Kirill N Posted March 4, 2015 Posted March 4, 2015 So someone has just posted a spam topic on my site: Obviously it's no big deal and got taken care of within seconds, but the problem is, this looks like an automated post and I have multiple security measures for registrations, including a Q&A challenge which can only be answered by people genuinely interested in my forum without research. Now you may say that a real person promoting their site could do that, but this has never happened in 3 years of running IPS 3.x, and the first time it did was days after I upgraded to IPS 4. Plus, I noticed similar spam topics ere on the community forums as well. Could be a coincidence, but maybe there's some sort of security breach in IPS4? Thoughts?
AndyF Posted March 4, 2015 Posted March 4, 2015 What method of Capcha are you using ?Do you allow guest posting ?
Kirill N Posted March 4, 2015 Author Posted March 4, 2015 What method of Capcha are you using ?Do you allow guest posting ?reCAPTCHA 1 (hmm I actually should change it to that cool Google thing). But as I mentioned, I also have a Q&A challenge.No
AndyF Posted March 4, 2015 Posted March 4, 2015 I'd suggest trying ReCapcha2 or KeyCapcha (my preferred one at the moment)Do you have a few questions for the QA challenge ?Is the Spam Service enabled ? Might want to quickly check its settings too if its enabled.
Rhett Posted March 31, 2015 Posted March 31, 2015 I think you are stretching it just a tad too far to say this is may be security breach, with the question and answer validation you have in place and the question you are using, this is going to be a human registration that was then passed off to a bot system to post.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.