Solution for spam bots ? Why IPB is so flawed ?

[FabioPaz]

Hello,

Everyday my forum is bombed by spam bots that can easily bypass the registration process with email verification, captcha, question challenge, etc... (and yes, spam protection in adminCP is enabled).

My users started to complain as if the forum is getting neglected and that's why we let so much spambots get in (they don't understand how a bot can bypass captcha, etc.. they just think that the moderation dont care or staff is not doing their job).

I have a pretty active forum and moderation staff, and even if you "mark as spammer" and remove the spam content withing seconds, some people always see it and complain.

Validating every registration by hand is not a option, since members would simple go to the competitor where they can register, validate the email and start using the forum right away.

Anyone is having getting success get rid of spam bots ? (since devs are having a problem too)

Thank you

[opentype]

I don’t manually validate the accounts, but the first post. No spam problems whatsoever with this approach. 

[FabioPaz]

Just now, opentype said:

I don’t manually validate the accounts, but the first post. No spam problems whatsoever with this approach. 

Great idea!!!

[Adlago]

The most effective method I apply is using a registration question. In the text of a question and answer I replace all the same characters - Latin alphabet with Cyrillic.

This text is incomprehensible for bot machines.

Here is an example of a question:

аnswеrs in wоrds - hоw mаny is twо рlus sеvеn? ............... ninе

Try a machine translation of this text and you will see that it is incomprehensible. That is, a bot machine will not deal with the question / answer.

 

[PPlanet]

I make everyone make their first post in one designated subforum. Until then my default membership group can't do much, can't see most topics, can't post anywhere, etc. Once they make the first post, they get automatically promoted to another group with more permissions (even then, I only allow 4 posts each 24 hours to this second group until their post count reaches 10, and when they get to 10 they are promoted again to another group without any of these limitations).

So, even if a bot makes it past the post #1 stage, it can only make other 3 posts in a 24 hour period. More than enough time to get reported, email & IP addresses blacklisted and the account deleted.

In reality it's unlikely for them to get through the registration tests plus this system as well.

Now, humans willing to sign up sometimes get a bit annoyed by this process, but I also do it as a character test too (Though younger generations understand it less than the people who were signing up 8 years ago)

[loccom]

I have around 20 communities. Each one i download all posts and all fed in to an RSS feeder by club. Works great as we have a no post goes un-answered policy so spam gets squashed quickly.

We very rarely get spammers. To be honest some of the very large clubs dont even have email authorisation. Straight in and post. We found that we have trusted the spam service and it certainly works. Nothing worse when members dont get their email auth emails and therefore cannot post. So we skip that issue.

If we do get spammers in bulk then we close doors and fix.

So rare we get them, and when we do our post feed reader shows them up.
 

[Jim M]

If you're getting hit hard with spam, I would suggest evaluating your question challenges. Making sure these are questions unique to your community that only interested members would know is key. Remember there are 2 types of spam, bot and human. Creating unique questions will hopefully eliminate a good majority of them both. This technique has eliminated spam on my personal community so I am a huge proponent of ensuring this feature is used properly.

Also like @opentype suggested, performing a moderator review on their first content is also a good safety net.

For more, I'd suggest reading our Blog on Spam:

 

[Bluto]

Get Cleantalk.  It works.  Totally worth the minimal price.

 

[Rhett]

Just now, Bluto said:

Get Cleantalk.  It works.  Totally worth the minimal price.

 

If you setup Invision correctly, there is no need for third party bloat.  

[Bluto]

1 minute ago, Rhett said:

If you setup Invision correctly, there is no need for third party bloat.  

Please provide the guide which outlines exactly how to set things up so that IPS stops all the spam.  Not a "we suggest, etc." kind of guide, but a guide which is step by step exactly what to do.  Thanks!

[Rhett]

Check the help guides there is a complete guide

[AlexWright]

Step one is probably making sure these are enabled:

 

Step 2 is your Q&A challenge. As another member mentioned somewhere else on the board, use Cyrillic script for this.

Or just do what Rhett said....ninja poster

[Bluto]

The only thing I'm seeing is https://invisioncommunity.com/4guides/how-to-use-ips-community-suite/managing-members/spam-prevention-r9/

As stated in the OP, he's already using those (IPS Spam Service and Question and Answer Challenge) and still getting spammed.

I was getting spammed before using all IPS spam prevention tools in multiple configurations.  

The only thing that actually stopped spam in it's tracks was Cleantalk.  People are free to use what they want, Cleantalk works for me.