Every day I have to delete about 20 spam "guest" posts. This is a new problem and started a couple of months ago.  Apparently there is a new vulnerability in the system that makes it easy to automate spam guest posts on Invision forums.

These spam post only serve to irritate board administrators, because these guest posts are deleted and never see the light of day. So the motivation for spammer to do this is not clear to me...

Black listing IP address have no impact, as the IP addresses used changes daily. 

Has anyone else seen this problem? What have you done to stop it? Block the IP address of the entire russian federation would help, but that is a brute force solution and would not completely eliminate the problem.

I've even see these types of posts on Invision's own community forums 

 

Spam account registration currently outnumber normal registrations. 

5 minutes ago, AALBC said:

What have you done to stop it? 

Most likely turned off the 'Post before registration' feature.

Edited December 10, 20213 yr by Nathan Explosion

That wouldn't be post before registering (topics aren't visible before registration is completed and would have a valid member after registration) , it looks like the OP may have permissions set so that guests can post topics.

Go to AdminCP > Members > Member Groups > Click the padlock icon next to 'guests'. Make sure that they don't have any permissions for posting replies or topics.

Guest posts often help keep the forum going, but I guess I have to kill that feature...

Thanks guys.

@AALBC try use: 

 

12 hours ago, AALBC said:

Guest posts often help keep the forum going, but I guess I have to kill that feature...

Thanks guys.

We designed the Post Before Register feature to streamline the ability for guests to post whilst also requiring them to register. You might want to give it a try... - more information:  https://invisioncommunity.com/news/invision-community/44-increase-visitor-registrations-with-post-before-registering-r1106/

 

Thanks for the replies everyone!