| 6:35 am on Mar 28, 2007 (gmt 0)|
My guess is, the questionable registrants intent to use your forums to post ads.
Why Russia? Could be economics. Russian economy has been in the tank for years. Some people in Russia may see spam ads as quick and easy money.
| 7:19 am on Mar 28, 2007 (gmt 0)|
I've gotten many of those registrations from *****@mail.ru in the past myself, I'm a local forum so someone from Russia would not have any interest. They are most likely bot registrations and unless you have it disabled you'll see they have their link in the website field. Some will eventually start posting. Usually something stupid like "I agree with that" etc.
They want inbound links to their site. Even if they do not have the website field in what they'll do is post a few messages like the one above, hope they don't get caught, then come back and fill in the signature field at a future date when the post has been buried and/or fill in the website field.
The other method is they'll post some legitimate looking links, "Check out these cool pictures" which will go to legitamte cool pictures... :) After a week or two they'll do a redirect to spam page on their server. May even be in combination with editing the post... You're none the wiser because the post has been buried.
I simply denied the use of @mail.ru since there was so many of them. That is really not a very effective because they can use any amount of email addresses. Depending on the forum software you are using there are things you can do to prevent them from signing up in the first place.
I'm only familiar with phpbb but the only sure fire method I've com across is to ask a simple question. For my forum I have a line of text that is above the registration. Within the paragraph is underlined word, the question the registrant has to answer is type in the underlined word above. Simple for anyone to understand and still accessible for the visually impaired.
I've had 0 spam posts or regitrants in about year now, the reson it's so effective is because it's not standard on a phpbb forum. Addtionally the question and answer is particualr to my forum. They don't make bots that smart. ;)
| 7:40 am on Mar 29, 2007 (gmt 0)|
Thanks for the suggestions. I'm pretty sure they aren't posting spam because I read every forum post (it's not a very busy forum). They aren't even making any legitimate (non-spam) posts. They're just silent (for now), at least the ones I didn't remove or reject.
They aren't listing any website addresses, but I guess they could come back and add them.
I have added a short routine that makes users type in a random text string. It's not quite Capcha, but it might fool simple bots.
| 3:47 pm on Mar 29, 2007 (gmt 0)|
|I have added a short routine that makes users type in a random text string. It's not quite Capcha, but it might fool simple bots. |
This approach will probably serve you better than using the awful, barely-legible image captchas that you sometimes see. A text-based captcha is also more accessible.
Sometimes these bots will be signing up in the hope of finding memberlists that have guest view enabled, so they don't even have to post to get the benefit of a backlink. Making your memberlist only viewable by members will prevent them from getting any benefit from signing up, but it won't stop them coming. They are most likely finding you by searching for the common name for a registration page: registration¦register¦submit.php¦asp. Try renaming your pages, if possible, to non-dictionary words.
| 7:04 am on Mar 30, 2007 (gmt 0)|
|This approach will probably serve you better than using the awful, barely-legible image captchas that you sometimes see. A text-based captcha is also more accessible. |
Agree 100%, the key is uniqueness , bots are programmed to take advantage of stock or widely used captcha methods. By using a custom method it's practically impossible for them to get by short of the person running the bot going to each registration form and adjusting the bot.
| 10:29 pm on Mar 30, 2007 (gmt 0)|
if your business or topic is not of International nature.
you could add a script that looks for IP and is tied to a worldwide database list of IP and ban countries that you are not interested in.
| 10:57 pm on Mar 30, 2007 (gmt 0)|
The text string seems to be effective and the number of bogus registration attempts has dropped dramatically since I added that code.
The fact that you could figure out the text if you looked for it in the page source doesn't seem to have prevented it from working!
I guess just being different is enough (at least for now).