1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.4 Spam Phrases and Blocking Chinese Spam

Discussion in 'Troubleshooting and Problems' started by okhello, Jan 28, 2016.

  1. okhello

    okhello Member

    We've been getting hit by these awful chinese spammers:

    I've put some of the characters in the Spam Phrases tool, but that doesn't seem to help. Is there a way to get the system to flag any post that contains 大, regardless of the other characters surrounding it? Like, *大*? Or is that not how wildcards work?

    Any other ideas are appreciated.
  2. whynot

    whynot Well-Known Member

    If they cant register they can't post.
    Use Q/A for registration.
    Ban a range of IP addresses.
    Ban certain email addresses.
  3. okhello

    okhello Member

    They're using canadian IPs, hotmail and other legit email providers. Nothing fishy.
    I don't want to add a Q/A just to block chinese spammers. These are literally the only spammers that are getting past TPU: Detect Spam Registrations and Xenforo's built in spam blocker.

    If there's a way to get Spam Phrases to detect an individual chinese character, the problem will be solved.
  4. Mike

    Mike XenForo Developer Staff Member

    "*大*" should work without issue. How are you testing whether it is blocked? Users with more than a few posts likely won't be spam checked.
  5. rainmotorsports

    rainmotorsports Well-Known Member

    What kind of settings are you running in TPU? You seem to focus on the whole canadian IP aspect rather than what host names. The majority of IP's probably belong to datacenters running VPN's on rented servers. Blocking the dozen or so hostnames which will block any traffic from those hosts will often take a dent out of it. Mind you your blocking traffic from servers. The only users coming from servers are either there at the data center or using proxies/vpn's through those hosts which often are not normal vpn providers. Blocking them will have little consequence versus blocking regular ISP's, common VPN providers.

    Every situation is different. If you are an english site yeah the spam phrase will probably do more than not.
  6. okhello

    okhello Member

    The staff member who added 大 to Spam Phrases didn't put the wildcards around it. Glad to hear that it should work, I've added a few chinese characters with those wildcards now and hopefully they'll be caught next time.
  7. okhello

    okhello Member

    Tips about our TPU configuration would be great!

    Here is the registration data from the two spammers that hit us yesterday:

    TPUDetectSpamReg checking: qaewyu01, qaewyu01@outlook.com,
    AS detected: ASN11831, ESECUREDATA - eSecureData,CA
    +1. Email matched: *@outlook.com
    Hostname detected: automotivedeals.info
    Country detected: CA
    Total score: +1

    TPUDetectSpamReg checking: liqijia01, liqijia01@hotmail.com,
    AS detected: ASN10929, NETELLIGENT - Netelligent Hosting Services Inc.,CA
    Hostname detected:
    Country detected: CA
    Total score: +0

    These are the hostnames we have in TPU:

    AS Name:

    I'd appreciate any changes you can recommend. Thanks!

Share This Page