webtiryaki
Member
Since I updated Xenforo 2.2.15, my site has been attacked by spam members. Is there something unusual about this version?
XF 2.2 Xenforo 2.2.15 spam problem?
- Thread starter webtiryaki
- Start date
Whatever is the cause it will be coincidental and nothing to do with 2.2.15. We haven't made any significant changes to spam things for a long old while.
I note that you appear to be running a Q&A captcha on your forum. I've seen others suggest recently that their Q&A questions have become less effective.
Spammers are constantly evolving. They build up human verified databases of Q&A captcha responses. The latest versions of their software get updated to reflect that and it enables non-human spammers to automatically pass them.
Changing your Q&A questions may help. Using a managed CAPTCHA (such as Cloudflare Turnstile) may also help. The managed ones do sometimes get "solved" too but you can be sure the Cloudflare team is also swiftly evolving.
I haven't yet seen people complain about increased spam when they're not using a Q&A captcha so there may well be a connection there.
I note that you appear to be running a Q&A captcha on your forum. I've seen others suggest recently that their Q&A questions have become less effective.
Spammers are constantly evolving. They build up human verified databases of Q&A captcha responses. The latest versions of their software get updated to reflect that and it enables non-human spammers to automatically pass them.
Changing your Q&A questions may help. Using a managed CAPTCHA (such as Cloudflare Turnstile) may also help. The managed ones do sometimes get "solved" too but you can be sure the Cloudflare team is also swiftly evolving.
I haven't yet seen people complain about increased spam when they're not using a Q&A captcha so there may well be a connection there.
MySiteGuy
Well-known member
Its nothing to do with any version. I've had 3 of my forums hit with Russian spammers the past two days, and they range from XF 1.5.24 to 2.2.15.
One of them, after getting hit with spam, I change from Q&A to two different captchas, and the spam kept coming. Temporarily disabling the contact form was the only way to stop it.
One of them, after getting hit with spam, I change from Q&A to two different captchas, and the spam kept coming. Temporarily disabling the contact form was the only way to stop it.
zappaDPJ
Well-known member
I've seen a huge increase in spam over the last few days and it's nothing to do with Xenforo because all of my forums currently run on other platforms. In every case they cracked the Q&A because...
Just like @ge66 I fixed the problem instantly...
I keep reading that Q&A is old school and that it doesn't work but as I said elsewhere it works 100% for me until it doesn't at which point you simply change the Q&A.
Just like @ge66 I fixed the problem instantly...
I keep reading that Q&A is old school and that it doesn't work but as I said elsewhere it works 100% for me until it doesn't at which point you simply change the Q&A.
^ That
Also, only ever have 1 question.
If you have multiple you won't know which one(s) have been compromised.
whynot
Well-known member
It used to work for me perfectly for many years but not anymore.
After spamcleaning, deleting the 8 spammers, today I have another 13 of them.
Hmmm... Make it 22...
Last edited:
beerForo
Well-known member
It does seem to have been an unfortunate coincidence, but I think this is AI/ChatGPT bots cracking the Q&A in real-time. Something changed with the amount of spam as well as the amount of time a new Q&A is cracked, and the only thing I can think of is the days of human verification/list building is more a thing of the past, and the inevitable tipping point was this new wave.
Joeychgo
Well-known member
Ok, I own a number of big boards with many registrations every month. (probably 1000 actual registrations a month between the different forums not including the ones that are blocked by my methods)
Here is what I do to combat spam. These methods block most spammers from registering and help you catch nearly all spammers that manage get through. In the end, its only the occasional spammer that actually posts on my sites.
First, I use question & answers captcha. I generally make the questions related to the forum topic, staying away from the what is 2+2 kind of questions. So for example, if you run a forum about baseball, you might have a question that asks "What city are the White Sox from?" I always have several questions which change with every registration attempt. Occasionally I change these questions as well.
I also add profile questions to the registration that are specific to the forum topic. So this question might be "What is your favorite team?"
Second, I use the addon Signup abuse detection and blocking This does a great job.
Third, I use the Register email addon. This is the backup. It sends you an email when a new member joins and that email includes some important info. When you read the email the main thing you want to do is compare the timezone with the location and location by IP. What you'll see from most scammers is the IP location, the Location they put in while registering, and the Browser timezone don't match up. This is your first big tip off. Usually its the browser timezone as the scammer has to manually change that in their browser settings and since they almost always use a VPN their IP location changes. The key is just by looking at the email I can quickly identify spammers. (see screenshot below)
Here is what I do to combat spam. These methods block most spammers from registering and help you catch nearly all spammers that manage get through. In the end, its only the occasional spammer that actually posts on my sites.
First, I use question & answers captcha. I generally make the questions related to the forum topic, staying away from the what is 2+2 kind of questions. So for example, if you run a forum about baseball, you might have a question that asks "What city are the White Sox from?" I always have several questions which change with every registration attempt. Occasionally I change these questions as well.
I also add profile questions to the registration that are specific to the forum topic. So this question might be "What is your favorite team?"
Second, I use the addon Signup abuse detection and blocking This does a great job.
Third, I use the Register email addon. This is the backup. It sends you an email when a new member joins and that email includes some important info. When you read the email the main thing you want to do is compare the timezone with the location and location by IP. What you'll see from most scammers is the IP location, the Location they put in while registering, and the Browser timezone don't match up. This is your first big tip off. Usually its the browser timezone as the scammer has to manually change that in their browser settings and since they almost always use a VPN their IP location changes. The key is just by looking at the email I can quickly identify spammers. (see screenshot below)
Last edited:
Similar threads
- Question
