What one thing lets elgg down? Spammers... Mainly Chinese!

For the first few months I was getting spammed then I installed site access, and used the site password feature when registering great spam stopped, then a few weeks down the line one spammer so I changed the password great few more weeks then a new spammer, changed password next day new spammer(S) so I thought maybe there 'reading the password' from the text above that says enter xxxx so I changed it to please enter the numbers you see in order excluding the * (exp. **8****9****9*4**3) great 2 days no spammers then 5 in one day!!!!!!!!!!!

This ruins elgg completely....

I run a PHPBB forum with 3500 members We get a spam account once every few months and thats a basic standard installation!!!

I Sincerly hope 1.8 puts an end to spam and deals with it much more than 1.x

Regards,

One seriously P***** off Elgg site owner.

  • If i have traffic from china or russia on my site, the traffic is reffered as google search with keywords "powered by elgg".

    http://www.google.com/search?q="powered+by+elgg"

    So i think the spammers searching explicit for elgg sites! And it could be a good idea to remove the Powered by elgg slogan form your site and metatags!

  • Ohh yeah?? I had spammers from the United Kingdom, from The Netherlands, from Astralia.

    Funny thing is, I haven't launched the website yet, but it's not an Elgg website, it was just a personal website.

    I have already blocked them from spamming and from viewing my website.

  • For those that want private, closed groups on a site, isn't there any way of just removing the register page completely and make it by invitation only?

    If there's no register.php page then the spammers/bots can't register, right? Or maybe have the register.php page redirect attempting registrants back to the login screen. 

    Because I have no clue about building plugins, I changed the /actions/register.php and \views\default\account\forms\register.php to:

    <?php

    <h1>No registrations here</h1><p>Please go back to log in</p>';

    ?>

    I realise that's not ideal as it will be overwritten on an Elgg update, but it's all I can do at the moment.

  • This is a solution

    Webgali's antispammer just get the api and it kills a large amount of spam.

  • Since installing antispammer my fake signups have gone form 10-20 per day down to 0-5...it is working great for me and my 2 public sites.