FM Graphics Posted June 5, 2023 Posted June 5, 2023 Hi Guys I could really do with some help urgently as my site has been overrun by spammers all morning. It's not something I have experienced at this level but it is out of hand at this point.
Marc Posted June 5, 2023 Posted June 5, 2023 I have taken a look at your settings there, and while spam at present is indeed an issue for a lot of people (there is simply a massive amount out there at present), I would suggest the following: Switch to hCaptcha - Once you have done this, also increase the sensitivity of this on your account on hCaptchas website until it helps reduce this Add question and answer challenges. - At present you have none of these on your site tnn, Miss_B and Football Manager Graphics 2 1
Rafael Fischmann Posted October 16, 2023 Posted October 16, 2023 For the past 3 days, we've been hit by more than one hundred spam accounts, which we've manually blocked. We've switched from Invisible Captcha to hCaptcha this morning, but I've already blocked a couple of spammers since then, so I'm not sure it'll do the trick. A few of those spam accounts were able to post hundreds(!) of spam topics on our community.
Randy Calvert Posted October 16, 2023 Posted October 16, 2023 Take a look at the CleanTalk plugin. It's done a good job in reducing spam on our site. It's not perfect (nothing is honestly), but it's certainly been a help in the fight! https://cleantalk.org/help/install-ipboard4
Jim M Posted October 16, 2023 Posted October 16, 2023 21 minutes ago, Rafael Fischmann said: For the past 3 days, we've been hit by more than one hundred spam accounts, which we've manually blocked. We've switched from Invisible Captcha to hCaptcha this morning, but I've already blocked a couple of spammers since then, so I'm not sure it'll do the trick. A few of those spam accounts were able to post hundreds(!) of spam topics on our community. Looking at your community, you may wish to enact the Question/Answer challenge as well. CAPTCHA alone will not stop all spam but will help. Enacting the correct question/answer challenge, which is easy for your users but hard for bots/human spammers, will also greatly assist.
Rafael Fischmann Posted October 16, 2023 Posted October 16, 2023 36 minutes ago, Jim M said: Looking at your community, you may wish to enact the Question/Answer challenge as well. CAPTCHA alone will not stop all spam but will help. Enacting the correct question/answer challenge, which is easy for your users but hard for bots/human spammers, will also greatly assist. We've always had those Question/Answer challenges, Jim. They're bypassing them somehow, and most of them are using Google's login as I can see. A couple of new ones from the past hour: https://d.pr/i/mKTb8p https://d.pr/i/DAFIJx
Joel R Posted October 16, 2023 Posted October 16, 2023 Welcome to the spam waves! Many Invision Communities have been hit since spring with these massive spam waves. It's been frustrating. Some suggestions: - in hcaptcha, make sure you switch to difficult mode. - switch up and rotate your challenge questions. In my experience though, this only stopped it for 1 or 2 days - you may want to turn on automatic moderation - cleantalk plugin (which does have a small fee) does help tremendously but I also think it catches some false positive of actual users too.
Rafael Fischmann Posted October 16, 2023 Posted October 16, 2023 3 minutes ago, Joel R said: Welcome to the spam waves! Many Invision Communities have been hit since spring with these massive spam waves. It's been frustrating. Some suggestions: - in hcaptcha, make sure you switch to difficult mode. - switch up and rotate your challenge questions. In my experience though, this only stopped it for 1 or 2 days - you may want to turn on automatic moderation - cleantalk plugin (which does have a small fee) does help tremendously but I also think it catches some false positive of actual users too. Thank you, Joel. Really appreciate the tips/suggestions!
Jim M Posted October 16, 2023 Posted October 16, 2023 13 minutes ago, Rafael Fischmann said: We've always had those Question/Answer challenges, Jim. They're bypassing them somehow, and most of them are using Google's login as I can see. A couple of new ones from the past hour: https://d.pr/i/mKTb8p https://d.pr/i/DAFIJx That would likely indicate that it is too easy to google or an answer that bots can calculate. It is not something you just set a question/answer. You have to test many and balance the results with spammers that get through and humans struggling to answer it. In my personal experience, the right question/answer challenge removes a great deal of spammers. However, no spam prevention is absolute.
Rafael Fischmann Posted October 16, 2023 Posted October 16, 2023 1 minute ago, Jim M said: That would likely indicate that it is too easy to google or an answer that bots can calculate. It is not something you just set a question/answer. You have to test many and balance the results with spammers that get through and humans struggling to answer it. In my personal experience, the right question/answer challenge removes a great deal of spammers. However, no spam prevention is absolute. Even so, Invision Community's spam protection feature should be able to identify those spammers based on posts' content, how many posts they make in just a few minutes, etc. No human would post 100 new topics in less than an hour on a forum about Apple laptops mentioning girls in Abu Dhabi. Just saying…
Jim M Posted October 16, 2023 Posted October 16, 2023 Just now, Rafael Fischmann said: Even so, Invision Community's spam protection feature should be able to identify those spammers based on posts' content, how many posts they make in just a few minutes, etc. No human would post 100 new topics in less than an hour on a forum about Apple laptops mentioning girls in Abu Dhabi. Just saying… Please keep in mind, here in support, I can only guide you on what is available in the software today. This is not a feature as it stands and if you would like to see it as one, placing this in the Feedback section is the way to go. We recently added new spam prevention features to help with Geolocation on registration so that may assist you if you’re seeing a specific location of spam registrants.
AlexJ Posted October 16, 2023 Posted October 16, 2023 (edited) Block them at Cloudflare / Firewall level. I have blocked bunch of IP's and ASN's and it took care of the issue. Just make sure you check - if the IP is from Data Center / Proxy and based on that update the rules, so no real users would get impacted. It also takes care off useless search bot who just aggressively scan for WordPress links. Ex: Edited October 16, 2023 by AlexJ
Jim M Posted October 16, 2023 Posted October 16, 2023 1 minute ago, AlexJ said: Block them at Cloudflare / Firewall level. I have blocked bunch of IP's and ASN's and it took care of the issue. Just make sure you check - if the IP is from Data Center / Proxy and based on that update the rules, so no real users would get impacted. Would be very careful about doing something like this. Don't want to be overzealous in doing so or you may accidentally block legitimate traffic. Maybe that's a legitimate user using a VPN or a third party service you're running which runs in a datacenter or something else entirely.
Rafael Fischmann Posted October 16, 2023 Posted October 16, 2023 58 minutes ago, Jim M said: Would be very careful about doing something like this. Don't want to be overzealous in doing so or you may accidentally block legitimate traffic. Maybe that's a legitimate user using a VPN or a third party service you're running which runs in a datacenter or something else entirely. Yeah, I'm always afraid of blocking IPs. I only block the ones which are red flagged by https://www.abuseipdb.com/
AlexJ Posted October 17, 2023 Posted October 17, 2023 5 hours ago, Jim M said: Would be very careful about doing something like this. Don't want to be overzealous in doing so or you may accidentally block legitimate traffic. Maybe that's a legitimate user using a VPN or a third party service you're running which runs in a datacenter or something else entirely. I normally check using https://www.ipqualityscore.com/ - it is accurate overall, especially this M27 or datacenter related IP's. We normally mention on site, users should remove Proxy if they face the issue.
Kjell Iver Johansen Posted October 17, 2023 Posted October 17, 2023 I suggest IPS add possibility to add answers as Numbers in QA Section. Then we could add math questions as challenge - several sites use this as an option.
Daniel F Posted October 17, 2023 Posted October 17, 2023 43 minutes ago, Kjell Iver Johansen said: I suggest IPS add possibility to add answers as Numbers in QA Section. Then we could add math questions as challenge - several sites use this as an option. That’s way too easy for bots. teraßyte 1
Recommended Posts