My little forum is 19 months old. Thanks to a couple popular pieces of linkbait and judicious use of internal links, I've gotten a solid PR for a small forum and am currently getting substantial referrals from search engines for a wide variety of queries. All is well with the engines.
My reward for this modest success is an steady stream of spam account signups. I have email activation enabled for account signups, and very few of them complete this successfully (say 1 in 10), so I figured this was a script that kept track of throwaway free email addresses and automated account signups. My presumptions were supported I thought by account signups coming from a cluster of IP addresses that belongs to servers at a large hosting company known for cheap dedicated servers. They also used a few telltale domains in their throwaway emails, akaing them easy to spot.
At this point in my quest, I figured that I was needing countermeasures against scripted signups. So the low-hanging fruit was to alter the URL that is associated with signups, so that a script that searches for targets and automates submissions with a hard-coded URL particular to a certain forum software would break (due to intentioanl violation of its assumptions).
So a quick bit of PHP hackery ensued, and I sat back to watch the results. No change. I had previously disallowed the signup page in robots.txt, and was highly confident that page was not indexed by the major engines. So it was not a cached version of the script either.
My conclusion: humans, probably assisted by scripts, are signing up to my forum with the express intent to post spam.
If it's happening to me, it is almost certainly happening to you. I am in no way a high-value target. I get a paltry few thousand page views a day. My topic is a narrow niche, and hte spam is entirely off-topic, consisting of the usual porn, pills, and casinos fare.
I post not seeking tech help (I am formulating further technical countermeasures, and I'll share once I have some sense of their effectiveness), but seeking the benefit of the community's collective experience. I'd like to understand the problem better to fight it more effectively. (Nods to IncrediBILL.)
My questions for the esteemed forum103 audience:
1) Is this happening on your boards? (Maybe at a level beneath your awareness)
2) Did you take countermeasures?
3) Are the countermeasures effective?
Fun metric: my last 50 signups comprised a minimum of 45 spammers. 90% bogus signups since the beginning of the month. One account has not conclusively proven genuine, so I call 90% a conservative estimate. Anyone else got it this bad?