XF 1.1 My Forum's Getting Lots Of Spam

[System0]

edit by jake - I just posted a resource that consolidates all of the information from this thread into one guide:
http://xenforo.com/community/resources/dealing-with-forum-spam.980/

I've never had any problems with spam before but when I checked my forum today I saw lots of spam threads. Some were in Russian though many were in English.

I checked some users and they had fully validated their account using Gmail. The spam is undoubtedly automated though.

Some users have signed up using the domain andasio.com.

At the moment I am getting a new thread every few minutes and the IP addresses are all different so there doesn't seem to be any way to stop it

(note: I haven't installed any new add ons or mods in a while so I don't think that's the issue)

I used to have this problem with vBulletin though this is the first time I've ever had a problem with XenForo. It's kind of taken me by surprise to be honest.

Any idea how this is happening and how I can stop it?

Thanks,
Kevin

 

[SchmitzIT]

XenForo.com itself is being spammed now, too.

Maybe this would be a good time to roll out the promised new anti-spam functionality?

(Don't blame me for trying)

 

[Micheal]

XenForo.com itself is being spammed now, too.

Maybe this would be a good time to roll out the promised new anti-spam functionality?

(Don't blame me for trying)

when will this be released as im getting hit now about 40 to 50 aday now.

 

[lasertits]

Just reporting in to confirm what everyone else is already saying, seems spam is hitting XF boards pretty hard now. I've definitely been clicking 'spam cleaner' far more often recently. Using XenUtilities and all 3 API's. 969 caught by botscout so far (no idea what the average a day is, but so far for 8/22 it's caught 40, and I'm sure this # will be much higher by the end of the day). Forgot my pass for the other 2 services, so currently awaiting an e-mail to reset it. Interested in what the stats are for them.

 

[Walter]

I have posted some suggestions to the suggestion forum - if you like the ideas, like the post there:
http://xenforo.com/community/threads/better-anti-spam-tools.35336/

 

[Jamie Edwards]

Just wanted to chime in and say that over on Kayako forums - http://forums.kayako.com - we've gone rom about 4-6 spams per day to over 100. We've used reCAPTCHA, but I just switched to Q&A to see if that works.

Given that these bots register a few days beforehand we won't see the effects immediately.

I'd love to see Xenforo host a simple community spam service, where spam reports are submitted to a central server, and Xenforo installations can be configured to check that for spam-banned IPs at registrations (based on a threshold of reports, of course).

 

[cmeinck]

How do we remove the ability for members to post links in the About section. Right now, I use XenUtils to spot them and delete. They keep coming each and ever day, despite using paid spam add-ons.

 

[Jake Bunce]

How do we remove the ability for members to post links in the About section. Right now, I use XenUtils to spot them and delete. They keep coming each and ever day, despite using paid spam add-ons.

Note that user submitted links are given a "nofollow" attribute to prevent them from having any SEO impact. Exceptions are made for admins / mods.

 

[Brian Chance]

Reporting back on the below method, after making changes I had no registrations attempted for about 3 hours. When I looked ealier this morning there were a handful that were rejected by xenutilities but now it looks like its back to the same pace to get several hundred rejections today. Fortunately after making the captcha more complicated the random ones getting through have stopped.

So the change hasn't done much for this round/method of spammers but I will probably keep it to keep our install a bit different than the rest. Figure it couldn't hurt.

I had some time to try the idea earlier and it is working as intended now to see how it does with spammers. I used the route changer to change the route of the log in page to something random and then used a htaccess redirect to take the original page elsewhere. When I get a chance I will have the redirect go to an explanation page for anyone that got caught up using an external link to the old log in page url.

 

[HWS]

FWIW Keycaptcha have a XenForo addon.

https://www.keycaptcha.com/captcha-for-cms/

We disabled Keycaptcha again, because it does not work for verification when guests try to reach you via the Xenforo contact link. If you enable Keycaptcha, guests can no longer use the contact feature.

 

[Adam Howard]

We disabled Keycaptcha again, because it does not work for verification when guests try to reach you via the Xenforo contact link. If you enable Keycaptcha, guests can no longer use the contact feature.

F*ck

I can confirm this

 

[MattW]

We disabled Keycaptcha again, because it does not work for verification when guests try to reach you via the Xenforo contact link. If you enable Keycaptcha, guests can no longer use the contact feature.

I opened a ticket with them about it, and here is the response and fix:

From admin 2012-08-21 12:22
Hi, Matt!
Problem is in AJAX (if you open link in new tab you'll see captcha).

You can fix captcha's absence by following way:
1. go to admin panel, home->options->options->basic board information and look for a Contact URL and remember it (default or custom URL)
2. go to appearance->templates and click 'footer'
3 edit template -
if default then write <a href="{xen:link 'misc/contact'}"> instead of <a href="{xen:link 'misc/contact'}" class="OverlayTrigger" data-overlayOptions="{&quot;fixed&quot;:false}">

if custom then write <a href="{xen:link 'misc/contact'}"> instead of
<a href="{$xenOptions.contactUrl.custom}" {xen:if {$xenOptions.contactUrl.overlay}, 'class="OverlayTrigger" data-overlayOptions="{&quot;fixed&quot;:false}"'}>

after this "contact us" form will be displaying at next page instead of ajax window.

Andrey

 

[Edrondol]

Getting me on both of my boards as well. Most of the drug stuff is just funny and pathetic. Then there's the ones that are posting pictures of bestiality porn. Yay being an admin!

I closed registration on my main board and have 200+ waiting approval in the last two days. I also turned off guest posting which until this little spate of crap had been working fine.

 

[AlexT]

Deleted

 

[Deebs]

Not that it is of any direct help, check out the attach list of (mostly) XF forums to see if you are on their target list.

Wee! I am on there, but not had one spammer manage to get through since it all kicked off.

 

[Digital Doctor]

Wee! I am on there, but not had one spammer manage to get through since it all kicked off.

I'm on there. The spammers stopped once I added a Q&A.

8394 Xenforo forums listed.

 

[ManagerJosh]

Not that it is of any direct help, check out the attach list of (mostly) XF forums to see if you are on their target list.

Thanks for that Alex. Just wondering where did you find this list?

 

[Digital Doctor]

only 2 https:// sites ... I could have guessed both.
Anthony's site is listed weird.

http://webcache.googleusercontent.com/search?q=cache:xZWqJx_eRWEJ:https://www.ptsdforum.org/c/

Interesting list.
It's amazing how many of the forums I actually knew were xenforo.

 

[AlexT]

Deleted

 

[Jamie Edwards]

Not that it is of any direct help, check out the attach list of (mostly) XF forums to see if you are on their target list.

That's interesting, we're on there. Where is the list from?

 

[Digital Doctor]

That's interesting, we're on there. Where is the list from?

The list comes with the latest upgrade of XRumer.