Spam Bots Attacking! Please Help!

[stevemaury]

hancholo, the setting is called CAPTCHA settings in your version, NOT "Spambot countermeasures". You should update, though.

[stevemaury]

Travisher, unless you have modified it, you are not using the Q&A CAPTCHA built into phpBB.

[DBM]

Travisher, unless you have modified it, you are not using the Q&A CAPTCHA built into phpBB.

I was using the Q&A captcha on mine until last night, when I switched to reCaptcha. Can switch back to Q&A if you want to run any tests?

[Travisher]

Travisher, unless you have modified it, you are not using the Q&A CAPTCHA built into phpBB.

H'mm as far as I'm aware I had a mod on a previous version but that I had gone with a clean copy when I updated last time. I'll take a look at it again tonight, I need to do so anyway as its stuck between the previous version 3.0.7-PL1 and the newest version 3.0.8. the main page says its on 3.0.8 but the System page says it's 3.0.7.PL1 - probably my fault for doing it when I was tired

The attacks started before the update was attempted so it isn't an artefact of that.

[haggisv]

I've been running with Q&A for nearly a year and I have administrative activation. The questions I have are very specific to my niche interest group and can only be answered by careful reading of the site. In the last 3 weeks the number of attempted spam sign-ups has rocketed. Occam's razor says that the spambots have a way of bypassing the CAPCHA completely since unless they are programmed with the answers they cannot answer the questions.

This is exactly what happened to me. Spammer in the last few days have skyrocketed, so they've obviously either programmed in all my answers, or they have a way of bypassing it.

I have the Q&A module for all this time too, and it used to be rare for anyone to bypass it. I'm still on 3.0.6, but I don't think that would affect the Q&A module, would it?

[Fujcube]

Hi,

My phpBB & portal have just been updated to the latest releases and I am also getting numerous bogus accounts being registered, mainly on gmail and from everywhere east of GB!! This was never a problem before. I have always used reCaptcha as my Spambot countermeasure in the past have never had one bogus account. Now I am having to have Accounts activated by Administration which is far from ideal and a total pain in the ass!!

I will try switching my countermeasure to Q&A unless there is a better option.

Advice welcome

Kindest Regards,
fujcube

[DBM]

Hi,

My phpBB & portal have just been updated to the latest releases and I am also getting numerous bogus accounts being registered, mainly on gmail and from everywhere east of GB!! This was never a problem before. I have always used reCaptcha as my Spambot countermeasure in the past have never had one bogus account. Now I am having to have Accounts activated by Administration which is far from ideal and a total pain in the ass!!

I will try switching my countermeasure to Q&A unless there is a better option.

It's been the reverse for me. I have always been using Q&A without problems but the spambot registrations just went crazy in the past 48 hours. I've switched to reCaptcha.

It's probably a good idea to keep switching between different captcha modules frequently until a solution is found to this.

[sakm]

im also suffering a high amount of spam bots!!

i use the built in Q&A and its been great until about 2 or 3 weeks ago!!

[Travisher]

I just finished upgrading to 3.0.8 after my botched attempt on the 3rd Jan.
I've just fed in a fresh set of questions to the Q&A. If the bots continue to get through I shall have to conclude there is some kind of bypass of the CAPCHA.
Feedback for Steve - the code is bog standard now I think. I used to use a Mod under 2.x that asked people to justify them having the privilege of posting to the forum but that was blown away when I moved to 3.x and I switched to the Q&A.

I think I may drop all Russian IP as well as the Chinese, while there are bona-fides greenwood workers in both places their compatriots are making everyone's life a misery.

[RMcGirr83]

I used to use a Mod under 2.x that asked people to justify them having the privilege of posting to the forum but that was blown away when I moved to 3.x and I switched to the Q&A.

http://www.phpbb.com/customise/db/mod/a ... ification/

[Travisher]

Thanks RMcGirr83,
but as the bots were able to spot that there was a box to fill in it ended up not saving me any time since I would have to delete their inactive accounts anyway. I take their IP check where it is coming from. If I'm still suspicious I shove the username into google. A few hits on like minded boards is OK, activity on 100,000 is a delete. The Q&A worked well for almost a year, hence my idea of putting the question answered in the admin email but I'm not a PHP programmer so it might take me some time to figure out a mod to do that.

[Cpt. Blackbeard]

How do you know it's bots and not humans bypassing the Q&A?

[haggisv]

How do you know it's bots and not humans bypassing the Q&A?

We can't be sure, but the sheer volume that suddenly seems to get past the Q&A is a strong indication that they are bots, or at least something semi-automated.

[haggisv]

Just out of interest, and this is not conclusive proof.... I've just changed all my Q&A questions, and in the last 6 hours, I've not had a single spammer register.

This tends to indicate that they are not bypassing the Q&A, but have simply compiled a set of answers, that will, after enough tries, give the right answer when the right question comes up.

I will continue to monitor this, but it looks like questions will simply need to be changed a lot more often.

[hewmac06]

I tend to agree with the last poster. A long standing unique question on my site was breached many times a few days ago. Changing to another unique question relating to my site stopped them.