Jump to content

Recommended Posts

Hi Guys,

 

I run a very active forum and currently get about 10-15 emails a day stating a new user has applied to join, I have image verification and admin acceptance switched on but none of these seem to be stopping them applying and now I can't determine which are real and which are spammers...

 

I need help on how to stop them, I was thinking about setting up a cost per user such as £1 per user this would stop them and I could give legitimate people a code to give them free entry but I wouldn't know where to start with this or how to set it up.

 

So any help/advice would be greatly appreciated...

 

Thanks

 

Ano

 

Link to comment
https://forums.phpfreaks.com/topic/154073-to-much-spammers-help/
Share on other sites

I need help on how to stop them, I was thinking about setting up a cost per user such as £1 per user this would stop them and I could give legitimate people a code to give them free entry but I wouldn't know where to start with this or how to set it up.

 

You could create a hash from their username and make them enter it somewhere to verify they're human.  Send it via mass email.

 

Do you have an email activation set up?

I'm guessing that your CAPTCHA has been cracked from other sites using the same. This is probably what bots are grabbing to determine the code:

<input type="hidden" name="confirm_id" value="84e282bd402018086a2c26c0575e3621" />

 

Switch to another captcha and I bet it stops. I wouldn't use any CAPTCHA that comes with PHPBB as the code is open source.

 

http://recaptcha.net/

And if the benefit is great enough, someone will sign up, make a test post to see if he can directly post spam content/links, then use an automated script.

 

It sounds like you want some way of detecting at the time someone creates an account if they are going to post spam. You cannot really until they do so (assuming you have a good registration captcha and email verified op-in registration - a link in an email that must be clicked to activate the account.)

 

The key to stopping spam is to remove the benefit or make it not worth the time to receive that benefit. Don't allow links to be posted until a member has a minimum number of posts. Fully moderate posts (require approval by a moderator before the post is displayed) by new members until they have a minimum number of posts. Use a captcha to make a post until they have a minimum number of posts. Use a content filter to either strike out spam like words and links or to cause a post to be full moderated when it triggers the content filter.

 

Do you have any php knowledge?

 

Remember even if you do manage to switch your CAPTCHA you will still have bogus accounts in your database. Your gonna have to get rid of them yourself. I would redirect the register page until you have it sorted.

Computers were designed to parse and solve math problems.

 

If you are going to use a text based question/answer captcha, you need to have questions that don't involve find/copy/paste or math, because that is what computers do well. A single php eval() statement can solve any simple math equation that you are likely to use on a captcha. If something only takes one or two lines of php code to break, you can bet that it has already been broken and it is only a matter of time before someone uses it to bypass your form checking.

Yeah, but if yer ok with php, ya can make it generate different question/answer combination.

I did like the math solving ones myself

 

2 + 2 =

 

 

Bah... give them some real math challenges. It'll keep out idiots and spammers (though of course spammers is in a sense a subset of idiots). Something like:

 

Given a cylindrical container, what should the height and radius be in order to the minimum possible surface area if the volume must be exactly 1 liter (assume no overlap of material on container assembly)?

 

Height: [__________]

Radius: [__________]

 

Given that AI is more difficult to implement than OCR, this is better for bot based attacks.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.