Spammers registering on 2.1 forum despite reCaptcha

Started by LandyVlad, Jun 17, 2019, 08:04 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

LandyVlad

I am using reCaptcha (v2 naturally) as my spam prevention method.
My understanding of this is that it is supposed to stop spammers from registering?

On my new 2.1 RC2 forum https://commandocomics.org/   I have had 4 regiustartions (though not yet posted) of evident fake users.
All have a yandex email address, and have location entered as US. Does yandex mean anything to anyone?

BreakPr / breakignng@yandex.com / 31.184.238.190
ChrisPr / chrissf@yandex.com / 31.184.238.190
FlorPr / ffrrissf@yandex.com / 31.184.238.190
Lukeevego / akasodsliko@yandex.com / 31.184.238.190
MiraPr / fffonaewrdfrgew32f@yandex.com / 31.184.238.190


What's the best way to deal with these?
- Ban domain yandex.com?
- Ban on IP  31.184.238.190 ?

Ultimately I want to find a long term solution to such registrations, whether from this IP or otherwise.


I've never seen a genuine user with a yandex email address - but certainly a number of spammers flagged in my 2.0 forum had those addresses.

Naturally I'm concerned regarding the security of the forum, and it was my impression that reCaptcha was very good at preventing that. How true is that statement?

For the record I do have the forum regustration set to 'instant registration' as there seems to be some issues with email (not) generating meaning that email verification isn't a great idea...

I also do not, at this stage, have any questions set in the registration process.

Thanks for your help  :)

(Yes, I have also posted this on the official SMF forum).
I reject your reality, and substitute my own.

Oldiesmann

Yandex is a Russian search engine/web portal (similar to Google). It's not uncommon to see spammers with email addresses from them.

I've found a great way to prevent spammers from registering is to enable both reCaptcha and SMF's built-in visual verification. It seems to be a bit overkill but it works well.
Cincy Space - now open! https://www.cincyspace.net

Bigguy

You should also have questions in place as well. It helps a great deal.

LandyVlad

As all those are from the same IP, Would banning that IP be a good idea as well? Or is banning in that way not a good idea?
I reject your reality, and substitute my own.

lesmond


The only person who got all his work done by Friday was Robinson Crusoe

Skhilled

If you have a VPS ban the IP in WHM. If using shared hosting then ban them in cPanel. However, you must remember that IP's can be easily spoofed and you'll think they are one thing when they are not. You can spoof Google, Yandex and almost anything.

The best practice is that if you ban the IP you should unban it after awhile ( a few months). IP's are reused eventually and you don't want to potentially ban a legit person down the road.

LandyVlad

I'm on a shared hosting server.  Why not just ban through the SMF software rather than cpanel?
I reject your reality, and substitute my own.

Skhilled

Sorry been very busy. Banning on cPanel will ban them on your entire hosting space, not just one forum. This is especially useful if you have multiple forums like most of us do even though they may be just test forums to play with mods or themes, etc.

Always ban them in cPanel if they are very troublesome. If it's just a user acting stupid them or a bot that is a minor nuisance then ban them on the forum.

Ronald

I use the reCaptcha and I have 7 questions installed I require two questions to be be answered plus the reCaptcha

Q. What is used to hammer a nail into wood
A. hammer    

   

Q. How many wheels does a two wheel motorcycle have
A. two    

   

Q. All posts in the forums are made in what language?
A. English    

   

Q. What is the 7th. month of the year
A. July    

   

Q. A red rose is what colour
A. red    


Q. How many rooms in a one room house
A. one    

   

Q. If the sky is blue and the lake is blue, what colour is the grass
A. green    

   

Q. What is another name for spectacles
A. glasses    

   

Q. What is used to open a door lock or a pad lock
A. key

I do the same for both my forums..Haven't seen a spammer in ages..

When I do need to ban a registration, I ban the User Name, Email Address, the IP I leave alone, because you also ban that area the IP comes from

LandyVlad

I reject your reality, and substitute my own.