Thread

Hey there,

I have a moderately popular blog, but I still think that I have a fish’ily high number of people registering to become members and it’s starting to quite worry me!

I’m getting around 5 people a day registering lately, and rarely if ever to the people actually post anything.  I’m worried that my board is somehow being abused, but I can’t figure out how.

The only thing I can think of is that these folks are perhaps registering with an intent to spam lots of other members via EE messaging.
- Does that seem plausible?
- If so, how would I be able to monitor and deter such behavior?

Thanks in advance for any insights!

I’ve never had the problem but I’d say you’re right to be concerned. My first question would be why do they need to register? - if it’s only for comment posting it might be an option to turn registration off for a while to see what happens?

Make sure you require CAPTCHAs for registration. That should slow down the bogus registrations.

spammers looking to acquire your email address and sell it.

spammers looking to acquire your email address and sell it.

They can probably get that without signing up though?

Maybe send them a PM or something welcoming them to your site and pop in a quick question in a round about sort of way. If they don’t PM back then you might be able to glean an answer in that way?

The “register” link on my website goes first to a special page I created explaining the perks of registration, and also why I hold registrations for approval rather than permitting self-activation. I have little enough traffic that I’m not about to let spammers take over my site.

I get few enough registrations on my site that I can take a minute or two to run a web search on the e-mail addresses of those whose usernames or addresses don’t look familiar. Almost invariably I find their addresses listed on this or that index of forum spammers. Those get rejected immediately.

If they’re not already listed as spammers, I often discover that they’ve signed up very recently on a large number of sites and posted nothing on any of them either. In that case I figure they’re just not listed as spammers yet, and I reject them too.

What I see is a major issue regarding resources and trends. The trends are obvious. More spammer bots, and more human spammers to Comments and Forums. How do we counter them? Manual moderation and implementation of a few this-is-all-we-can-do auto speed bumps, which may slow down some spammers, but generally don’t keep pace with the trend of more spam.

What’s wrong with this picture?

Today’s complex CMS apps have users screaming for additional tools to combat the growing tide of irritation that damages site content and site users, not to mention the sparse resources site administrators have.

For the most part, both open source and commercial CMS apps have somewhat similar feature sets. Members, templates, add on modules and plugins, all of which provide needed functionality.

Which of the popular CMS apps has taken on the challenge of spammers by differentiating the app from others by providing a growing array of tools for site administrators?

Thank you for the info and feedback.  I have…
- updated my EE to the latest version (it was pretty old, I’m embarrassed to say)
- turned on Captcha-required for registration.

I’ll see if that does the trick!

Your member page is probably indexed in search engines, and if it’s the default EE member page, they can put a link in their profile. Good chance they’re just after the link, but that should be easy enough to check (did the majority of your users provide a link? does the link look spammy?).

Ooooo… that sounds plausible, soxhead!

A couple more observations:
- After I put a captcha on my signup page, signups were hugely reduced.
- The overwhelming number of people registering on my site haven’t confirmed their membership (perhaps because they used fake e-mail addresses?  Or, on the flip sad side, the e-mail got spaminated?)

And I’m curious… what should I search for to see profiles of members on my site? (e.g., site:bladam.com/members/ ?)

Ooooo… that sounds plausible, soxhead!

A couple more observations:
- After I put a captcha on my signup page, signups were hugely reduced.
- The overwhelming number of people registering on my site haven’t confirmed their membership (perhaps because they used fake e-mail addresses?  Or, on the flip sad side, the e-mail got spaminated?)

And I’m curious… what should I search for to see profiles of members on my site? (e.g., site:bladam.com/members/ ?)

I stopped updating one of my sites around a year ago. i get new registrations every day now that are pure spam and I have captchas turned on. it’s still got 1.6.0 on it.

I have a feeling that there’s a way to submit a registration bypassing the captcha altogether. I think (PURELY Speculation) that if you were to create a form that didn’t have the captcha code in it, and it just used the hidden fields, it would approve the submission. Maybe I’ll verify that later today. good thought. won’t take long.

Anyway, mine are easy to spot. the usernames aren’t even words, they’re gibberish.

I’m having a similar issue… I’ve got capthca installed, I changed the default “member” path to something else, yet still I’m consistently getting fake registrations.  Any suggestions would certainly be appreciated.

I’m having a similar issue… I’ve got capthca installed, I changed the default “member” path to something else, yet still I’m consistently getting fake registrations.  Any suggestions would certainly be appreciated.

Not much you can do, though banning @gmail, @yahoo, and @hotmail tends to reduce the number substantially. I manage a few forums and there’s been a tremendous increase in recent weeks of registrations. No spam. Just registrations—all with similar email addresses:

.(JavaScript must be enabled to view this email address) and so on.

But no spam. Yet.

That’s my situation exactly.  My clients have had this site and forum for some time now with no issues - then all of a sudden it’s being hit with 5-15 new registrations a day.  The accounts don’t do anything except maybe have some random URL in the bio.  It does make me wonder if something bigger is brewing.

Anyone else have any suggestions?

i’m having the same problem.  i’m running the current version…  i’ve installed the advanced captcha extension. but it did nothing..  then i installed the accessible captcha (where you ask questions and the registering member has to type the answer)..  still a huge number of new registrations..  all with strange bios and links in the bios..  so, i’m sure they’re fake.  the thing is, just about all of them are activated.  for now, i’ve turned off allowing new member registrations..

i really think they’ve found a way to bypass the captcha to create an account.  also, likely to bypass the email activation..  i just can’t believe that some spammer is really creating hundreds of different email addresses per day to be able to activate a forum membership and not post anything, but just have weird info and links in the their bio..

thoughts?