For the first few months I was getting spammed then I installed site access, and used the site password feature when registering great spam stopped, then a few weeks down the line one spammer so I changed the password great few more weeks then a new spammer, changed password next day new spammer(S) so I thought maybe there 'reading the password' from the text above that says enter xxxx so I changed it to please enter the numbers you see in order excluding the * (exp. **8****9****9*4**3) great 2 days no spammers then 5 in one day!!!!!!!!!!!
This ruins elgg completely....
I run a PHPBB forum with 3500 members We get a spam account once every few months and thats a basic standard installation!!!
I Sincerly hope 1.8 puts an end to spam and deals with it much more than 1.x
Regards,
One seriously P***** off Elgg site owner.
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by Raül Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
My first user was a bot even before I went live with the site. They put up a picture so i let it ride...then a few followed so I had to do something.
I ended up using uncaptcha
http://community.elgg.org/pg/plugins/project/384430/developer/brett.profitt/uncaptcha?annoff=50
and
Site access
http://community.elgg.org/pg/plugins/project/384611/developer/shellcode/site-access
For good measure I was using
http://community.elgg.org/pg/plugins/project/504162/developer/kiter/sitecode
With that one I would put a sentence above the sitecode like - Type in the word "yomama" so we know you are a real person. I took that off as I thought it might be a little too cumbersome for first time users.
Even though I took the sitecode off I havent had any spammers in a couple weeks. Not to say they wont be back.
Anyone suspicious...I check the email and then google the name. Spammers usually show up on multiple non related sites from what I have seen so far. At this point if they have made it.. I congratulate them with a manual ban. If I get hit again I will go the ip route.
I would like to hide the members I have banned...anyone know of an add on for that?
@djSupport : webgalli plugin is not the most ideal solution but I think this is the best of what we have as of now.
After going through that BBC report on coordinated crack down on bots/spammers by the biggest of the industry it seems like the issue is too big to manage.
I too feel Elgg setups are specifically target. I have never seen so may spams happening in any of the open source softwares I have ever used
I hope in this discussion we are able to come up with some more effective solution.
we need to set about an action plan!
invite only script anywhere ??
Conecpt : say you have 100 userbase each user gets 3 invites each ........ you can donate ie buy invites for say 5 for $2 ....
just an idea
I'd never get any users like that :(
-->
http://community.elgg.org/mod/groups/topicposts.php?topic=406960&group_guid=52477&offset=50
Not that this is extremely useful information, but...
I have the occasional spammer on my test site. They always register and update their profile, however they don't go any further because I have no blog/pages plugins enabled just yet.
They target more than just elgg sites, they target those specific plugins because you can write freely in them and are not restricted by character limits. Further, they come with the standard elgg package.
Spammers do not target custom plugins because they don't spend time searching through them all on here. So find out how they get the blog/pages plugins working and then figure out a way to block that.
Its time to have a pluggin for Elgg by which we can block the spmmers by IP address. Hope some one can do that easily.
What I do is, i block those IP address by adding it in .htaccess
Trajan you have just given me an idea....
Rename all the 'blog' references to somthing uniqe to my blog then ...
1. They shouldn't be able to find me by googling and
2. not know where to post a blog!
Might want to think about Pages too
- Previous
- 1
- ...
- 5
- 6
- 7
- 8
- 9
- Next
You must log in to post replies.