Site Being Overun By Spammers

FM Graphics · June 5, 2023

Hi Guys

I could really do with some help urgently as my site has been overrun by spammers all morning.

It's not something I have experienced at this level but it is out of hand at this point.

Marc · June 5, 2023

I have taken a look at your settings there, and while spam at present is indeed an issue for a lot of people (there is simply a massive amount out there at present), I would suggest the following:

Switch to hCaptcha - Once you have done this, also increase the sensitivity of this on your account on hCaptchas website until it helps reduce this
Add question and answer challenges. - At present you have none of these on your site

Rafael Fischmann · October 16, 2023

For the past 3 days, we've been hit by more than one hundred spam accounts, which we've manually blocked.

We've switched from Invisible Captcha to hCaptcha this morning, but I've already blocked a couple of spammers since then, so I'm not sure it'll do the trick.

A few of those spam accounts were able to post hundreds(!) of spam topics on our community.

Randy Calvert · October 16, 2023

Take a look at the CleanTalk plugin. It's done a good job in reducing spam on our site. It's not perfect (nothing is honestly), but it's certainly been a help in the fight!

https://cleantalk.org/help/install-ipboard4

Jim M · October 16, 2023

21 minutes ago, Rafael Fischmann said:

For the past 3 days, we've been hit by more than one hundred spam accounts, which we've manually blocked.

We've switched from Invisible Captcha to hCaptcha this morning, but I've already blocked a couple of spammers since then, so I'm not sure it'll do the trick.

A few of those spam accounts were able to post hundreds(!) of spam topics on our community.

Looking at your community, you may wish to enact the Question/Answer challenge as well. CAPTCHA alone will not stop all spam but will help. Enacting the correct question/answer challenge, which is easy for your users but hard for bots/human spammers, will also greatly assist.

Rafael Fischmann · October 16, 2023

36 minutes ago, Jim M said:

Looking at your community, you may wish to enact the Question/Answer challenge as well. CAPTCHA alone will not stop all spam but will help. Enacting the correct question/answer challenge, which is easy for your users but hard for bots/human spammers, will also greatly assist.

We've always had those Question/Answer challenges, Jim. They're bypassing them somehow, and most of them are using Google's login as I can see.

A couple of new ones from the past hour:

Joel R · October 16, 2023

Welcome to the spam waves! Many Invision Communities have been hit since spring with these massive spam waves. It's been frustrating.

Some suggestions:

- in hcaptcha, make sure you switch to difficult mode.

- switch up and rotate your challenge questions. In my experience though, this only stopped it for 1 or 2 days

- you may want to turn on automatic moderation

- cleantalk plugin (which does have a small fee) does help tremendously but I also think it catches some false positive of actual users too.

Rafael Fischmann · October 16, 2023

3 minutes ago, Joel R said:

Welcome to the spam waves! Many Invision Communities have been hit since spring with these massive spam waves. It's been frustrating.

Some suggestions:

- in hcaptcha, make sure you switch to difficult mode.

- switch up and rotate your challenge questions. In my experience though, this only stopped it for 1 or 2 days

- you may want to turn on automatic moderation

- cleantalk plugin (which does have a small fee) does help tremendously but I also think it catches some false positive of actual users too.

Thank you, Joel. Really appreciate the tips/suggestions!

Jim M · October 16, 2023

13 minutes ago, Rafael Fischmann said:

We've always had those Question/Answer challenges, Jim. They're bypassing them somehow, and most of them are using Google's login as I can see.

A couple of new ones from the past hour:

https://d.pr/i/mKTb8p

https://d.pr/i/DAFIJx

That would likely indicate that it is too easy to google or an answer that bots can calculate. It is not something you just set a question/answer. You have to test many and balance the results with spammers that get through and humans struggling to answer it.

In my personal experience, the right question/answer challenge removes a great deal of spammers. However, no spam prevention is absolute.

Rafael Fischmann · October 16, 2023

1 minute ago, Jim M said:

That would likely indicate that it is too easy to google or an answer that bots can calculate. It is not something you just set a question/answer. You have to test many and balance the results with spammers that get through and humans struggling to answer it.

In my personal experience, the right question/answer challenge removes a great deal of spammers. However, no spam prevention is absolute.

Even so, Invision Community's spam protection feature should be able to identify those spammers based on posts' content, how many posts they make in just a few minutes, etc. No human would post 100 new topics in less than an hour on a forum about Apple laptops mentioning girls in Abu Dhabi. Just saying…

Jim M · October 16, 2023

Just now, Rafael Fischmann said:

Even so, Invision Community's spam protection feature should be able to identify those spammers based on posts' content, how many posts they make in just a few minutes, etc. No human would post 100 new topics in less than an hour on a forum about Apple laptops mentioning girls in Abu Dhabi. Just saying…

Please keep in mind, here in support, I can only guide you on what is available in the software today. This is not a feature as it stands and if you would like to see it as one, placing this in the Feedback section is the way to go.

We recently added new spam prevention features to help with Geolocation on registration so that may assist you if you’re seeing a specific location of spam registrants.

AlexJ · October 16, 2023

Block them at Cloudflare / Firewall level. I have blocked bunch of IP's and ASN's and it took care of the issue. Just make sure you check - if the IP is from Data Center / Proxy and based on that update the rules, so no real users would get impacted.

It also takes care off useless search bot who just aggressively scan for WordPress links. Ex:

Edited October 16, 2023 by AlexJ

Jim M · October 16, 2023

1 minute ago, AlexJ said:

Block them at Cloudflare / Firewall level. I have blocked bunch of IP's and ASN's and it took care of the issue. Just make sure you check - if the IP is from Data Center / Proxy and based on that update the rules, so no real users would get impacted.

Would be very careful about doing something like this. Don't want to be overzealous in doing so or you may accidentally block legitimate traffic. Maybe that's a legitimate user using a VPN or a third party service you're running which runs in a datacenter or something else entirely.

Rafael Fischmann · October 16, 2023

58 minutes ago, Jim M said:

Would be very careful about doing something like this. Don't want to be overzealous in doing so or you may accidentally block legitimate traffic. Maybe that's a legitimate user using a VPN or a third party service you're running which runs in a datacenter or something else entirely.

Yeah, I'm always afraid of blocking IPs. I only block the ones which are red flagged by https://www.abuseipdb.com/

AlexJ · October 17, 2023

5 hours ago, Jim M said:

Would be very careful about doing something like this. Don't want to be overzealous in doing so or you may accidentally block legitimate traffic. Maybe that's a legitimate user using a VPN or a third party service you're running which runs in a datacenter or something else entirely.

I normally check using https://www.ipqualityscore.com/ - it is accurate overall, especially this M27 or datacenter related IP's.

We normally mention on site, users should remove Proxy if they face the issue.

Kjell Iver Johansen · October 17, 2023

I suggest IPS add possibility to add answers as Numbers in QA Section. Then we could add math questions as challenge - several sites use this as an option.

Daniel F · October 17, 2023

43 minutes ago, Kjell Iver Johansen said:

I suggest IPS add possibility to add answers as Numbers in QA Section. Then we could add math questions as challenge - several sites use this as an option.

That’s way too easy for bots.

Invision Community 4: SEO, prepare for v5 and dormant account notifications

Invision Community 5: Beta testing and latest updates

Invision Community 4: A more professional report center

Invision Community 5: A video walkthrough creating a custom theme and homepage

Site Being Overun By Spammers

Recommended Posts

FM Graphics

Marc

Rafael Fischmann

Randy Calvert

Jim M

Rafael Fischmann

Joel R

Rafael Fischmann

Jim M

Rafael Fischmann

Jim M

AlexJ

Jim M

Rafael Fischmann

AlexJ

Kjell Iver Johansen

Daniel F

Recently Browsing 0 members

More