If it's the site in your profile, you're still using recaptcha which was broken a long time ago. Follow the link in the post above to find out how to stop them.cdodds wrote:Same, I am suddenly having this problem as well. Our board has been up for years, but we have not had bot problems in well over a year since we installed several spambot prevention mods / activated recaptcha / added custom fields. Now all of a sudden, for the past 2 days we have been getting about 20 bots a day mass posting everything from prescription drugs to adult videos. Half of the spam is in arabic and or contains the word "arab" in it. When I trace the ip's they all lead to various VPNS in small countries. I have been ip banning / ban hammering like mad, yet they keep on coming.
If anyone finds a solution that seems to work...I am all ears.
This is a good point.You have a simple maths question on your Q&A.
That's no good. They can search for the answer to that. It needs to be something you can't search for.
Don't let the robots in the door!
A GPL V2 PHP Protection Script for your site.
This php security script is designed to detect certain behaviors detrimental to websites, or known bad addresses attempting to access your site. It then will send the bad robot (usually) or hacker an authentic 403 FORBIDDEN page with a description of what the problem was. If the attacker persists, then they will be served up a permanently recurring 503 OVERLOAD message with a 24 hour timeout.
What ZB Block is Excellent at:
Saves money by reducing hacker bandwith usage! (by 2,500% on this site's index page alone!)
Strengthing your site against defacement.
Preventing PHP script exploitation.
Ending Remote File Include (RFI) exploits.
Protecting against directory traversal attacks.
Stopping MySQL database injection and tampering.
Removing access from known bad addresses and domain names.
Blocking access from top level domains, like .cn (China) and .kp (North Korea).
What ZB Block is Good at:
Avoiding website scraping/content theft.
Deterring bad user agents.
Halting referrer spam.
Impeding some Cross Site Scripting (XSS) attacks.
The last time I started a new thread for a topic that was identical and current I was in trouble.@countrydj: Please start your own topic next time, it makes it easier for us to follow.
My question is how do the "bots" get past the reCAPTCHA? I know I have trouble myself in getting through them. How do they? I've got reCAPTCHA activated, my only savior is the question - which they never get. But, that still leaves me with opening each one and checking it then deleting it. Today I did 141 of them.Mick wrote:Have a read of Preventing Spam in phpBB3 then I suggest you adopt the Q&A CAPTCHA using a GOOD, none searchable, question and answer as all other CAPTCHA's (reCAPTCHA and GD etc.) were compromised over a year ago.
Opening and deleting each what? If they cannot answer the Q&A captcha, their user is never created, so there is nothing to delete.golf25radioman wrote: But, that still leaves me with opening each one and checking it then deleting it. Today I did 141 of them.
Spam registrations sent to the admin of the board are what I open, and then I have to delete the inactive registration(s). I didn't see the posts about the bots being able read the captcha. The simple Q&A answer I put up didn't do it, so I used the unique example in the previous posting. So We'll see what tomorrow brings.Brf wrote:Opening and deleting each what? If they cannot answer the Q&A captcha, their user is never created, so there is nothing to delete.golf25radioman wrote: But, that still leaves me with opening each one and checking it then deleting it. Today I did 141 of them.
Stop making duplicate posts.daviswe wrote:Mick,
I've never been able to get Q&A to appear on my site.