Q&A has been working really great.

Make sure to set registration to question and answer, and enable email activation so the spammers will at least have to be real humans with an actual email address this way.

I'd make the question something like, how many ounces in a pound, or what is the fourth word of this sentence, or something relevant to the topic you discuss on your forum.

Yes, army of spammers too. Not a lot to stop blogs either

Just repeating what others said:

I changed from ReCaptcha to Q&A and spammer signups went from dozens per day to zero.

IMO ReCaptcha is essentially broken. There is obviously software exploits readily available to spammers out there, software that knows the weaknesses of ReCapcha all to well. I'd say ReCapcha is pretty much useless until serious changes are made and it is fixed.

Q&A needs manual work, changing the Q&A:s now and then but for now, I will settle with that.

I recently simply added Q&A to the user profile and made it a requirement and set Field Required as "yes,always" so this catches those that have already registered so when they come back they get a message saying their profile field needs to be filled out. it has stopped the spam 100% so far. i have left recaptcha as it is but will change that to Q&A also if the spam starts up again.


russ

Wow. I just installed vbStopForumSpam and stopped 6 in the first 25 minutes. I'm a believer.

Q & A works for me so does Vb stop forum spam .. excellent !

We (bladeforums.com) got hit pretty hard since New Years. Installed vbStopForumSpam and it's blocked over 400 spam registrations since this afternoon.

Needless to say, I'm going to make a donation to the plugin writer and the sfs site.

I do this.

I disagree.

I used to get about 100 spammer registrations each day, and just by adding one VERY basic Q&A question to the user profile as a required field, in addition to image verification, it dropped to maybe 20 spammer registrations a day. That said, I know people are getting paid to spam, it's not just bots.

I'm getting ready to install vbStopForumSpam, I'm just not very tech savvy so I'm a little nervous playing with the database.


Agreed.


Another option for me is, I know I'm not going to get any legit members from India and China for example, so I'm also considering using my .htaccess file to limit registrations from these countries. Russia as well.

There are a few websites you can go to that show you the range of IPs per country. From what I've read, you can just add this coding to the bottom of the .htaccess file:


# <Limit GET HEAD POST>
order allow,deny
# Country: BURKINA FASO
# ISO Code: BF
# Total Networks: 10
# Total Subnets: 31,488
deny from 41.78.48.0/22
deny from 41.138.96.0/19
deny from 41.203.224.0/20
deny from 41.216.144.0/20
deny from 41.223.232.0/22
deny from 192.136.55.0/24
deny from 192.136.56.0/24
deny from 192.136.57.0/24
deny from 196.28.240.0/20
deny from 212.52.128.0/19
## Country: BURUNDI
# ISO Code: BI
# Total Networks: 2
# Total Subnets: 2,304
deny from 196.2.8.0/21
deny from 196.223.3.0/24
#
allow from all
</Limit>




These are just examples from two countries, obviously the list of IP addresses to deny for China would be dramatically longer.

Ended up installing vbStopForumSpam, I really hate seeing Q&A type bot checks on the registration page so vbSFS check for bots without the user even knowing about it. Its been extremely effective, only had one account slip through and its a dramatic reduction in spam accounts overall. (not just the most recent wave)

I'm looking for ways to get rid of hundreds of users registered since the New Year me, all bots.

Geocoding software - there are plenty of free examples about - I adapted one called ip2country.

I have 15 ATM.

ive switched to Q&A as well. So far so good. For those of you using Q&A, how many questions do you have?

How do you autodetect if the users are from UK?