Continue to get hit daily....

[tj.baker]

Hello all,

Even with 3 anti-spam measures in place, one of which is Botscout, our forum continues to get daily spam.

This leads me to believe that we are either getting hit by a real person, or bots that are not yet on the botscout list (have searched the botscout db with email address' and ip's each time)

I would really love to help put a stop to these ermmm, *people I guess (trying to keep it clean) and their spamming. 

If these spam messages are indeed coming from bots, I have two questions:

1. How can I get the info to you guys so that the info can be added.
2. Do you have ANY input as to how I might stop this madness?

Thanks for your time and for the service.

Cheers,

TJ Baker

[Mike]

1. How can I get the info to you guys so that the info can be added.
2. Do you have ANY input as to how I might stop this madness?

I usually set up a couple of 'tripwire' form fields hidden by CSS in the registration form, and then check to see if ANY data is present when the form is submitted. If there's any data in the tripwire fields, we fail the registration.

You can also disallow the posting of any message with any kind of link in it (http, htttp, ftp, or www) until the user has some number of "real" messages to their credit. This may take a bit of modification depending on your forum software, but it works pretty well.

[tj.baker]

Hi Mike,

Thanks for the input!

Would you mind elaborating on how you do:

I usually set up a couple of 'tripwire' form fields hidden by CSS in the registration form, and then check to see if ANY data is present when the form is submitted. If there's any data in the tripwire fields, we fail the registration.

This sounds like an interesting solution but I need a bit more input on what you mean.

Also, are you for hire to implement either / both of the solutions you mentioned?  We're using SMF, and as I mentioned we get hit daily (with a break every once in while )  I'm not a programmer and it takes me some time to implement solutions.  Having a pro do these things would be well worth the money in our case.

Thanks again for your help.

tj

[MysteryFCM]

Code: [Select]

<div style="display: none"><input type="text" name="somerandomfield"></div>
Then you check it in the PHP code using;

Code: [Select]

if($_GET['somerandomfield'] !=''){
    // We're not meant to have anything in here
    die('We don\'t like spammers ........');
}
If you're using POST instead of GET, then $_GET would be $_POST