Jump to content

Help with SMF and Bot Users


onlyican

Recommended Posts

Hi

 

I got a smallish website, smallish forum using SMF

 

My god am I suffering hard with bot registrations.

I got 72 posts and over 1300 users (You do the maths, this is NOT right)

 

I have moded the registration form to use ReCaptcha (Yes I know recent news about ReCaptcha)

 

Other than that, its pretty standard.

 

Any suggestions how to help prevent bot registrations (They are starting to post now so I can't just leave it and say, hey I got loads of members)

Link to comment
https://forums.phpfreaks.com/topic/224162-help-with-smf-and-bot-users/
Share on other sites

The reason I doubt these are users actually registering is the amount and Spam posts are starting to appear. When I look at the user Data, they registered on X date, last logged in: never.

 

For them to confirm account, they have to log in, which would cause a last log in date.

 

Only email validation is standard SMF, I may change this to check the MX Records.

 

 

I have cracked down a lot on spam bots

I am securing all GETS / POSTS / REQUESTS as these were NOT always done.

 

I am using a sneaky method (Later found to be a known method called honeypot) Where I have a text field that is in a hidden div. The field has to remain empty, else log in fails. (As most bots complete all fields)

Also another field with a value thats hidden, the 2nd page has to match (this is hard coded but helps stop cross scripting)

And user approval via email (Should have done this ages ago)

I have done a couple of other tricks but not going to tell all my secrets.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.