at traffic it seems these spam bots are landing directly on the register page.

Return 403 Forbidden if the referring page is not a legitimate source of a link to the registration page?

 

[Volion]

I'm really going to hope this works.

I've been hit...... HARD ...... I've always had Xen Utilities installed and used all 3 spam services. It turns out it has blocked over 2,000 (20 per page / 100 papges) worth of spammer in the last 2 days. But of course some of them are still getting in.

We originally were using Google's reCAPTCHA and clearly that isn't working.

Question and Answers need to be kept at simple Math only questions, because not everyone who registers can read or write in English. Sadly, the new A.I. that seems to have targeted us can do math... Very well math.

0 + 0 - 0 + 25131 - 2012 + 666 + 9002250007 - 3 =



And I refuse to block whole countries just because of some idiot.

I'm going to also start using Cloudflare, even though I sometimes think it does more harm than good.

Same, insane amount of Spammers since last Sunday.

 

[Brian Chance]

I had some time to try the idea earlier and it is working as intended now to see how it does with spammers. I used the route changer to change the route of the log in page to something random and then used a htaccess redirect to take the original page elsewhere. When I get a chance I will have the redirect go to an explanation page for anyone that got caught up using an external link to the old log in page url.

 

[Russ]

I had some time to try the idea earlier and it is working as intended now to see how it does with spammers. I used the route changer to change the route of the log in page to something random and then used a htaccess redirect to take the original page elsewhere. When I get a chance I will have the redirect go to an explanation page for anyone that got caught up using an external link to the old log in page url.

I was thinking about the route changer but realized the old route would still link up, but didn't think of the htaccess redirect for the old page

 

[sparky5693]

Keycaptcha seems to be working very well.

 

[ManagerJosh]

Two days utilizing StopForumSpam and XenUtiles and we're at 94 pages of registration attempts from these bots.

It's scary how aggressive some of these bots are.

 

[alpukn]

Having same problem. Since last Sunday a lot of Spam. I have seen xrummer in one of the emails and I assume some xrummer has a list of all xenfor forums now and is bypassing registration captcha.
Anyone has a solution that helped improve the situation?

 

[Adam Howard]

SOLVED (so far)

Did the following....

1) Installed Key Captcha https://www.keycaptcha.com/captcha-for-cms/
2) Started using CloudFlare
3) Continued to use all 3 ant-spam services offered in Xen Utilities

So far so good the last 24 hours.