Why doesnt question and answer at registration stop spam registrations.

[CAG CheechDogg]

@ Max Taxable

I could care less if Captcha and Q&A annoys "humans", if they really want to join my forums they have to go through the process.

Even with Captcha on, I am still getting people to register, just this month alone I have 88 new registered members and none of them are spam accounts, last month I had 70+.

You choose not to have moderators and that is fine, everyone's sites and forums are different and serve different purposes.

I happen to know a spammer and from him telling me how they find sites to spam is pretty impressive. They have figured out a way to scan sites for any kind of script that slows down and tries to deny registration to bots and humans. They don't always do it just to spam, they do it to show people that no matter what they can still get through your registration process regardless of what anti-spam system you have.

So in other words, the more "you" try to stop them the more they are going to mess with you, especially if you have a pretty active site or forums.

I don't want to be getting emails with details about bots and besides I have blocked and every day I add new IPs and ranges to block most bots. Getting emails every day about bots is just not something everyone wants to deal with. If you do that is fine, it annoys me.

[Max Taxable]

Quote:

Originally Posted by CAG CheechDogg

@ Max Taxable

I could care less if Captcha and Q&A annoys "humans", if they really want to join my forums they have to go through the process.

Even with Captcha on, I am still getting people to register, just this month alone I have 88 new registered members and none of them are spam accounts, last month I had 70+.

You choose not to have moderators and that is fine, everyone's sites and forums are different and serve different purposes.

I happen to know a spammer and from him telling me how they find sites to spam is pretty impressive. They have figured out a way to scan sites for any kind of script that slows down and tries to deny registration to bots and humans. They don't always do it just to spam, they do it to show people that no matter what they can still get through your registration process regardless of what anti-spam system you have.

So in other words, the more "you" try to stop them the more they are going to mess with you, especially if you have a pretty active site or forums.

I don't want to be getting emails with details about bots and besides I have blocked and every day I add new IPs and ranges to block most bots. Getting emails every day about bots is just not something everyone wants to deal with. If you do that is fine, it annoys me.

I was merely describing what I do, not recommending it. I have been a active botnet fighter for 11+ years. I am well aware of their techniques and research. I've also been instrumental in shutting down a couple, one admin of which is sitting in US federal prison.

The scripts I use aren't detectable and don't slow down the registration process at all.

Project Honey Pot data is used by quite a few anti-spam plugins, not the least of which is Spam -o- Matic, for blocking known sources of forum spam. I collect data on spammers and enter that data at PHP. It's just a hobby that might have the side benefit of helping others.

I hate spam.

[CAG CheechDogg]

Lol...well good for you on putting that person behind bars. I hate spam too and have done my share, maybe I put something behind bars too but honestly I have never been told if I have or not.

But you did say that "The Captcha and the Q&A annoy humans. Plus, the "designer" spam bot programs are now defeating those. That's why I have tried to get away from using them." which is something I have not had a problem with.

Even your scripts will be defeated at some point and every script is detectable, what makes you think they are not, or the ones you use are not?

[Max Taxable]

Quote:

Originally Posted by CAG CheechDogg

Lol...well good for you on putting that person behind bars. I hate spam too and have done my share, maybe I put something behind bars too but honestly I have never been told if I have or not.

But you did say that "The Captcha and the Q&A annoy humans. Plus, the "designer" spam bot programs are now defeating those. That's why I have tried to get away from using them." which is something I have not had a problem with.

Even your scripts will be defeated at some point and every script is detectable, what makes you think they are not, or the ones you use are not?

By the same token - that is if your board is crawled by google and such, you WILL have the bigger autospam problems others enjoy. The bigger botnets WILL deploy on you, using the latest bot tech that goes right past captcha, Q&A, and the other native human verification tools.

For a script to be looked for, hunted for detection, there must be some clue first, just how the bots are being defeated. Lots of the anti-spam stuff deliver a "got'cha" type message when bots are blocked. That's self defeating. I've been using the time sensitive mod for over a year, it gives no "got'cha" and thus far, after stopping over 5,000 autospam registrations, there's no evidence the botnet admins are even aware of it.

[CAG CheechDogg]

Oh Google is searching the heck out of my site and forums I know that for a fact lol...

So you mean to tell me that there is nothing in that time sensitive mod that they are not aware of? That is pretty hard to believe.

I have never used the time sensitive mod because I honestly haven't had to use it, but others who have spam problems have. I don't want to ask you here why that mod is not detectable in order to prevent giving out clues, but good to know that the mod is a good one. Sometimes when I set up a site with forums for others they end up with big time spam problems and I could probably use that on their sites.

What works for me might not work for others, know what I mean?

[Max Taxable]

Quote:

Originally Posted by CAG CheechDogg

Oh Google is searching the heck out of my site and forums I know that for a fact lol...

So you mean to tell me that there is nothing in that time sensitive mod that they are not aware of? That is pretty hard to believe.

I have never used the time sensitive mod because I honestly haven't had to use it, but others who have spam problems have. I don't want to ask you here why that mod is not detectable in order to prevent giving out clues, but good to know that the mod is a good one. Sometimes when I set up a site with forums for others they end up with big time spam problems and I could probably use that on their sites.

What works for me might not work for others, know what I mean?

Yep, that's why sharing is indeed, caring!

I really have no idea why some boards get slammed with spam and others never seem to. It hasn't really been relative to how popular or busy they are, that I've seen. Like you, I have set boards up for people and they never see any spam, whilst others get spam hammered the first day! There's no rhyme or reason to it.

But definitely, having many torpedoes in the tubes to fight spam is preferred over relying on just one or two.

[CAG CheechDogg]

Just to add, this is Google's IP which is always crawling my site:

66.249.73.175

Baidu is 119.63.192.0 - 119.63.199.255 which I have completely blocked since I am not going to have any members for my video game site coming from China lol...

CHINANET Beijing province network 220.181.0.0 - 220.181.255.255 also one that I have completely blocked

This is one way to block Baidu in htaccess:

RewriteCond %{HTTP_USER_AGENT} Baiduspider
RewriteRule ^.*$ http://127.0.0.1 [R,L]

People just have to know what all this does to. That actually consumes (quite a bit) more processing power than a simple block does, meaning more resources are taken up dealing with Baidu than necessary.

But since blocking Baidu on my site spamming has gone done to almost nothing. I had the last spammer on my forums over 5 months ago. I was also thinking of blocking Googles cuz I honestly don't care if they crawl me or not but it would probably not be a good idea in the long run.

--------------- Added [DATE]1351016050[/DATE] at [TIME]1351016050[/TIME] ---------------

Quote:

Originally Posted by Max Taxable

Yep, that's why sharing is indeed, caring!

I really have no idea why some boards get slammed with spam and others never seem to. It hasn't really been relative to how popular or busy they are, that I've seen. Like you, I have set boards up for people and they never see any spam, whilst others get spam hammered the first day! There's no rhyme or reason to it.

But definitely, having many torpedoes in the tubes to fight spam is preferred over relying on just one or two.

Yes definitely buddy, I just started fighting spam myself and went through searches and searches to see what worked for "Me", in the end this is what has worked for "Me".

But I do want to gain knowledge on how to help others since I do build sites and forums for others as a "hobby" ...

So thanks for that bit of info my Friend.:up:

[Max Taxable]

Quote:

Originally Posted by CAG CheechDogg

Just to add, this is Google's IP which is always crawling my site:

66.249.73.175

Baidu is 119.63.192.0 - 119.63.199.255 which I have completely blocked since I am not going to have any members for my video game site coming from China lol...

CHINANET Beijing province network 220.181.0.0 - 220.181.255.255 also one that I have completely blocked

This is one way to block Baidu in htaccess:

RewriteCond %{HTTP_USER_AGENT} Baiduspider
RewriteRule ^.*$ http://127.0.0.1 [R,L]

People just have to know what all this does to. That actually consumes (quite a bit) more processing power than a simple block does, meaning more resources are taken up dealing with Baidu than necessary.

But since blocking Baidu on my site spamming has gone done to almost nothing. I had the last spammer on my forums over 5 months ago. I was also thinking of blocking Googles cuz I honestly don't care if they crawl me or not but it would probably not be a good idea in the long run.

I use Simon's "Ban Spiders by User Agent" to block the bad crawlers like Baidu. Here's the list I have populated on that so far:

baiduspider
beta.statsit.com
statsit
SiteIntel
Yandex
GomezAgent
FunWebProducts
Nesotebot
DCPbot
AOL Advertising R&D
DataCha0s
aiHitBot
Apache-HttpClient
Zend_Http_Client
ReverseGet
XXX bot Content
vBSEO
spbot
OffByOne
thyroidbuzz
AcoonBot
coccoc
xpymep
proxyproxy2884
AppEngine
start.exe
Semiocast HTTP client
Firefox/3.6.23
TurnitinBot
curl
SwpLc/1.6
GrepNetstat.com
news bot
AskTbPTV
checks
panopta
App3le
PhantomJS
AlwaysOnline
SISTRIX
proximic
CRAWL-E/0.6.4
WebMoney
Maxthon
HTMLParser
oBot
UnisterBot
ERACrawler

Some of those aren't bots, they are hijackers and toolbars that appear in the user agent string of alot of autospam zombie computers. I also have MSIE 0-7 in this list, there's still tens of millions of those infected and are the most common zombies out there. If a human is using any of those dinosaur browsers, I really don't want them on my site anyway.

[CAG CheechDogg]

Oooooooooooooh nice! hahah....

I am going to check that out Max! That has them all that I can see...BAM! ...

--------------- Added [DATE]1351016617[/DATE] at [TIME]1351016617[/TIME] ---------------

Ah poop! But that one sends out emails and there is no option to turn it off right? That's the one?...

[Max Taxable]

It's also handy since the bots can also spoof their user agent, masking themselves as nonexistent (or even existent) versions of legitimate browsers, such as the "Firefox/3.6.23" listing you see there.

--------------- Added [DATE]1351016860[/DATE] at [TIME]1351016860[/TIME] ---------------

Quote:

Originally Posted by CAG CheechDogg

Ah poop! But that one sends out emails and there is no option to turn it off right? That's the one?...

No, you can turn them off. Many options in adminCP.

Also, the time sensitive one just updated with ability to turn the emails on/off.