Hey,
how do you prevent your Boards from becoming a Spam target ?
I have three Points on my Board:
- Registration: Email activation & "Question & Answer"
- Guest's cant Post
- New Users: Postings are Moderated for the first 2 Posts and 48 Hours after the first Post.
This makes the Board very unattractive for Spammers and even if they get through: there Posts get no approve and that's it.
I have no blacklists Captchas or anything like this in Place.
Pretty much the same.
On one board the first message is moderated, while on another one there is no post moderation.
And there is a reason: the moderated one is like that not for bots, but because of a certain user that caused a ruckus registering multiple accounts, and after that episode the countermeasure remained in place.
On the other one, instead, the few spammers are removed in a matters of minutes, I prefer that rather than have users wait until their post is approved.
I installed a Modification for"the Moderation of the First 2 Posts and the 48h after first post" after my Forum got flooded by Spammers overnight.
btw: How do you detect Users registering more than once ?
currently i have for this
- Cookies (based on the VB AE Detection)
- Flash Cookies (this is getting irrelevant at the moment as flash support dropps)
- Device/Browser/Fingerprinting (has limitations & false positives)
and i am working on a hsts detection at the moment
Personally I'm not really that concerned by users registering twice, usually I can pick them after the first post based on their writing style.
I only used what available in Elkarte, no addon.
Strangely on my first forum using Elk there are spammer that succeed, but on my second forum there is none until now. I forgot what is the version of my first Elk but the difference is just the version is newer.
Your position in search engines and your linkbacks matters a lot for how much you'll get attacked by spammers. They need to know you're out there and the way they do that is by links from search engines and other sites.
LOL, we both know who it is ;D
My forum is not a big one and very few visitors check it. So i don't have any spammers till now. Only email verification during registration is enabled.
I guess we have a No CAPTCHA add on as well ?
Oops, yes we do have that :D
Captcha didn't do for me anything except irritate real users, bots still were on my forum.
Now I use verification questions with Polish letters in answers, works pretty good :)
Anyone try recaptcha?
I used old one (with very poor effects), did not have to use new with only checkbox
I always use Keycaptcha and never had a problem, Here is link I posted here a while ago.
http://www.elkarte.net/community/index.php?topic=1936.msg12723#msg12723
@Allan I gave a shot at packaging that up so you don't have to copy over files. So here is the all hook version, if it works please give it back to the KeyCaptcha folks (maybe they would list it on their site like the others, that would be cool). I tried to register for an account but never got the email (tried two different accounts as well)
@Spuds I will give it to them with out any problems. They were the ones that got it to work in the first place. Thank you for adding the hooks.
I've noticed a heavy activity of spammers that add some links to coupons in their signatures. Captcha and security questions aren't stopping them :)
That's why there are mods to fight spam ;) Captcha is borderline useless nowadays, more an hassle for humans than bots.
NoCAPTCHA is pretty effective with spam as far I know.
To be honest, I'm having issues to find these users after an hour. Seems like they're getting cleaned up/removed.
I've no post moderation. All the "coupon" don't post.
I've no time to track what's actually happening, but seems like it. I usually observe decrease in number of members and I can't find the coupon people.
I can see in the logs that some people don't activate their emails.
Not sure if this is the best thread for this or not, but I've noticed bots spend a lot of time obsessing over the contact form on my forum. Always seemed odd to me. Today I realized that "listen to the letters / request another image" is a high impression phrase for my forum and links to the contact page. (Yes, my forum is very low traffic, that's ok.) I wonder if bots search google for that phrase and then go to the pages to try and do something.
Should the contact form and other registration related forms be marked "robots" / "noindex"? They're certainly not pages I want people to discover my forum through as I can't imagine anyone actually interested in the subject of the forum searching for pages like that.
Thoughts?
Also, other than a code edit to the registration controller to add the tag to context['html_headers'] is there a better way to do this as a mod?
Considering spammers will not likely care about noindex/robots/nofollow/etc., it may not be the best place, but okay. :P
I'd not edit the code, but I'd try to use the integrate_action_*, in that case it could be integrate_action_register_before (or after, it should be the same).
The directive is not for the bots to respect, but to remove the page from search engines so scripts or bots can't find it there. As I said it is a common search engine driver to my forum even though it is completely generic.
Looking at the who page here I see several guests parked on the contact page as well.
Thanks on the hook.
Sorry, I won't give away the details of my secret, but there is an easy way to prevent spammers. It's highly effective too. The reason it remains secret is if it were to somehow become widely used, it would be worthwhile for them to program bots accordingly. Anyway, get creative with your registration question. The only antispam I have is a single question. One. ;)
I've seen your question, sir, you are genius ;D