1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.5 We've been spammed - help!

Discussion in 'XenForo Questions and Support' started by creativeforge, Jul 29, 2015.

  1. creativeforge

    creativeforge Active Member


    I'm not sure which it is, spammed to death, or hacked to death. I need help from experienced users who can guide me what to do next.

    I just disabled the board, so what should I do next?



    Attached Files:

  2. Sheratan

    Sheratan Well-Known Member

    That's spam. Do you have any antispam system in register?
  3. creativeforge

    creativeforge Active Member

    Yes, that's what's strange... I have also Captcha enabled.

  4. creativeforge

    creativeforge Active Member

    How can I delete the "users" AND delete their content?
  5. creativeforge

    creativeforge Active Member

    How come they could register under the radar?
  6. vij

    vij Active Member

    Read this:
    Block spam COMPLETELY with no addons

    Its very important to block posts from users who put in links within the first post. That alone will stop almost all spam messages. Once that happens and you fall out of the "success list" of xrumer users, you will be fine. Change questions in QA captcha.

    I think a lot of the posts are from one person likely using different user accounts and handful of ips. You should disallow those ips.
    Last edited: Jul 29, 2015
    creativeforge likes this.
  7. imthebest

    imthebest Formerly Super120

    You should use the Spam Cleaner tool.
    Spam Management | XenForo

    Change your questions and answers.
    creativeforge likes this.
  8. creativeforge

    creativeforge Active Member

  9. vij

    vij Active Member

    Check ips. Is this a new forum?
  10. creativeforge

    creativeforge Active Member

    New forum as of last month, yes, and all these IPs were located in South Korea. All these IPs are now banned.

    We'll see how the new protection measures work now. Hopefully we averted a disaster, they only polluted one thread that I know of.

    Thank you ALL!!! :) This is awesome help, right here... :)

    Regards and respect,

  11. creativeforge

    creativeforge Active Member

    Well, they came in again 10 minutes ago. Is there a stronger spam-proof option?
  12. creativeforge

    creativeforge Active Member

    Is this telling you anything about how to setup a better anti-spam defence?

    array(4) {
      ["url"] => string(59) "http://vi-control.net/community/index.php?register/register"
      ["referrer"] => string(59) "http://vi-control.net/community/index.php?register/register"
      ["_GET"] => array(1) {
        ["register/register"] => string(0) ""
      ["_POST"] => array(17) {
        ["username"] => string(0) ""
        ["e1b6b55a818d9d416c407e609a4acdbd"] => string(8) "RaeMarss"
        ["a94ffa68f163a3d4aabdae2623f9b392"] => string(0) ""
        ["0cc047169aee19cd686244756e66ff88"] => string(18) "RaeMarss@yahoo.com"
        ["c995552bd043bf9dd38dda796e874045"] => string(0) ""
        ["1e9355eba3fb0810bafd76b4ca902c09"] => string(4) "male"
        ["dob_month"] => string(1) "2"
        ["dob_day"] => string(2) "12"
        ["dob_year"] => string(4) "1992"
        ["6888f3a76d1ca17c6f0d8c99d5356d67"] => array(1) {
          ["zdjjngqyndu0mgvimwq"] => string(0) ""
        ["custom_fields_shown"] => array(1) {
          [0] => string(19) "zdjjngqyndu0mgvimwq"
        ["6a291124dfb9a79ab40b3a9b197fd289"] => string(14) "Asia/Hong_Kong"
        ["captcha_question_answer"] => string(5) "12:00"
        ["captcha_question_hash"] => string(40) "96ecda96bfd65198bb9ef3f4424cf3922f855712"
        ["agree"] => string(1) "1"
        ["_xfToken"] => string(8) "********"
        ["reg_key"] => string(32) "d2c4d24540eb1ddb67d4b25e616ca97a"
  13. Martok

    Martok Well-Known Member

    Post a screenshot of all the settings on the spam management page.

    You should change your Q & A questions, they may be too easy.
  14. creativeforge

    creativeforge Active Member

    What kind of Q&A do you use?
  15. Martok

    Martok Well-Known Member

    Questions relating to what my site is about (PlayStation gaming) - ones that gamers should be able to answer, of course.

    Q&A questions should be changed every so often too to ensure they keep the spammers at bay.
  16. creativeforge

    creativeforge Active Member

  17. creativeforge

    creativeforge Active Member

    OK, good, I have 3 questions. One maths, two with completing the lyrics of two songs. Not sure if they have to answer all 3 or if they come in rotation, though...

    Question: what's the worst thing spammers can do to a Xenforo forum?
  18. Set3sh

    Set3sh Active Member


    I am using keycaptcha and haven't seen a single spam registration.

    Kind regards,
    creativeforge likes this.
  19. creativeforge

    creativeforge Active Member

  20. Martok

    Martok Well-Known Member

    I'd suggest you get Project Honeypot and Akismet keys (links in Spam Management).

    The maths one is likely too easy, anyone can probably answer it. The same may go for the song lyrics. Remember that spammers aren't just bots these days, many are real people.

    Questions are randomly picked from your list.

    Post lots of spam. Make sure that you haven't given any user groups (except maybe moderators and trusted member groups) the bypass flood check permission (so leave it at Not Set (No)) and the flood check time in the ACP is set to no less than 30 seconds (the default). This will limit the amount of spam any spammers that get through can post.
    creativeforge likes this.

Share This Page