1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.4 Use reCAPTCHA (No CAPTCHA) - Setup

Discussion in 'XenForo Questions and Support' started by ineedhelp, Jan 22, 2015.

  1. ineedhelp

    ineedhelp Well-Known Member

    I setup the new captcha yesterday by adding in the google key and secret key.

    But I've noticed NO improvement in preventing bots and spamming from signing up.

    I didn't complete setup 1 and 2 where it tells you to enter code into the Header and on the server.

    Anyone know where I go to enter the codes?

    Also why hasn't it blocked spammers/bots from joining so far?
     
  2. Mike

    Mike XenForo Developer Staff Member

    You just need to enter your site and secret keys into the option.

    The NoCAPTCHA option is really more about providing a better experience for real users; it's still ReCAPTCHA under the hood.

    That said, I would suggest that the spam registrations you're getting are not bots but humans.
     
    Dan Allen likes this.
  3. ineedhelp

    ineedhelp Well-Known Member

    They probably are human, because 98% of them upload a display pic. Unless bots can do this as well ? :confused:

    I'm getting like 30ish every day signing up.
     
  4. Mike

    Mike XenForo Developer Staff Member

    Well bots can do profile pictures, but there is a huge amount of human spam out there. You could consider add-ons that do blocks based on country/ISP, as you may find most of your spam comes from different countries than where your members are.
     
  5. ineedhelp

    ineedhelp Well-Known Member

    Can you suggest a good add-on which blocks countries?
     
  6. rainmotorsports

    rainmotorsports Well-Known Member

    I tried TACs stop country spam recently and it failed to block Pakistani traffic from hostnames ending in pk and using some of their oldest IPs in service so I personally had no luck with that one. But he has his entire lineup branded for free so you can always try it out first.
     
  7. ineedhelp

    ineedhelp Well-Known Member

    My forum is also being hit by spammers with Pakistani IP addresses. We must be facing a similar situation.

    If you do come across a working blocker, let me know thanks.
     
  8. rainmotorsports

    rainmotorsports Well-Known Member


    I've got my settings to auto reject on 2 flags which takes care of 80% of the spam and I'm moderating on 1 which catches a few false positives from people who wish to sign up with names like Sean and Paul. Turning the days to check against helps because they might not have used an IP for awhile.

    I got a couple days of near quiet after I did that and then they changed up. Almost all were registering as female but no longer. The ones not getting caught based on email or IP and getting through are mostly male.

    TechPowerUp (TPU) has a plugin I was going to try. It has many features but the one I'm interested in is blocking by hostname. The spam not coming from Pakistan or Airtel in India is coming from data centers. So blocking leaseweb, rackspace, hivelocity, ipvanish and others will reduce a lot of my spam.
     
  9. gfc

    gfc Active Member

    I block pakistani, chinese etc directly on the server with iptables and ipset. Works great.
     
  10. rainmotorsports

    rainmotorsports Well-Known Member

    @ineedhelp https://xenforo.com/community/resources/tpu-detect-and-block-spam-registrations.2973/

    The one I mentioned earlier. Installed it today and it is beautiful. It works on a weighted system one score for sending to moderation and another score for automatic rejection. I have set some of the more obvious ones to +6 for auto rejection for example. I don't want to block too many countries so I left India at +1, but I changed Pakistan, PK to +6.

    Here are some of my settings for you, the majority of my spam coming directly from Pakistan or India come from these 2 AS names:
    +6|AIRTELBROADBAND-AS-AP
    +6|PKTELECOM-AS-PK

    While the pakistan spam has no hostname the Indian airtel does so for extra measure under hostnames:
    +6|*.airtelbroadband.in

    Now the remained of my spam is funneled through VPN's via datacenters. I don't wish to block VPN access but I don't mind rejecting VPN registration at all.

    Leaseweb is very common here are the AS names:
    +6|LEASEWEB-US
    +6|LEASEWEB-NETWORK

    Some others so far I have run into (still waiting on Hivelocity and rackspace ones to hit me):
    +6|HWNG
    +6|ASGHOSTNET
    +6|PREMIANET

    The leaseweb VPN's are all hosted by a company called zenmate and I am blocking them via hostname:
    +6|*.zenmate.com

    There are several stock countries but as an example to auto reject all Pakistan registrations:
    +1|CN
    +1|IN
    +6|PK
     
  11. rainmotorsports

    rainmotorsports Well-Known Member

    HA, just as I wrote the above I caught one I have never run into before, france lol. Dedicated server host:
    upload_2015-1-24_4-26-8.png

    Because I have my SFS email and IP set to ad +3 each it auto rejected. However AS-CHOOPA was in the stock settings as a +1 as well.

    This one based on my above settings was caught:
    upload_2015-1-24_4-33-2.png

    They tried again and again with the same username, different email and kept getting rejected until they gave up.
     
    Last edited: Jan 24, 2015
  12. Dan Allen

    Dan Allen Active Member

    This is what I am looking at
    upload_2015-5-29_15-18-12.png


    When I am done, this is what I need to see
    upload_2015-5-29_15-27-7.png
     
  13. Tracy Perry

    Tracy Perry Well-Known Member

    That is for your own Q&A captcha. It's not related to the second image you posted.
    Screen Shot 2015-05-29 at 4.43.04 PM.png

    I think (not really sure) that you have to use the first one. I use the slider captcha myself.
    The selection above is under ACP -> Options -> User Registration.
     
    Dan Allen likes this.
  14. jauburn

    jauburn Well-Known Member

    Where does this human spam come from? How are they paid? What are they paid? Does anyone know?
     
    Dan Allen likes this.

Share This Page