I've installed a plugin that checks new registrations against a database (http://stopforumspam.com/) of known spam IP addresses, usernames, and email addresses. Hopefully that will help a little.

Thanks to yash101 (http://www.chiefdelphi.com/forums/member.php?u=70772) for the plugin suggestion.

Thanks Brandon! as always!

And Yash too!

We'll see if it works. I sure hope it helps

Thanks. However, it will only protect against new spam users. The old ones will remain, there to be manually discarded.

Oooh goody, the spam was starting to get a little thick.

PS. Here's a spam thread to get rid of:
http://www.chiefdelphi.com/forums/showthread.php?threadid=121543

91 new accounts already rejected .. seems to be working, so far.

91 new accounts already rejected .. seems to be working, so far.

Wow. Is there any way to find out how many of the 54,569 user accounts would have been rejected?

Could you to save these stats somewhere, and make a graph of them some time in the future (once you gather enough data)?

For my site, I just erased every member (because they had no data in them anyways), and then installed the plugin. This plugin is the first defense, after which Askimet catches the rest of the spammers that get in. One nice thing is that you can report a spammer to their database, so that every forum using their plugin can know about that new spammer!

The only stats I get on the plugin I use is the number of spammers it has stopped. It might be different for the plugin that has just been installed.

First thing this morning when I got on here, 3 spam messages. - up to 4 now.
How hard is it for them to change there IP address to get around this plug in?

This is great!

Good job guys!

First thing this morning when I got on here, 3 spam messages. - up to 4 now.
How hard is it for them to change there IP address to get around this plug in?
Yeah, there will still be some spam, but hopefully this will ease up on the amount of threads the moderators have been dealing with.

1400 registrations denied since installing this last night.

1400 registrations denied since installing this last night.

How many were allowed in that same time period ?

And, is there an appeal process in place for the false positives ?

Thank you Brandon and yash! Glad to see an improvement.

How many were allowed in that same time period ?

And, is there an appeal process in place for the false positives ?


22 registrations allowed through. If a user is rejected, they're told why and given a way to contact me to get registered.

If a user is rejected, they're told why and given a way to contact me to get registered.

Excellent!

Wow. It seems as though it is Woking better than expected!!! It should use the ip address to find who is spam!

Brandon,
Are they signing up and then vetted or will it not even allow the signup? Which ever it is it's working :)

First thing this morning when I got on here, 3 spam messages. - up to 4 now.
How hard is it for them to change there IP address to get around this plug in?

They change their IP, post spam and are reported to sfs. Every other forum knows if it it's being spammed, then!

Hey Brandon,
If any spam gets in, just press the report button to allow the database to be updated.

Sorry about the typo

Brandon,
Are they signing up and then vetted or will it not even allow the signup? Which ever it is it's working :)

Stop Spammers, if that is the plugin that is being used, will prevent signups, by redirecting the spammer/spambot to a fake register page. That way, they will get tricked.

Here's a link to the plugins: http://stopforumspam.com/contributions
This is the one that I use: http://wordpress.org/plugins/stop-spammer-registrations-plugin/


EDIT:
According to the plugin page (http://www.vbulletin.org/forum/showthread.php?t=176481), it just denies the request, but does not create a fake signup page.

Outstanding. We are all appreciative of a reduction in spam.

Great work, Brandon. Thanks for suggesting a working solution, Devyash.

Wow, there was quite some spam that just got in! Is there any second defense like Askimet? I never get any spam through because if SFS doesn't stop it, Askimet will remove the post!

All users already go through an initial period where all of their posts are filtered through Akismet.

I see! I have a feeling that these users are from the "22" users that were allowed in! Sign up first, spam later, after all suspicion is gone!

I am going to create a new account, with the username, test12345, to see what security borders there are. I'll delete it afterwards!


---------------

Here's what I noticed:
Your Captcha is very simple. It is possible to OCR it.
You have a good question verification
You do not have any e-Mail address validation. You might try looking for a plugin that verifies email addresses by doing a DNS lookup.
Put some harder questions, that make the user think. We are robotics students. We have brains! Zombies, please don't come after us :D
Have some plugins, like Stop Spammers or Askimet afterwards.

You may want to look into reCapatcha. On my forum, I used to get 10 spammers a day, until I installed reCapacha.
Try keyCapatcha! Not only is it really good, it is fun too!

Good Luck :D

The hotfix seemed to work well for a while, but the spam is now returning at seemingly comparable levels to before...

Yes, spam has returned. It is a difficult task, since the spammers are humans, not spambots. They post a thread, then go in and edit it to add the hyperlinks.

Thanks for all the work you do to keep this site up!

Wait, so what do you have against team 180? :/

I noticed that you are using the forum's built in capatcha (letters on image, to read and type). Have you tried reCapatcha? It reduced my forum spam by 75% by itself! the built in character generation sucks, because it is possible to OCR it easily! Just keep rotating the frame until it shows up as an actual alphanumeric letter. Also, adding special symbols, like #,$,@, etc. can stumble many spambots!

I noticed that you are using the forum's built in capatcha (letters on image, to read and type). Have you tried reCapatcha? It reduced my forum spam by 75% by itself! the built in character generation sucks, because it is possible to OCR it easily! Just keep rotating the frame until it shows up as an actual alphanumeric letter. Also, adding special symbols, like #,$,@, etc. can stumble many spambots!

Much of our spam appears to be posted by actual human beings in foreign countries. Not sure how much changing capatcha systems would help.

Well, "Stop Spammers" is great for stopping human spammers, however, the database is still incomplete! It is impossible to keep a list of spammers and their IPs and other info! It is also easy to hide their IP addresses by using an anonymous proxy! Maybe, there can me a censor to see how many links there are, compared to the unlinked words. Many spam posts are like this:

Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)
Go to Google! (https://google.com/)

There should be an algorithm, of the ratio of links to words. If there are too many links, the post would require moderation!

Good idea. Not sure if this version of VB has a plugin that can inspect the number of links. That would be good, though - perhaps limit all posts to 4 links or less.
I can believe the spam issue is just another reason to move to the latest version of VB. Meanwhile, we can play the game too....

Good idea. Not sure if this version of VB has a plugin that can inspect the number of links. That would be good, though - perhaps limit all posts to 4 links or less.
I can believe the spam issue is just another reason to move to the latest version of VB. Meanwhile, we can play the game too....

Anything to cut down on the spam. Maybe the number of links cannot be greater than 1/10th of the poster's reputation?

Anything to cut down on the spam. Maybe the number of links cannot be greater than 1/10th of the poster's reputation?

This would work if rep was more readily given out by users. For people like me with nearly four years as an active user but less than ten rep, links would be off-limits.

CD was down for me for about 4 hours. Was there an update?

Memory issue with mysql and some server monitoring software. Should be better for now.

Memory issue with mysql and some server monitoring software. Should be better for now.

Why were you getting those problems? Are you using the default configuration or did you reconfigure MySQL? On my server, I use the default configuration, and I am able to spam it with AB, without getting these problems! You may want to try running AB from a different vHost from the same hosting provider, and stress-test CD. That will give areas of strengthening to you :D

Either I am not accessing CD as much these days (Cause finals are coming), or there has been a massive reduction in spam! Is it the recently installed plugin, SFS blocking these spammers or is it something else, like: Spammer thinks to himself, It's Christmas (Almost), so let me give Mr. Martus a break!

Might be a bit better, there is still a fair amount. Part of it is likely due to moderators quick response to reported threads.

I think that is is a combination of both. Both, the antispam plugins, and the user group, along with Mr. Martus are the reasons behind the little spam on this forum!

From a lay person's perspective, the level of spam on CD has gone down significantly. A much, much, much better experience overall, and just in time for kickoff! Thank you Brandon M. and the team of mods for everything you do!

Thought it was worth celebrating a particular success in our community :)

-Mike

Are there any other plugins that have been installed?

If there aren't, I think it is just old spammers who already created an account who are able to spam. By the way, Brandon, do you delete the spam users, or just the post/thread?

Other than that, I have noticed that nowadays, very spam threads are going around. Maybe Mr. Martus is getting faster, or the spam plugins are resolving just in time for Christmas, New Years and Kickoff (Thankfully).

Just for the sake of it, I still think that the occasional spam thread is all right if deleted a couple hours later because it allows us to grab a laugh at all the grammer errors they make :D

Hi, this is my first post on this forum, and I wish to thank the creator of this forum for creating this resource. I am part of team 5064, and am trying to get my team to sign up. One of my friends on the team attempted to sign up for the forum, but got flagged as a spammer, he has sent an email, but from my current knowledge it has not been responded to.

thank you fro reading this post, and I hope this can be fixed soon.

Has he tried from a different IP? Tell him to try a web proxy, temporarily. I think you should be able to log in with an account already created, from a blocked area. Otherwise, I think you could try making the account for him and letting him sign in and change the password.

Thanks for the suggestions(I have a feeling he was using a proxy at the time), but he has managed to get a hold of the forum administrator(?) and got an account.