1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Spammers still getting through registration

Discussion in 'General XenForo Discussion and Feedback' started by Carlos, May 25, 2013.

Thread Status:
Not open for further replies.
  1. Carlos

    Carlos Well-Known Member

    Ever since I installed the xenForo 1.1.4 update on my biggest forum, I've not had seen a lot of spam...

    However, there are still a few spammers that get through registration. The new trend is the weight loss spammers. Watch for them.

    1. Profile Spam.
    2. They pretend to be a real user by uploading an avatar with the examples below:


    3. Their usernames are pretty consistent. Numbers at the end are the same.

    Keep in mind, I've got SolveMedia's CAPTCHA, and [Jaxel's] xenUtilies running in the background....

    It's quite obvious that spam prevention tools on xenForo needs improving...

    BROGAN! This does NOT belong here. This is about xenForo.

    CARLOS! It's not a suggestion so it was moved.
    Edrondol likes this.
  2. Russ

    Russ Well-Known Member

    Everyone has their own experiences but with QnA + Jaxels xenUtils with the API's enabled we have had zero spam. Have you tried to decent QnA's before?
  3. Biker

    Biker Well-Known Member

    Nothing is bot proof. Nothing. On the same note, nothing prevents human registration, either.
  4. Carlos

    Carlos Well-Known Member

    I don't want to have to edit the Q&A's all the time. Which is why I opted for a CAPTCHA-style hack. I fell in love with SolveMedia's because not only will it combat spam, it's an ad on top of it; meaning I get monies. :D
  5. tenants

    tenants Well-Known Member

    These still look like XRumer (but can't confirm), iterating through usernames is bot like behaviour (and continuous user attempts is also bot like behaviour). XRumer does have the ability to upload avatars, pick out topic relevant conversations / forums

    Try a few other plugins, one might pleasantly surprise you (hint.. fbhp currently stops 100% of bots, but if it is human spam, StopHumanSpam / StopCountrySpam might help)

    There is more than just XenUtiles and Common CAPTCHA that bots have been trained to beat,
    a few are listed here: Dealing with forum spam

    The core will always be targeted. As methods are put in place globally, the reward for breaking these methods becomes higher

    QA's have been beaten for a while (This is a game of Russian roulette, it's only time until your qa is added to textcaptcha.txt and then shared on a central db)
  6. Adam Howard

    Adam Howard Well-Known Member

    The only draw back about Questions and Answers (Q & A) is the language barrier. If your site accepts everyone (word-wide) and allows all languages... Q & A isn't going to be a solution.

    And captcha sometimes also adds this limitation. Because the keyboard characters are not universal either. And to be honest, most of them make it impossible for a real human person to read what is actually on the screen. Or are dependent on media from outside sources.

    Nothing is 100% full proof or bullet proof. But for what it is worth, we currently use the following





    But we also prevent new members from posting links, sending PM's, posting profile updates, or posting or commenting on profile walls, and editing signatures.

    This typically keeps out all spammers. And those who still are able to register (usually v6 IP addresses), can't post spam anyways because of all the reasons stated above.
    Code Monkey likes this.
  7. Sage Knight

    Sage Knight Well-Known Member

    Nothing beats good Q&As about your specific niche. I hardly get any spam at all because of this.
    Mark3121, Mr.Rick, oman and 4 others like this.
  8. oman

    oman Well-Known Member

    Yeah, I just thought up some good Q&A questions, and it meant I could remove all spam add ons and just use the built in stuff.
  9. The Forum Heroes

    The Forum Heroes Well-Known Member

    turning of registering prevents it 100% :D
    Ingenious likes this.
  10. MikeMpls

    MikeMpls Well-Known Member

    1.1.4 was pretty good out of the box (I have three forums on it), but eventually the spammers found it.

    In the forum where I allow unregistered guest posts, I had to delete as many as 24 in a 2-3 hour period. Spam registrations were popping up again with some frequency. Moderating registrations and unregistered posts didn't seem to discourage them, and I really hate wasting my time in that manner.

    So I a week ago I reintroduced KeyCaptcha, which a few months ago applied the coup de grace to all the spammies in my 1.1.3 forums. I've had no spam issues since.

    I know some criticize KeyCaptcha as theoretically driving users away, but i question that. I've never really noticed a difference before & after, and personally I find KeyCaptcha much easier than ReCaptcha (plus the spammers long ago broke ReCaptcha -- what's hard for us to read is easier with a computer & the right software).

    So these are my successful combinations which block virtually all spam:

    1.1.4: Out of the box (with registration time & DNS BL enabled) + KeyCaptcha

    1.1.3: Deny County (blocks Russia, Ukraine, India, China) + all 3 blocklists in XenUtiles + KeyCaptcha
  11. MikeMpls

    MikeMpls Well-Known Member

    Clever you!

    Clever them: Your questions and the correct answers will end up in Xrumer's database share by all their ilk.
    tenants likes this.
  12. oman

    oman Well-Known Member

    That's why you change them regularly. If the questions are good enough, the bots will take a while to work them out.
  13. MikeMpls

    MikeMpls Well-Known Member

    If you have time to keep doing the same thing over & over, that's fine. I prefer more permanent solutions.
    Carlos and tenants like this.
  14. Carlos

    Carlos Well-Known Member

    Then you pretty much agree with what I said. :)
    This is one issue that put me off from using Q&A. It poses a security hole. Because the xRumer database will eventually be hacked. Just like Anonymous hacked LucSec and vice versa. So once these hackers get your Q&A, it goes into bigger problems than just your forum.
  15. Biker

    Biker Well-Known Member

    Huh? That makes absolutely no sense at all. Especially since the answer to your Q&A has nothing to do with how secure your server is.
    Ingenious, Brogan and Forsaken like this.
  16. Carlos

    Carlos Well-Known Member

    Who said anything about servers? You ever consider the security of your e-mail address? Because the whole point of this xrumer database is to bypass these Q&A input boxes... Like I said: Bigger problems than your forum.

    It's the same thing as having this index of popular passwords and/or popular PIN numbers.
  17. Biker

    Biker Well-Known Member

    So? I still fail to see where the "problem" is.
  18. Carlos

    Carlos Well-Known Member

    *facepalm* Okay, you know what; nevermind. Ignore what I just said.
  19. Biker

    Biker Well-Known Member

    You edited after I replied.

    And no, it's NOT like an index of passwords. Let's get real here, shall we?
  20. Sheldon

    Sheldon Well-Known Member

    Wait, so if someone cracks my Q/A at my forum, there may be a security issue with my email? An I following this convo correctly?
Thread Status:
Not open for further replies.

Share This Page