Jump to content

Site Being Overun By Spammers

FM Graphics

By FM Graphics
in Technical Problems

 Share

Recommended Posts

Marc Stridgen Grand Master

Marc Stridgen

Posted
Posted

I have taken a look at your settings there, and while spam at present is indeed an issue for a lot of people (there is simply a massive amount out there at present), I would suggest the following:

  1. Switch to hCaptcha - Once you have done this, also increase the sensitivity of this on your account on hCaptchas website until it helps reduce this
     
  2. Add question and answer challenges. - At present you have none of these on your site
Link to comment
Share on other sites
  • 4 months later...
Rafael Fischmann Explorer

Rafael Fischmann

Posted
Posted

For the past 3 days, we've been hit by more than one hundred spam accounts, which we've manually blocked.

We've switched from Invisible Captcha to hCaptcha this morning, but I've already blocked a couple of spammers since then, so I'm not sure it'll do the trick.

A few of those spam accounts were able to post hundreds(!) of spam topics on our community.

Link to comment
Share on other sites
Jim M Grand Master

Jim M

Posted
Posted
21 minutes ago, Rafael Fischmann said:

For the past 3 days, we've been hit by more than one hundred spam accounts, which we've manually blocked.

We've switched from Invisible Captcha to hCaptcha this morning, but I've already blocked a couple of spammers since then, so I'm not sure it'll do the trick.

A few of those spam accounts were able to post hundreds(!) of spam topics on our community.

Looking at your community, you may wish to enact the Question/Answer challenge as well. CAPTCHA alone will not stop all spam but will help. Enacting the correct question/answer challenge, which is easy for your users but hard for bots/human spammers, will also greatly assist.

Link to comment
Share on other sites
Rafael Fischmann Explorer

Rafael Fischmann

Posted
Posted
36 minutes ago, Jim M said:

Looking at your community, you may wish to enact the Question/Answer challenge as well. CAPTCHA alone will not stop all spam but will help. Enacting the correct question/answer challenge, which is easy for your users but hard for bots/human spammers, will also greatly assist.

We've always had those Question/Answer challenges, Jim. They're bypassing them somehow, and most of them are using Google's login as I can see.

A couple of new ones from the past hour:

Link to comment
Share on other sites
Joel R Mentor

Joel R

Posted
Posted

Welcome to the spam waves! Many Invision Communities have been hit since spring with these massive spam waves.  It's been frustrating.  

Some suggestions: 

- in hcaptcha, make sure you switch to difficult mode.  

- switch up and rotate your challenge questions.  In my experience though, this only stopped it for 1 or 2 days

- you may want to turn on automatic moderation 

- cleantalk plugin (which does have a small fee) does help tremendously but I also think it catches some false positive of actual users too.  

Link to comment
Share on other sites
Rafael Fischmann Explorer

Rafael Fischmann

Posted
Posted
3 minutes ago, Joel R said:

Welcome to the spam waves! Many Invision Communities have been hit since spring with these massive spam waves.  It's been frustrating.  

Some suggestions: 

- in hcaptcha, make sure you switch to difficult mode.  

- switch up and rotate your challenge questions.  In my experience though, this only stopped it for 1 or 2 days

- you may want to turn on automatic moderation 

- cleantalk plugin (which does have a small fee) does help tremendously but I also think it catches some false positive of actual users too.  

Thank you, Joel. Really appreciate the tips/suggestions!

Link to comment
Share on other sites
Jim M Grand Master

Jim M

Posted
Posted
13 minutes ago, Rafael Fischmann said:

We've always had those Question/Answer challenges, Jim. They're bypassing them somehow, and most of them are using Google's login as I can see.

A couple of new ones from the past hour:

That would likely indicate that it is too easy to google or an answer that bots can calculate. It is not something you just set a question/answer. You have to test many and balance the results with spammers that get through and humans struggling to answer it.

In my personal experience, the right question/answer challenge removes a great deal of spammers. However, no spam prevention is absolute.

Link to comment
Share on other sites
Rafael Fischmann Explorer

Rafael Fischmann

Posted
Posted
1 minute ago, Jim M said:

That would likely indicate that it is too easy to google or an answer that bots can calculate. It is not something you just set a question/answer. You have to test many and balance the results with spammers that get through and humans struggling to answer it.

In my personal experience, the right question/answer challenge removes a great deal of spammers. However, no spam prevention is absolute.

Even so, Invision Community's spam protection feature should be able to identify those spammers based on posts' content, how many posts they make in just a few minutes, etc. No human would post 100 new topics in less than an hour on a forum about Apple laptops mentioning girls in Abu Dhabi. Just saying…

Link to comment
Share on other sites
Jim M Grand Master

Jim M

Posted
Posted
Just now, Rafael Fischmann said:

Even so, Invision Community's spam protection feature should be able to identify those spammers based on posts' content, how many posts they make in just a few minutes, etc. No human would post 100 new topics in less than an hour on a forum about Apple laptops mentioning girls in Abu Dhabi. Just saying…

Please keep in mind, here in support, I can only guide you on what is available in the software today. This is not a feature as it stands and if you would like to see it as one, placing this in the Feedback section is the way to go.
 

We recently added new spam prevention features to help with Geolocation on registration so that may assist you if you’re seeing a specific location of spam registrants. 
 

 

Link to comment
Share on other sites
AlexJ Veteran

AlexJ

Posted
Posted (edited)

Block them at Cloudflare / Firewall level. I have blocked bunch of IP's and ASN's and it took care of the issue. Just make sure you check - if the IP is from Data Center / Proxy and based on that update the rules, so no real users would get impacted.

Could contain: Page, Text, Document, Invoice

It also takes care off useless search bot who just aggressively scan for WordPress links. Ex:

Could contain: Page, Text, Document, Invoice

Edited by AlexJ
Link to comment
Share on other sites
Jim M Grand Master

Jim M

Posted
Posted
1 minute ago, AlexJ said:

Block them at Cloudflare / Firewall level. I have blocked bunch of IP's and ASN's and it took care of the issue. Just make sure you check - if the IP is from Data Center / Proxy and based on that update the rules, so no real users would get impacted.

Could contain: Page, Text, Document, Invoice

 

Would be very careful about doing something like this. Don't want to be overzealous in doing so or you may accidentally block legitimate traffic. Maybe that's a legitimate user using a VPN or a third party service you're running which runs in a datacenter or something else entirely.

Link to comment
Share on other sites
Rafael Fischmann Explorer

Rafael Fischmann

Posted
Posted
58 minutes ago, Jim M said:

Would be very careful about doing something like this. Don't want to be overzealous in doing so or you may accidentally block legitimate traffic. Maybe that's a legitimate user using a VPN or a third party service you're running which runs in a datacenter or something else entirely.

Yeah, I'm always afraid of blocking IPs. I only block the ones which are red flagged by https://www.abuseipdb.com/

Link to comment
Share on other sites
AlexJ Veteran

AlexJ

Posted
Posted
5 hours ago, Jim M said:

Would be very careful about doing something like this. Don't want to be overzealous in doing so or you may accidentally block legitimate traffic. Maybe that's a legitimate user using a VPN or a third party service you're running which runs in a datacenter or something else entirely.

I normally check using https://www.ipqualityscore.com/ - it is accurate overall, especially this M27 or datacenter related IP's. 

We normally mention on site, users should remove Proxy if they face the issue. 

Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...