Welcome to WebmasterWorld Guest from 54.234.63.187

Forum Moderators: rogerd

Message Too Old, No Replies

How to prevent spammers from posting

not if they post right away

     

bcc1234

1:16 pm on Feb 3, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



It seems that a lot of times, people create accounts on message boards with the intent to spam, but don't post anything right away.

I'm guessing it's a type of outsourced job. Where someone just provides the list of forums where they registered.

In such cases, most of the time they use the same user id on all boards.

So it's easy to use Google api to run a search on each new registered user. Check the number of estimated results. And if there are a lot of results, just flag them for a possible lock. Or just lock them after a manual review of the search results.

Of course, there are plenty of names like "Mike" or "Jane" that would have serps with a great number of results.

But most of the time, you'll have a clear indication.

Here is one example that just flagged on my board: corpobb

Anyway, if you have a problem with "sleepers" registering in great numbers, you might want to try this approach. It's not hard to automate and get e-mail notifications with links to serps pages for all suspicious new accounts.

Yoshimi

1:27 pm on Feb 3, 2009 (gmt 0)

5+ Year Member



I am quite wary of this method, when I first started using forums I must have joined 20 on every subject I was interested in with the intention of posting, after a while some were good and some not so much (now there are 3 I post in actively and 1 I check in on from time to time) what sort of numbers would you need to find in order to prevent someone from posting in your forum?

maximillianos

2:52 pm on Feb 3, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Good reporting tools help eliminate this problem. And a good team of mods. I have a page where power users can review the latest comments from any page on the site. You would be amazed at how many spammers my users catch. Then my mods catch the rest. Obviously a few will get through, but I'd say we get 99% of them.

thecoalman

5:19 pm on Feb 3, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Not very effective IMO because you're going to be getting a lot of false positives.

I know phpBB has eliminated the bots at this point as the image captcha has not been broken and there are already plans on how to step it up when it is.

That really leaves humans, I'd look to the forum software for solutions whether they are built in solutions or mods. phpBB for example has a new feature as of 3.0.3 that will kick the first X posts to the moderation queue for new members for review by a moderator before it gets posted.

tangor

6:04 pm on Feb 3, 2009 (gmt 0)

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



I use a double opt in method. Any one can look. Only registered can post, and to register they have to register first with valid email address and the remaining part of the registration is sent to that email address. Failure to complete those instructions never advances the user account to posting privileges. So far seems to work. On those few that have tried spam after that I have a valid email account to go after... but never have had to go that far (fingers crossed!)

thecoalman

7:42 pm on Feb 3, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



the remaining part of the registration is sent to that email address

That's an interesting idea, I'm assuming by that you're not referring to the activation email and you're sending them a form to complete in the email? If the user has HTML disabled?

The image captcha in phpbb has worked so well I've disabled email activation myself. It's only a speed bump for human spammers....

tangor

8:27 pm on Feb 3, 2009 (gmt 0)

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



They are sent an activation code and URL to insert that code. I don't get that back, they don't get to post. Plain text email. Oh, one other thing, the URl in the email is randomly generated and deleted after 3 days.

Swanny007

3:21 am on Feb 4, 2009 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



What I've recently switched to with phpBB3 is I ask a question that's required for them to register (a custom profile field only displayed during registration). I give them a Yes/No type question to answer. It defaults to the wrong answer, so you have to change the drop down option to the other option. Then I disabled e-mail activation. We'll see how that goes. Oh, another thing is I block a large number of IPs from countries that have no real need to come to my widget site. It's predominately geared for North Americans so I block russia, germany, etc. as their spambot IPs show up.

camweh

9:30 am on Feb 6, 2009 (gmt 0)

10+ Year Member



Over the last few days I've used the above Custom Profile method Swanny007 mentioned. But I've used the numbers option - I list seven double digit numbers and ask new registrants to type the second number. Stopped the spambots stone dead so far.

Ivun

12:33 pm on Feb 8, 2009 (gmt 0)

10+ Year Member



A very simple solution that works very good:

<input type="text" style="visibility:hidden" name="email" value="">
(or use a CSS class with visibility:hidden set)
Then in the registration script you check if the email field is set. If it is, you ban that user. Of course you need a separate field for the real email.

thecoalman

6:57 am on Feb 9, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



(or use a CSS class with visibility:hidden set)

I believe if the user is seeing impaired most of those browsers throw out the CSS rules and they will see the field?

 

Featured Threads

Hot Threads This Week

Hot Threads This Month