Welcome to WebmasterWorld Guest from 18.104.22.168
Forum Moderators: rogerd
So the monkeys were succeeding in posting 5-10 link filled comment spams -- despite my site adding rel=nofollow into every anchor tag for longer than my captcha test has been in effect -- per day. Many were objectionable porn-related sites and link keywords.
My latest countermeasure: Link URL blocking. I wrote a function that pulls the link domain name from a selected post (via my admin screens) and then saves them to a table. Any subsequent post that contains that domain name is simply ignored. So far it has been amazingly effective!
I don't think my captchas are being programatically hacked
Don't be so sure about that. Most captcha monkeys are "script" monkeys.
OCR reading is getting better, vbulletin AND phpbb captcha is routinely defeated with scripts out of the box...
Now, adding a humanizer question to the log in process (lots of hacks for boards do this) like: The sky is ____ (type the word blue)
The questions are easy and RANDOM. There is no scripting defeat for this so far.
I implemented the above when spammers were starting to filter through my captcha and it ended it stone cold dead.
I used to think like you, that these few that got through were manual entries, but they are not.
Spammers are inhertantly lazy. They will not lift a finger if a script will do the job. Your site to much hassle to script? They just forget you and move on. Their concern is to target and succeed with getting into the MAJORITY of the boards.
Blocking URLs is also a very good idea, congrats. The safest board from spammers are the boards that use multiple security measures. Combining captcha, humanizing questions and your URL hack will likely make your board spam free for many many years.
[edited by: PeteM at 10:14 pm (utc) on April 17, 2007]
For phpBB search phpBB.com for "VIP Mod". This mod allows you to ask an additonal question on registration (the answer to which can be anywhere on your site). It took me about 10 mins to install and has eliminated all spam on my board.
There is also one for phpbb called "The Humanizer" and there is a free one too for Vbulletin called "Nospam!" they both do it.
Instead of user names like "dg749937" there are usernames like "Kathy_Sullivan".
Instead of Titles like "Buy Cheap Pills Here!", Titles like, "Hello www.my-forum-name.com, I'm new here!"
Mesage body would read something like:
"Hello, My name is Kathy and I'm a stay at home mum. I'm so glad I found www.my-forum-name.com and have had a lot of fun reading all the posts."
Individual letters within the post body link to about a dozen spam sites.
No doubt about it, spam is getting smarter.
Trick is use it WITH captcha, not instead of. I find it hard to believe that adding yet another road block for them "increases" their activity, it defies logic and common sense. It may be that you recently got a tremendous surge in traffic and this is just a coincidence.