Spam Accounts

[Baw$e]

Recently my forum has received a couple spam accounts. I have email verification disabled because not all members were receiving my emails.

What are tricks to keep the spammers/bots away? They signed up and created posts in another language linking to Whatsapp.

 

[Al]

You're running xenForo, right? You can easily add a Captcha mechanism to slow down spam registrations. The easiest one to implement is a Q&A. You can even make the questions niche-based, so in your case something like, "What is the missing suite of cards?" Diamonds, Hearts, Spades and...?

With the answer being "Clubs". People need to type "clubs" or "club" (you can add more than one answer) in the box to be able to complete registration.

I have:



and



Simple, not difficult, but requires a human brain to understand the request.

 

[Baw$e]

Thanks for the tips. I already have a Q&A set up with one question. I guess it's too easy. I'll add the card suits question, and maybe a few more.

 

[Al]

You can also set up Cloudflare turnstyle. I think its free.

 

[zappaDPJ]

I'll add the card suits question, and maybe a few more.

I wouldn't do that. The right Q&A should stop the majority of spam until it doesn't. If you have multiple Q&As you won't know which one has been 'broken' for want of a better term.

You really only need one and as @Al has already said niche based Q&As are usually the best.

 

[KensonPlays]

I make use of stopforumspam, honeypot, and hCaptcha. I rarely ever get spam registrations with the 3 of those combined. Are both SFS and honeypot enabled?

 

[Cedric]

Enable Honeypot, Stopforumspam, DNS Blacklist, Akismet, and Cloudflare Turnstile. All built in Xenforo options, only need to register an key at some. Easy, free, spamfree. 😉

Just don't blindly stare at the queue when a new registered member appears to be spam. Often, they're not but their username is blacklisted.

 

[KensonPlays]

I personally do not enable Akismet, cause IIRC they charge a fee for "commercial use" which a site that offers paid upgrades, I believe, would fall under that, even if there are no active paid upgrades? I also don't have dns blacklist setup, but we don't get enough traffic to warrant it yet, IMO.


@Baw$e - Do you use SFS and Honeypot, along with hcaptcha or cloudflare turnstile? Enabling those can help reduce it a lot.

 

[Page]

I seem to get spam accounts from known countries like Russia and India

 

[cpvr]

I seem to get spam accounts from known countries like Russia and India

I use Cloudflare's WAF option to block the entire country zone of Russia. The traffic I was getting from them was quite malicious, so I blocked the entire zone for security purposes.

 

[Shawn Gossman]

Recently my forum has received a couple spam accounts. I have email verification disabled because not all members were receiving my emails.

What are tricks to keep the spammers/bots away? They signed up and created posts in another language linking to Whatsapp.

I usually add a security question that's related to the niche but difficult enough that you might need to Google the answer.

I also add a field that requires an answer. A lot of times a generic answer will be added and that's a good indicator of spam.

If your community isn't too hopping, turn on manual approval. Don't let the first post contain a link.

 

[Page]

I use Cloudflare's WAF option to block the entire country zone of Russia. The traffic I was getting from them was quite malicious, so I blocked the entire zone for security purposes.

Ever since I update to hCaptcha and added some settings to Cloudflare's I have resolved it without blocking any countries like Russia 😉

 

[Ravenfreak]

I need to figure out the best way to prevent spam accounts from joining Zippy Promotion. (I've started working on that site again.) I'm using MyBB for the forum and I get hundreds of spam accounts trying to join. I need to go through and delete a bunch of accounts that registered. Thankfully none of them has made any threads but I've never seen so many spam accounts on a forum.

 

[Nomad]

If you are getting spam from select few countries, you can block IP. That's what I do

 

[Page]

If you are getting spam from select few countries, you can block IP. That's what I do

Blocking the IP is easy, however doesn't stop them from using a VPN and having a different IP.

Got to think more outside of the box otherwise HTacess be full of 100s of IPs XD

 

[dojo]

You can block iP ranges if needed. Whatever countries bring in the most issues, just block them and call it a day.