| Author |
 Topic  |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
 Posted - 18 June 2014 : 07:01:26
|
I ask, because recently it doesn't appear to be working, for the last week or so I have been changing the question/answer every couple of days, yet we are still getting 50+ spam registrations every day, pretty much all of a similar format but from many different IP addresses
e.g.
fhgh66dvf crudelyr.nai@gmail.com
wtr65dxf mecha.nicbhkj@gmail.com
I am currently considering banning all registrations from gmail.com |
MVC .net dev/test site | MVC .net running on Raspberry Pi |
|
|
Carefree
Advanced Member
Philippines
4207 Posts |
Posted - 18 June 2014 : 08:23:11
|
I don't use it, but I'll be happy to take a look.
I don't see a programming error, though it's not very secure. The biggest problem I have with it is that the question and answer are static; so any spamming group could email/post the current anti-spam value for their automated software to use. |
Edited by - Carefree on 18 June 2014 08:35:57 |
 |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 18 June 2014 : 08:36:53
|
| was just wondering if it was possible to maybe bypass it by posting a copy of register.asp remotely from an app or from another website, could just be coincidental and they are actually someone filling in the form, but the similarities in username/email addresses makes me think it is a bot |
MVC .net dev/test site | MVC .net running on Raspberry Pi |
|
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 18 June 2014 : 08:38:26
|
quote:
The biggest problem I have with it is that the question and answer are static; so any spamming group could email/post the current anti-spam value for their automated software to use.
That was my main reason for changing the question every couple of days, but it didn't make any appreciable difference to the number of spam registrations which is why I became suspicious |
MVC .net dev/test site | MVC .net running on Raspberry Pi |
|
|
|
Carefree
Advanced Member
Philippines
4207 Posts |
Posted - 18 June 2014 : 09:48:02
|
| If you want to test it, have it EMail failed anti-spam results to you. If you change the question/answers and someone uses the OLD answer, you'll know for sure what is happening. |
|
|
|
Webbo
Average Member
United Kingdom
982 Posts |
Posted - 19 June 2014 : 02:42:13
|
We had a similar problem as well Huw (http://forum.snitz.com/forum/topic.asp?TOPIC_ID=70768)
I studied the server logs at the time and couldn't see any traffic going through register.asp by the spammers, neither did I get any email notifications of new registrations when they apparently registered, however I did when 'people' registered
I implemented 'restrict registrations' for a few days, manually authorising new registrations, none of which came from spammers, and that seemed to put a stop to it.
So my belief is what ever is being used to register the spammers isn't using register.asp but is somehow writing new members to the database circumventing any restrictions put in place |
|
|
|
Maxime
Average Member
France
521 Posts |
|
|
HuwR
Forum Admin
United Kingdom
20584 Posts |
Posted - 19 June 2014 : 13:50:42
|
quote:
Originally posted by Carefree
If you want to test it, have it EMail failed anti-spam results to you. If you change the question/answers and someone uses the OLD answer, you'll know for sure what is happening.
yes, I think that is what I will do when I get back home, on holiday at the moment in Italy |
MVC .net dev/test site | MVC .net running on Raspberry Pi |
|
|
|
Carefree
Advanced Member
Philippines
4207 Posts |
Posted - 19 June 2014 : 15:33:01
|
| I'm on permanent holiday, have been since 2004. Doesn't always FEEL like a holiday, though. |
|
|
|
Carefree
Advanced Member
Philippines
4207 Posts |
Posted - 19 June 2014 : 15:35:08
|
| Friend of mine was having a number of spam registrations recently. Added the IP/Country ban, banned China, Russia, Ukraine, Niger, Nigeria, Ivory Coast, & Romania. He hasn't had one since. |
|
|
|
Maxime
Average Member
France
521 Posts |
Posted - 19 June 2014 : 16:36:49
|
Hello Carefree,
You spoke well of mod: ip/tocountry?
I downloaded the 3.0, but I see no ban on this page zip, I had the most complete version 1, but it is no longer on snitzbitz.
Want to see you please.
|
Cordially,
Maxime
Taxation consists in so plucking the goose to get the most out of feathers with the least possible cries.(Jean-Baptiste Colbert)
|
|
|
|
Carefree
Advanced Member
Philippines
4207 Posts |
Posted - 19 June 2014 : 17:11:10
|
| No, not the IPtoCountry mod (that is a pre-requisite, though). The Ban by IP/Range/Country mod. |
|
|
| |
Topic |
|
