Announcement

Collapse
No announcement yet.

Spam bots defeat Recaptcha.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • I understand what I would need to do.

    Thing is I shouldnt HAVE to do it. Jelsoft's software is faulty, and since we are paying to use it and for support, they should be developing the 'honeypot'/'trap' etc.

    Instead they usually just say 'go to .org and discuss this there'.

    Comment


    • I am getting hit on my site too. I do have a few questions I'm hoping some can help with.

      I had not previously set up moderation on new registrations. But as a result of all of this, I turned this on a few days ago. I am now getting 8-10 moderation requests a day that I'm able to do a mass delete on using the moderation page.

      However, somehow I am also still getting 6-7 actual registrations a day that seem to be bypassing the moderation step. Can someone explain how this might be possible?

      Also, once they have registered, is there a way to do a mass delete of these invalid registrations? The method I use now is to search for Users/New Registrations. But this method requires me to select each user one at a time, select delete, confirm delete, research new registrations, and start the cycle again. Is there a faster way?

      Thanks

      Comment


      • damn bots!

        In the last week we have all of a sudden gotten spammed registrations many many times, image verification does nothing.. email verification is almost useless since I don't know who is real and who isn't. I'm going to try the question and answer, is that not working for boogie?

        Comment


        • Originally posted by CtrlAltDel View Post
          I understand what I would need to do.

          Thing is I shouldnt HAVE to do it. Jelsoft's software is faulty, and since we are paying to use it and for support, they should be developing the 'honeypot'/'trap' etc.

          Instead they usually just say 'go to .org and discuss this there'.
          Agreed, certainly the honeypot I've added could be out of the box.

          As for the go to vb.org line, I've had that a few times when I've been discussing concerns relating to hooks and core vB functionality. It's a fine line between helping the development of plugins and helping to use the product and I imagine end users get tangled in that all the time.
          Simple SEO

          Comment


          • I don't want to speak too soon, but since upgrading to 3.72(and using Recapture instead of capture), in the last couple hours, I haven't had any spam bot registrations. Of course i'm keeping my fingers crossed, but if that doesn't work I will try step 6: on http://www.vbulletin.com/forum/showthread.php?t=275800

            6) Although there is a Q&A option in the Human Verification Manager, at this time these is no way to use this in conjunction with Image Verification or reCaptcha. However there is a workaround for this. You can create a required profile field to add Q&A to the registration process. To do so, follow these instructions: Add an extra question to the registration to prevent bot registrations.

            To answer the previous question..

            "Also, once they have registered, is there a way to do a mass delete of these invalid registrations? "
            Sulli, the easiest way I've found is to prune users, sorting by date registered and selecting them for deletion that way.. good luck

            Comment


            • Originally posted by sarahk View Post
              Agreed, certainly the honeypot I've added could be out of the box.
              Yes, things like that certainly work (I use them), but if they are added officially to vBulletin, their effectiveness would dwindle because botmakers would cater to them.
              ~~~~~

              Comment


              • When they release their patch levels, they could change it each one.

                Comment


                • why is everybody overlooking germans ? you all blame china or russia being responsible for the spam but have a look here and you will see the difference is not that big

                  internetserviceteam.com => german
                  keymachine => german

                  should i continue ? 222.* ip's are anonymizing proxies that does not mean the spammer is located in the country you see when whoising that ip so all of you sould add german ip's to yor blocklist

                  Comment


                  • Does anyone have a list of all china and russia IP class A or B addresses?

                    I would like to block all of china and russia. As I never had anyone on my boards from there that were real users.

                    Is there a place I can find all of the class A addresses that belong to russia and china?

                    Comment


                    • Spam bots are getting much clever these days.

                      (1) They can post avatar and profile pictures too!

                      (2) Few of them had also break the code of "extra qn on registration". The qn is to spell out a letter from my qn. I had tested out asking for different letter on each day, they are able to spell the letter out correctly!

                      I don't know whether the spam bots are attacking on just vB forums particularly.

                      Comment


                      • Yup been having the same problems on my boards too.

                        Taken all the required steps and i notice i have a few members requiring moderation so best clean that up ! haha

                        Comment


                        • Originally posted by sullivanmar View Post
                          I am getting hit on my site too. I do have a few questions I'm hoping some can help with.

                          I had not previously set up moderation on new registrations. But as a result of all of this, I turned this on a few days ago. I am now getting 8-10 moderation requests a day that I'm able to do a mass delete on using the moderation page.

                          However, somehow I am also still getting 6-7 actual registrations a day that seem to be bypassing the moderation step. Can someone explain how this might be possible?

                          Also, once they have registered, is there a way to do a mass delete of these invalid registrations? The method I use now is to search for Users/New Registrations. But this method requires me to select each user one at a time, select delete, confirm delete, research new registrations, and start the cycle again. Is there a faster way?

                          Thanks
                          Hi, anyone have answers for my questions? Thanks

                          Comment


                          • Hello. I might be able to help you, but I want to make sure that I understand you first.

                            Originally posted by sullivanmar View Post
                            However, somehow I am also still getting 6-7 actual registrations a day that seem to be bypassing the moderation step. Can someone explain how this might be possible?
                            --I have never seen anything like this, and I want to understand this more. When you say that they 'bypass' the moderation step; in other words, you are getting new user signups that go directly from the registration form, into the 'Registered Users' usergroup, without any intervention from you, is that correct? Please explain. I know of a way that this might be possible, but I just want to make sure that you are not overlooking something first.

                            Originally posted by sullivanmar View Post
                            Also, once they have registered, is there a way to do a mass delete of these invalid registrations? The method I use now is to search for Users/New Registrations. But this method requires me to select each user one at a time, select delete, confirm delete, research new registrations, and start the cycle again. Is there a faster way? Thanks
                            --Ok, but here's the thing: if you turned moderation on for newly registered users, that also means that both the good and bad guys (so to speak) will need to be moderated; therefore, you are going to have to examine each one to make sure you are not rejecting a legitimate user registration. Are you following what I am saying?

                            Comment


                            • I am now getting 10-20 new registration requests per day. Most of those have gmail as their email.

                              Since upgrading to the later version, the user does not submit legitimate reasons and interests that indicate whether they are spam or not (my website is about gardening), so it is difficult for me to tell if they are real potential members.

                              Also, how do I ban specific ip addresses?
                              Ann B.
                              Landscape Propagation Forums

                              Comment


                              • Originally posted by landspro View Post
                                I am now getting 10-20 new registration requests per day. Most of those have gmail as their email.
                                --I realize that legitimate users use google email; however, you may want to consider banning gmail email addresses if your problem is severe. I have had to do this off and on myself. The spammers are currently abusing google services.

                                Originally posted by landspro View Post
                                Since upgrading to the later version, the user does not submit legitimate reasons and interests that indicate whether they are spam or not (my website is about gardening), so it is difficult for me to tell if they are real potential members.
                                --When you say they don’t submit it, what do you mean? Be specific, and I might be able to help.

                                Originally posted by landspro View Post
                                Also, how do I ban specific ip addresses?
                                --If you want to ban specific ip addresses from registering, simply go into your admincp and select:
                                Vbulletin options…user banning options…banned ip addresses box.
                                If you want to ban ip addresses from your overall site, you can use htaccess to ban them.

                                Comment

                                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                                Working...
                                X