Spam is out of control.

ekool

Well-known member
We have a site that is being inundated with spam. We've done everything we can think of. We've got OzzModz Registration Spaminator on it, XON Signup abuse detection and blocking, moderate any post with https/http for new users. We've switched from Cloudflare CAPTCHA to Google v3 and they just keep coming, non stop. We've had to manually turn on user moderation.

It's very frustrating that nothing seems to work except manual approval.

Is there anything else we are missing?
 
In addition to OzModz Spaminator, I use OzModz Contact Us Spaminator, and Maxmind's Geolite-2 to entirely block certain countries: Setup>Options>Geoblock registrations.

Here is how I have Geolite-2 configured.
1676654888626.png

We have not had any problem with spammers using this arrangement. We do not use any captcha.
 
In addition to OzModz Spaminator, I use OzModz Contact Us Spaminator, and Maxmind's Geolite-2 to entirely block certain countries: Setup>Options>Geoblock registrations.

Here is how I have Geolite-2 configured.
View attachment 281649

We have not had any problem with spammers using this arrangement. We do not use any captcha.

I've just installed this.
 
If your forum is U.S based, would it work to simply block every country that isn't the United States? I've heard of people getting around blocks with a vpn. But I use a vpn for regular web browsing, and I've noticed that I'm locked out of more things as time goes on. I end up having to turn it off in order to get some sites to work.
 
... I've heard of people getting around blocks with a vpn. But I use a vpn for regular web browsing, and I've noticed that I'm locked out of more things as time goes on. I end up having to turn it off in order to get some sites to work.
Yes, we regularly have scammers (not spammers) attempting fraud while accessing our forum from Nigeria and some other countries using a VPN. Generally, we can spot them because of multiple IP addresses they use...which are not always VPNs. Other give-aways are: incorrect use of English, use of a cell phone, and/or use of gmail as the email address. We have a few nodes on our site that involve financial transactions between a buyer and seller. We moderate all posts made on those nodes.

Spanning is a separate matter which we control as I posted above.
 
I'm not seeing issues, but am curious if examples of IP Addresses the recent spammers are coming from can be shared - so that I can check them against my automated firewall settings.

I migrated to Cloudflare Turnstile near the end of January, registration attempts caught by spaminator reduced over the days after and haven't seen any logged in the last two weeks. There have been a small number of questionable registrations in recent days with no posts.

The IP Address examples may help shed some light.
 
We have a site that is being inundated with spam. We've done everything we can think of. We've got OzzModz Registration Spaminator on it, XON Signup abuse detection and blocking, moderate any post with https/http for new users. We've switched from Cloudflare CAPTCHA to Google v3 and they just keep coming, non stop. We've had to manually turn on user moderation.

It's very frustrating that nothing seems to work except manual approval.

Is there anything else we are missing?
Do you have StopForumSpam enabled?

That and the "link in first 5 messages" are the only spam features I use and they catch everything.
 
I've had only 3 spammers register this year, so far. (I'm running 2 forums) The three of them were within a few minutes, and were the same party. They got flagged and put in the approval queue. The built in tools DO catch and block most of them. One of the forums has been going since 1997, so there there are def members with breached passwords that would be subject to the recent attempts. I have the known IP they use blocked.

I'm using XF2 countryaccesscheck plugin, to block countries RU,CZ,KR,VN,AF,MD. It logs attempts for login, creating accounts, and feedback forms.

Cloudflare Turnstile, Stopforumspam, and DNSBL/Project Honey pot are also configured and active.
 
Why did you reply to a thread that is over a year old?
But actually... When people buy our spaminator products our support includes helping shore up other defense systems. We even worked over Christmas holiday to help a customer. We WILL stop your spam. We don't play.
 
  • Like
Reactions: FTL
Back
Top Bottom