Thread

I’m having a rash of spam new user logins in my forums.  EE1.6.6.  Have captcha on.  They get by that.  What else can I do to slow this down.

TIA

I’m having a rash of spam new user logins in my forums.  EE1.6.6.  Have captcha on.  They get by that.  What else can I do to slow this down.

The short answer is, not much.

Some registrations are obviously bots, but just as obviously, other registrations are done manually, probably low-labor-cost folks in India, China, elsewhere in Asia, perhaps.

I’ve taken to banning all free email domains and that dropped it considerably.

grrramps

How do you go about banning free email domains??

Thanks,
Darrell

i have just converted one domain over to the question asking version of captcha and this seems to have stopped it… for now at least.
http://www.purple-dogfish.co.uk/free-stuff/accessible-captcha

I’ll let you know if this begins to fail soon!

How do you go about banning free email domains??

 

Hi Darrell,

Info about how to restrict users here:

http://expressionengine.com/docs/cp/admin/members_and_groups/user_banning.html

I’ve been having a problem with spam user login attempts lately also.  My solution was to use .htaccess to redirect to a 404 page whenever someone tries to access the registration page without a referrer.

My .htaccess rule looks like this:

# Mitigate Site Registration Spam
RewriteCond %{HTTP_REFERER} !^http://example\. [NC]
RewriteRule ^member/ [R=404,L]

The word “example” on the second line would need to be changed to your domain - with subdomain like “www” if you use it.

It isn’t a 100% solution but it has definitely helped.