- This topic has 9 replies, 3 voices, and was last updated 12 years, 10 months ago by
.
-
Posts
-
We are getting bogus user registrations that are posting huge amounts of spam links in our forum…
I have been manually deleting them all and the users and blacklisting the ip addresses and email addresses that they have used but they just keep coming.
I have implemented all of the different security measures I can come up with and still there is some getting through.
The site is http://mrbillstunes.com
any help is greatly appreciated!
cheers
Ben
What version of eMember and WordPress are you using? Which forum software are you using? How is your forum user signup handled?
I am using the latest of both (I believe)
WordPress – 3.3.1
emember – v7.5.0 (says in dashboard)
it is getting worse, i tried implementing a new forum using bbpress and as soon as i created forums, there was spam posts in them and over the past week or so, there has been roughly 200 spam user registrations…
Just to make sure… you are using the reCAPTCH on your registration page right?
Please do the following:
1. https://support.tipsandtricks-hq.com/forums/topic/re-install-or-load-a-fresh-build-of-the-plugins
2. Go to the settings menu of eMember and enable debug by checking the “Enable Debug” checkbox.
3. As soon as you get a spam registration send us the debug file (eMember_debug.log) from the eMember directory so we can analyze it.
You can use the contact form on our site to get in touch with us so you can send us a file.
Yes, We use recaptcha on reg page.
we just did a fresh install of the plugin due to wordpress upgrade and because of this issue aswell, everything except the spam stuff is fixed now….
so step 1 has just been done,
i enabled the debug and left it at that point, so we have a log file since the 23 Dec, in which more than half would be spammer registrations.
I’m sending the file through now.
thankyou for your help, this has been very frustrating and is quite serious as it doesn’t look good for our visitors and subscribers.
I wish I bookmarked the original article… but the latest thing is a recaptcha cracking service, which provides an API for spammers, which then sends the image to tons of people working in third world countries for pennies a day.
The article then goes on to suggest the use of “cultural recaptcha” puzzles; in which a user with an American IP address might be asked “who is the first elected leader of your country?”
We havn’t been able to use our forums since this happened and it is still a problem, users with all these fake accounts are logging in but without a forum they cannot post anywhere.
You mention something about spam registration on your forum. How are you certain that those are coming via eMember? Have you considered the fact that the forum software maybe allowing spam registrations too unless you have taken precautions to guard that?
For example, I personally use BBPress and I had a big spam registration issue too until I manually added reCAPTCHA in my BBPress install using this (all of those spam registrations were coming via standard BBPress registration page):
http://www.tipsandtricks-hq.com/bbcaptcha-a-working-recaptcha-plugin-for-bbpress-forum-2529
There are ways to cut down on spam registration easily. For example: you can use the “Email address confirmation” option together with reCAPTCHA which will significantly reduce the chance of a spammer be able to create an account. Anyway, I have sent you an email to get access to your site so I can check your settings and investigate debug log to see what is going on.
- You must be logged in to reply to this topic.