HELP! I'm getting spammed!

[kallu]

Quote:

Originally Posted by juicecowboy

Hey, sorry for the delay. Basically, it didn't. I've since installed the reCaptcha option and I've been OK. But I read here that it doesn't matter what I'm doing for registration, the bot can still get the site if it wants to so I've just been lucky for a while I guess.

"..doesn't matter what I'm doing for registration, the bot can still get the site if it wants to.."

This is not the case.
Fortunately using a captcha other than the default one fixes the problem for good.

Please see:
SOLUTION for "site was hacked" !!!

[itsonlychand]

Can you please check why my registeration form is not showing up at

Tagza: Social Bookmarking site / Register

I have FriendlyURLs ON

Please help

[not2serious]

Quote:

Originally Posted by itsonlychand

Can you please check why my registeration form is not showing up at

Tagza: Social Bookmarking site / Register

I have FriendlyURLs ON

Please help

I see the registration page when I followed the link ... IE6

[omeany2]

In our case it is pretty easy to tell which members are fake. The pattern for th email addresses are always 2 names on either side on the @ with leading caps. So if you can figure out the pattern you can just delete the fake users.

BTW: We've had something like 60k bot sign-ups. Its something like independence day....a countdown to disaster. lol.

[nuspawn]

Single Step Reg. solved problem 4 me, had to delete over 4,000 bogus users from the database. I currently don't see any evidence of the problem, but I have recently been hit with a suspension by my hosting service, stating that I'm consuming over 10% of the shared server's resources.

Is it possible that this problem can still be impacting server resources?

Month to date, the site has used less than 1% of its bandwidth, it has about 8,000 stories, the RSS Importer is run once a day, I use Feedburner to create lists from the sites RSS feeds which I place in my Blog sidebars, other than a link exchange script there is nothing major running.

My Dec stats showed an avg. of 12,200 hits/day, month to date for Jan shows 6,800 hits/day.

Is there something else I should be looking at?

[Geoserv]

I have had 3000+ signups since yesterday afternoon. No comment posts yet.

I have read all comments in this thread and no one method seems to work for everyone.

For now, I'm not going to worry about it since they aren't posting.

Geoserv

[ksmetana]

Hi, I tested this one, but it doesnt work..... :-(

[newsome]

Hello.

Has anyone tried either of the following methods:

~~~~~~~~~~~~~~~~~~~~~~~
1) keep the filename 'register.php' as is but rename the e.g. do_register2() function in that file and correspondingly in 'register_center.tpl'. I'm thinkin' that bots need to know the name of the function in order to call them.

2) use the 'Sessions' feature to do the checks from behind the scenes. I'm not real experienced with sessions nor done much with 'Smarty' code, but I hope bots can't access values they either don't see nor know about.

If this is doable, maybe do the checks starting with either 'do_register0()' or 'do_register1()' or 'register_step_1.tpl' and/or 'register_step_2.tpl' by creating some arbitrary variable(s) that no one knows the name of but you.

Then, set its value as some random or automatically-assigned value or by variable calculation; then confirming its value or boolean in say, at the beginning of 'do_register2()' before sending the data to the database so if the check doesn't work, the data isn't sent by virtue of a 'return' statement within the 'if' conditional statements.

This routine is not meant to be seen by users like Captcha -- it's mainly to be sure that only your files and routines on your server are actually used, therefore not providing others with data names and using them in alternate methods. Note: If done in the '.tpl' files, I'm guessing sessions would be done between {php}...{/php} tags.
~~~~~~~~~~~~~~~~~~~~~~~

Just a couple of new approaches to give some thought to.

If anyone tries either of these methods and gets them to work, please share your results with us in this thread.


Thanks.

[cricketgod]

I was getting bunch of spams but after the I enabled recaptcha it seems no bad story coming in the way.

[cybertooth]

even though with recaptcha i've notice bots still can register ... how's that?
as if they have other method of accessing the database .. ..

is there a way to get an email confirmation?

I hope someone can help us here ... pligg is a very good piece of software ..