Getting hundreds of registrations per month that are fake. Used to get 3-5 per day, now nearly 50-100 per day.
They're not defacing the site, exept for the rare rogue, but I keep in touch with the userbase via email often, and managing all the emails is now cumbersome.
I change the spam question weekly, and have blocked dozens of domains, as well as require a valid email address (password emailed). I can't seem to keep them off the site, though - IP's are from everywhere.
Its getting to the point I may just ban all overseas IP's or require an EDU address (college related site).
Anyone having spam registration problems with 1.2? Using Captcha's for registration? Can Bad Behavior or Akismet work on the initial registration?
Thanks for any info, ideas.
Show your support for Zikula! Sign up at Github account and watch the Core project!
- craigh responded to »Changing the order in which module CSS is loaded« 10. Dec
- espaan responded to »Experience of upgrading site from Zikula 1.2.4 to 1.3.6« 08. Dec
- henn9438 responded to »Ajax security checks failed« 06. Dec
- espaan responded to »status of getstatusmsg« 02. Dec
- MarcPare created topic »1.3.6 Security Update« 22. Nov
- craigh responded to »Downloads module 3.1.3 has an access issue.« 20. Nov
- localrags responded to »Installing Outbrain script in Zikula 1.2.9« 17. Nov
I checked your site and recognized that your anti-spam answer is a very common 4 letter term, this might be the problem.
In my experience the anti-spam question does work very well, even if not changed for years. The main trick is to chose a term which usually is not included in a dictionary, but easy to grab for humans. Example:
Write the word "human" in capitals, with dots between all letters. -> H.U.M.A.N
Give it another try!
an operating system must operate
development is life
I've tried 100 different variations, some complex, some math, some doing similar. It usually stops it for 2-3 days and then restarts again - as if someone updates their bots with the answer.
I updated it again with a longer response using dashes. I'll report how soon the bot registrations start again.
Edited by uheweb on Nov 30, 2010 - 02:38 AM.
spam registrations started up again 8 hours later with a question of:
Type the word BIGBLUE with a dash after each letter.
The rate is about 25% of what it was, so it appears many of them might have been dictionary bots, with some others being updated by the spammer manually when I change the question.
They are not coming from the same IP - all over the place. There are a few different formats (ie, how the name/email is formatted and if there are links in the user info), leading me to believe there are only a few spammers that are using a botnet to send the actual registration requests.
I will just continue to use a harder anti-spam question and change it weekly. Might look into doing some type of captcha or second security question. Would be nice to have several questions that rotate.