XF 2.2 Spam user Accounts

[usm116]

I just setup my forum and I am already getting dozen for spam account requests. I have reCAPTCHA enabled for new uses and have also installed cloudflare WAF and security. Is there something else I can do?

 

[Paul B]

Every site gets spam accounts.

Use the built in tools to automate the handling and processing of them - admin.php?options/groups/spam/ .

 

[Mr Lucky]

I have reCAPTCHA enabled for new uses and have also installed cloudflare WAF and security. Is there something else I can do?

I use Q & A instead. I also have some custom registration fields which of course you need to manually check ( I
use a registration email addon so easy to check if cusom fiels look wrong as they happen, won't work on large forums though I suspose)

I also have Stopforumspam and akismet API key.

Any links in new registrations activate manual approval by having this in spam phrases:

/^\[url.*\[\/url\]$/si
/^http\S+$/si
/\[url=("|')?([^"'\]]+)("|')?\].*\[url\]\2\[/si
/\[url=("|')?([^"'\]]+)("|')?\].*\[url=("|')?\2("|')?\]/si
/^https?:\/\/\S+\n/si

 

[usm116]

Thanks for the help, I will try those out, thanks

 

[usm116]

I switched to Q&A CAPTCHA, with questions made my me, spam user registration has actually completely stopped. Seems like spam bots are able to easily get around the default CAPTCHA

 

[duderuud]

[OzzModz] Registration Spaminator Stop Spam Bot Registrations

This addon is another tool in fighting spam bot registrations at your forum. How it works The [OzzModz] Registration Spaminator works with and regardless of other anti-spam measures but also makes them all obsolete, proving the worthlessness...

xenforo.com

 

[Rhodium]

I just setup my forum and I am already getting dozen for spam account requests. I have reCAPTCHA enabled for new uses and have also installed cloudflare WAF and security. Is there something else I can do?

View attachment 262401

hCaptcha works better than reCAPTCHA to stop spam in my sites, i recomend this addon too: https://xenforo.com/community/resources/signup-abuse-detection-and-blocking.6812/

 

[Mendalla]

I find that with fairly tight settings, I get most of the spammer crowd being rejected automatically using StopForumSpam. Basically, if they get 1 blacklist hit, they go to approval, any more they get summarily rejected. Haven't had any issues with false positives but I get very few legit signups anyhow.

 

[Alan_SP]

You shouldn't use name as criteria, in some cases they are too regular names, and thus they trigger spam listings, which is totally wrong. IPs too aren't most reliable. Mail should be the most important spam trigger.

If we could setup weight of trigger, it would be much better.