1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.5 X4 Health10 spam problem

Discussion in 'Troubleshooting and Problems' started by HSP, Sep 6, 2016.

  1. HSP

    HSP Member

    I have a very annoying spam problem on my forum. It signs up under X4 Health[NUMBER], confirm e-mail and writes a thread(spam). Each time I ban this user a new user signs up with the same username followed up with another number.

    My forum:
    • Use cloudflare
      I have put several countries under a challenge, under firewall
    • Captcha during sign up
    • Sign up e-mail confirmation
    • 1st thread moderated
    Please advice
     
  2. Martok

    Martok Well-Known Member

    Search the ACP for "User Name Validation" and put "health" in there to disallow any user names with that in them.

    You said you use CAPTCHA but not which one. Switch to Question and Answer CAPTCHA if not using it already, if you are then change your questions.

    Make sure you are using all of the settings in Options > Spam Management including a Project Honeypot key.
     
  3. HSP

    HSP Member

    I've applied everything you said. Let's see what happen.

    Bug:
    I see when you enable Project Honeypot you have two radio buttons, I selected "Require the registration to be manually approved by an admin". I tested and I managed to sign up and use my account without approval. Back signing in with my admin account I see no notification of new user registration that needs to be moderated, or is this about when it detect an IP with bad reputation?
     
  4. Mike

    Mike XenForo Developer Staff Member

    The context is explicitly when the IP is found using a DNSBL/project honey pot.
     
  5. HSP

    HSP Member

    I have a new kind of spam, how do I stop it? I have about 2 fake registrations combined with threads such as this one.

    spam.jpg
     
  6. HSP

    HSP Member

  7. Mike

    Mike XenForo Developer Staff Member

    Those aren't actually automated registrations believe it or not. They are very commonly humans, presumably getting paid to post this stuff. In some cases, if you look at logs, you can see them opening your site via a bulk "site opener" tool.

    There's very little you can do to stop them registering (since it's driven by people) unless you can find specific, unique fingerprints for them vs your real users. Otherwise, you just need to deal with them in moderation via spam cleaning.
     
  8. HSP

    HSP Member

    Last edited: Sep 11, 2016
  9. Mike

    Mike XenForo Developer Staff Member

    You can only block usernames the way mentioned earlier. You can block elements in the message using the "spam phrases" option.
     
  10. Alteran Ancient

    Alteran Ancient Well-Known Member

    If the spam registrations are almost exclusively originating from a certain geographical location, e.g. Pakistan or China, and isn't a nation that would otherwise visit your website legitimately, you can enact a geographical block at the web server level. You can search the internets for how to do this, but here is one such example.

    I was having similar problems, and managed to reduce my spam registrations down to just a trickle by doing this - the majority of my users are from the UK and Mainland Europe, so I wasn't inconveniencing any legitimate users. The remaining few were from Western IPs, but were easy enough for my team to use the Spam Clean tool on.
     
    HSP likes this.
  11. HSP

    HSP Member

    Thanks for the tip, unfortunately the IP geo varies. However, they are human registrations due the fact it improvise on my anti spam actions. For example I blacklisted particular phrases in username and suddenly the spam stopped using these usernames and use normal names instead.
     
  12. HSP

    HSP Member

    So far so good!
     

Share This Page