Detect SPAM registration /blogs and stop it

Hi,

I have using many Capacha plugins to avoid SPAM registration / blogs and stop it. I was keep changing these coz i felt none of them is working perfectly and SPAMMer was able to sneak into my elgg installation some of other way.

Case 1 - At present I am using image_captcha to prevent spamer. I just disabled capacha for few mins and noticed that more than 200 SPAM users has been registerd to the site. I was surprise to see this stats. How to detect the source of these attacks and prevent them permanently?

Case 2- I have setup one new small sites using elgg without any capacha 3 days back. No great promotion etc etc..just made sitee live..Today i noticed more than 500 users have registred to the site and all registration was SPAM? How can this be possible...

I am just trying to relate these things at base level...In both the cases, i am surprised with SPAMMer elgg detection and SPamming capability. Tis also leads to my site perforcmance as well..

please advice and share your experence.

 

 

  • There are some of the IP address was listed in Log Browsers but without User and User GUID...

     

    37.59.129.119
    192.210.214.208
    23.27.131.179
    173.234.226.197
    199.180.128.235
    198.175.124.209
    176.9.198.237
    67.209.190.29
    37.203.214.241     
    5.39.53.141
    96.127.135.195
    94.242.241.149
    192.210.214.208
    5.9.215.66
    67.209.190.45
    46.165.251.67
    83.46.173.55
    50.115.173.170
    193.183.105.18
    173.213.89.12
    67.209.190.7
    82.80.55.41
    130.185.157.243
    192.119.151.64
    23.27.131.179
    178.32.233.171
    173.234.226.197
    23.27.131.104
    173.234.226.124
    198.143.144.70 

  • 1. Captchas don't work

    2. use other spam control methods: spam login filter + spam throttle is a good combination

  • @ Matt Beckett, Captchas cannot stop human spammers from registering to a site but when used properly, Captchas can slow down the amount scam-bots (computer robots) auto registration tools out there or block automated scripts from abusing Elgg sites online Services. I am aware that even Google Captcha can be cracked within a few seconds with more than 99 percent accuracy by a good programmer. However, having Captcha on a site does not hurt…

    @ cmsgalaxy, Even thought on earth there is no single site which is “secure against automatic attack" you can Try Matt Beckett's spam login filter + spam throttle + elgg-captcha+ honeypot-spam-catcher. Even so, your registrations spam rate will go down to almost zero!

    The Elgg-Captcha system uses human voices changing sounds and background noises, making it impossible for scam-bots (computer robots) to isolate the correct words included in each sound Captcha.

    Elgg-captcha System is far more better than other Captchas because it strikes the best balance with human usage and also, Elgg Captcha can be used in combination with other Captchas or anti-spam technologies.

    You can find the latest Spam plugins in these addresses:

    http://community.elgg.org/plugins/1172111/1.8.14/elgg-captcha
    http://community.elgg.org/plugins/1131529/1.0/honeypot-spam-catcher

    Hope this will slow down the spammers registration to your site hence the beginning of no nightmares! With good combination of this Plugins, your site can remain a powerful site and effective to fight abuse.

    Let us know how it works for you.

  • I've given up on captchas because the cracking of them has become so good that they slow down real users much more than they slow down spammers.  At that point the detriment to UX is not outweighed by the very very minor % of spammers a captcha will stop.

  • @ Matt Beckett, Come on, do not give up on Captchas -- you might be right but the captchas can be tweaked to serve the interest of the Elgg site owners. Even though Captchas can be bombarded by spam boats, Captchas can play a role of slowing down the amount of robots registration success rate. Otherwise mega giant online networks could not be using Captchas. Remember whenever Google Captchas are cracked, google will always tweak or alters their Captchas to keep up with sophisticated spammers.  I do not support Captchas to be placed in every form of the site. It will be better to have few users who are determined to take their time and fill in the right Captchas than leaving the site without any speed governors that can slow down spam scripts from spammers.

  • Unfortunately I think in the past Elgg got a reputation among spammers as being easy to spam with a lot of potential rewards for doing so.  For instance the blog pages are/were almost perfect where a spammer could basically put up a full page ad on your site and have it rank in Google while helping them with SEO.  So they targeted Elgg and at one point were selling lists of Elgg sites on fiverr.com for spamming purposes.  As I understand it some changes have been made in Elgg 1.8.15 to reduce the incentive to spam somewhat but I'm not sure on the specifics besides that I think it involves the use of no-follow.

    As for plugins spam-login filter is probably one of the betert anti-spam plugins for Elgg available.  Although it's not perfect.  The last I heard the submit capability to stopforumspam is not yet operational.  At least it wasn't for me.  Some other plugins which might help have already been mentioned: spam throttle, honeypot, a captcha plugin (many are available).  Also consider manually blocking some of the worst offenders right at the firewall. 

  • rel=nofollow for non-trusted links has existed since 1.8.1 Nov 2011.
    the combined anti-spam plugins listed are pretty good at what they do;
    htaccess deny also adds to work @ blocking+ effectively.
    if site owners want to incorporate the open-source 'anti-hammer' package,
    this will add even more stringent bot & hammering shields against spammers behaviour.

     

  • @ DrupeDescoop:Could you elaborate on the points you made from line 3 of your post to the end.e.g using .htaccess and anti-spammer package.

    Captcha should not be made for registeration page only.Being able to add captcha on blogs pages, comments and even group registration would will help reduce the bots.

  • DhrupDeScoop, there was recently an improvement in 1.8.15 to close a big opening from what I understand https://github.com/Elgg/Elgg/issues/5244 and http://blog.elgg.org/pg/blog/cash/read/227/elgg-1815-released

    Adding nofollow to auto linked URLs to discourage spammers (thanks to Hellekin Wolf for pointing that out)

     

  • url sanitizing is done via such code ~>
    .    return "$urltext$punc";
        if (!isset($vars['rel'])) {
            $vars['rel'] = 'nofollow';
    .    $htmlawed_config['anti_link_spam'] = array('/./', '');
    .    }else{$a['rel'] = 'nofollow';}
    in several different scripts
    for the different situations. 
     

    'anti-hammer' is open-source package and 
    can be found at http://corz.org/serv/tools/anti-hammer/ 
    matt has a plugin that implements something very useful &
    similar at tke lower logic level within elgg's contexts itself.