Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #16  
Old 01 Mar 2011, 08:33
KeyCAPTCHA's Avatar
KeyCAPTCHA KeyCAPTCHA is offline
 
Join Date: Nov 2010
Real name: Maxim
KeyCAPTCHA prevents bot spamming completely

Originally Posted by vitrag24 View Post
Hello,

Daily atleast 3-4 new spam bots registration & threads by them.

Tired if deleting manually.

How to stop them even before they register? Surprisingly they even verify their email account!!!

In vb 3.7.1 I has same problem & I was using "Vmail" which solved problem , vulletin shd have implemented that extra email verification system in vb 4.x as thus us basic need of any forum.

"Vmail" isn't available 4 vb 4.x.


Now pls advice me what shd I do??
Please look into our free KeyCAPTCHA anti-spam solution:
  • doesn't collect data of users like Email, comments, website/blog url, name, etc.
  • has never been passed by any bot
    including those that use laundry attacks (redirection/outsourcing captchas, which they could not pass directly, to 3d party human solvers sweatshops)
  • in case of cracking, the pool of captchas and its type can be changed by our team without plug-in reinstall on protected websites
  • doesn't need typing of squiggly-wiggly texts
  • after 1-2 first uses, it is much faster and comfortable for passing than text-typing captchas
  • prevents spam instead of sorting out it postfactum
  • available in a dozen of languages and others are being added
  • plugins available in a dozen of PHP5 CMSs (all versions) Drupal, IPB, Joomla, phpBB, SMF, WordPress+BuddyPress and others are being constantly added
  • Supports all modern browsers including mobiles' (iPhome, iPad, Android, Sfari) in HTML5 (if not then in Flash - IE, Opera)
  • one can create captchas from its own images with our on-line designer (fee-based service)
  • those, who installed it, switch off other anti-spam measures and moderation
  • free technical support, including free installation by us
  • many unique features unavailable in other solutions

Last edited by KeyCAPTCHA; 03 Mar 2011 at 05:31.
Reply With Quote
  #17  
Old 02 Mar 2011, 02:39
onehost onehost is offline
 
Join Date: Jul 2006
Built in Q and A is excellent...

If one ever got past Q/A then they must be live...

also use Spam-O-Matic

if they get past QandA and spam-o-matic, then that
is pretty much a live spam issue, not much you can
do about the unknowns except for deal with them
right there on the spot, and move onto the next.
Reply With Quote
  #18  
Old 26 Mar 2011, 07:23
vitrag24's Avatar
vitrag24 vitrag24 is offline
 
Join Date: Nov 2006
Originally Posted by onehost View Post
Built in Q and A is excellent...

If one ever got past Q/A then they must be live...

also use Spam-O-Matic

if they get past QandA and spam-o-matic, then that
is pretty much a live spam issue, not much you can
do about the unknowns except for deal with them
right there on the spot, and move onto the next.
built in Q&A?
i cant find any built in system in vb 4.2.1
Reply With Quote
  #19  
Old 26 Mar 2011, 07:35
CarlitoBrigante's Avatar
CarlitoBrigante CarlitoBrigante is offline
 
Join Date: Nov 2002
In all of our clients' websites, we usually setup some of the methods in this thread. But since a lot of spammers these days are real people, the best defense should include also a usergroup promotion system.

Basically, the default usergroup people get at registration offers limited use of PMs, no links in posts, no images, and so on. You then establish some criteria - number of posts, days registered, etc. - for promotion to the next usergroup. This discourages a lot of spammers, also on very popular forums (we used a setup like this on some of the biggest vB forums).
__________________
Yes, that's only a nickname! - MagnetiCat.com - Professional development and administration, disaster recovery (also in desperate situations), PHP and Mobile App development.
Reply With Quote
  #20  
Old 11 Apr 2011, 13:05
KeyCAPTCHA's Avatar
KeyCAPTCHA KeyCAPTCHA is offline
 
Join Date: Nov 2010
Real name: Maxim
Originally Posted by CarlitoBrigante View Post
But since a lot of spammers these days are real people
and in previous days?
the spammers were aliens?
I'm really intrigued by such phrases that are quite frequent to encounter

Last edited by KeyCAPTCHA; 11 Apr 2011 at 13:14.
Reply With Quote
  #21  
Old 11 Apr 2011, 17:13
CarlitoBrigante's Avatar
CarlitoBrigante CarlitoBrigante is offline
 
Join Date: Nov 2002
Usage of automated bots to bypass most of captchas was the norm; in these days, you can see real people being used to pass through anti-spam protection, especially in forums or in blogging environments where there is a high ROI for spam. I have seen an increase of this type of spam especially in forums around Forex, or forums that in general provided services that had immediate value outside of the forums, like classifieds.

These posters behave like normal members for the first 10-15 posts; at that point, they switch to spammer mode, sometimes in subtle ways. Any form of captcha is entirely useless in these cases; solutions like the one above or even Akismet and centralized spammers IPs databases in general are necessary.
__________________
Yes, that's only a nickname! - MagnetiCat.com - Professional development and administration, disaster recovery (also in desperate situations), PHP and Mobile App development.
Reply With Quote
  #22  
Old 11 Apr 2011, 17:44
Alfa1's Avatar
Alfa1 Alfa1 is offline
 
Join Date: Dec 2005
Originally Posted by vitrag24 View Post
You have a point.

So what to do that? Content scrappers? Link?
Bad behavior stops spam bots, scraper bots and malicious bots from accessing your site. Its available for vb3 and vb4.
Spam-o-matic works well on top of that.
Reply With Quote
  #23  
Old 11 Apr 2011, 19:40
KeyCAPTCHA's Avatar
KeyCAPTCHA KeyCAPTCHA is offline
 
Join Date: Nov 2010
Real name: Maxim
Originally Posted by CarlitoBrigante View Post
Usage of automated bots to bypass most of captchas was the norm;
How long was it the norm?
Originally Posted by CarlitoBrigante View Post
in these days, you can see real people being used to pass through anti-spam protection, especially in forums or in blogging environments where there is a high ROI for spam. I have seen an increase of this type of spam especially in forums around Forex, or forums that in general provided services that had immediate value outside of the forums, like classifieds.

These posters behave like normal members for the first 10-15 posts; at that point, they switch to spammer mode, sometimes in subtle ways. Any form of captcha is entirely useless in these cases; solutions like the one above or even Akismet and centralized spammers IPs databases in general are necessary.
The statistics proves that if one stops bots then the spam also disappears

There are not and never were bots without human spammers behind them, otherwise they are called by viruses but not bots.
And there are no "pure" spammers without bots. Their productivity is so low and, resp., prices so high that they are economically senseless

Stop bots, and this is technically possible, then jump to conclusions

BTW, your home site http://magneticat.com/ blocks humans from even reading it giving, for example, to me:
Forbidden
You do not have permission to access this document.
And I am on black IP of a large ISP, meaning that just on this one you blocking dozens thousand of legitimate users.
Or the whole countries?
Cheers!

Last edited by KeyCAPTCHA; 11 Apr 2011 at 19:49.
Reply With Quote
  #24  
Old 11 Apr 2011, 20:44
CarlitoBrigante's Avatar
CarlitoBrigante CarlitoBrigante is offline
 
Join Date: Nov 2002
Ah, I know trolls with vested interests like you, no problem. You will go a long road selling out your services with this attitude. Nobody implied that there is not a human behind the spam; I implied that there was not a human physically going through the captcha process. What does "called by viruses" mean?

While you like to talk, my experience comes from about 200 forums we worked with during the years, some of them being the biggest vBulletin forums around; websites with 500,000 visitors per month were plagued by spammers even though they used the most advanced captcha systems at the time. A simple usergroup technique like the one above solved their problems. We have no "theory" or "statistic": we saw this happening starting 1-2 years ago. Why or how or the commercial implications I do not care: that is not my job. I see facts, I act on them.

Thankfully, a usergroup technique like the one above is free, unlike your extended service: your captcha, by the way, must be one of the most frustrating systems I have seen in a long time (why on earth are some pieces placed below other pieces, thus being invisible to the user?).

Anybody interested in security and in anti-spam measures instead of just advertising their services would never spend time to criticize the methods I outlined: they are added layers of protection.

On a note, your russian IP is being blocked because it is on a well-known spambot list: amazing, isn't it? If I were a company specialized on anti-spambot measures, I'd at least make sure to have a clean dedicated IP. And no, we do not ban whole IP ranges. The tool we use to protect against spam is a well-known commercial hardened kernel/anti-spam package which loads data about single IPs from some of the best spambot list databases.

Originally Posted by KeyCAPTCHA View Post
How long was it the norm?


The statistics proves that if one stops bots then the spam also disappears

There are not and never were bots without human spammers behind them, otherwise they are called by viruses but not bots.
And there are no "pure" spammers without bots. Their productivity is so low and, resp., prices so high that they are economically senseless

Stop bots, and this is technically possible, then jump to conclusions

BTW, your home site http://magneticat.com/ blocks humans from even reading it giving, for example, to me:


And I am on black IP of a large ISP, meaning that just on this one you blocking dozens thousand of legitimate users.
Or the whole countries?
Cheers!
--------------- Added 11 Apr 2011 at 20:52 ---------------

One more note to the poster: I believe it is better to have strong anti-spam measures that do not punish the good users like Akismet, centralized databases of spammers' IPs, and usergroup promotion schemes like the one I have outlined. The great thing is that these methods are FREE for everybody. Commercial websites need different licenses with Akismet, but it is well worth it.

Captcha systems are just a first barrier, good when not too frustrating for the user; security must be multi-layered. And I will certainly not recommend vBulletin owners I work with captcha systems that are backed by companies that like using trolling as an advertising scheme.
__________________
Yes, that's only a nickname! - MagnetiCat.com - Professional development and administration, disaster recovery (also in desperate situations), PHP and Mobile App development.

Last edited by CarlitoBrigante; 11 Apr 2011 at 21:13. Reason: Auto-Merged DoublePost
Reply With Quote
  #25  
Old 11 Apr 2011, 21:13
KeyCAPTCHA's Avatar
KeyCAPTCHA KeyCAPTCHA is offline
 
Join Date: Nov 2010
Real name: Maxim
Originally Posted by CarlitoBrigante View Post
my experience comes from about 200 forums
And mine comes from over 10,000+ protected websites

Originally Posted by CarlitoBrigante View Post
On a note, your russian IP is being blocked because it is on a well-known spambot list: amazing, isn't it? If I were a company specialized on anti-spambot measures,
If I am, then I simply have to know how ordinary user/IP from commonly used ISPs is affected by various spamming and antispamming techniques


Originally Posted by CarlitoBrigante View Post
One more note to the poster: I believe it is better to have strong anti-spam measures that do not punish the good users like Akismet
Akismet:
  • routinely being (anti-)helpfully used by blackhat SEO to dump competitors,
  • that is inherently retroactive, i.e. doomed to always lag behind the newly invented spamming techniques and approaches,
  • dumping legit users web resource owners never see
  • is illegal for use in Germany and other EU countries,
  • etc.

Last edited by KeyCAPTCHA; 12 Apr 2011 at 07:52. Reason: effected --> affected
Reply With Quote
  #26  
Old 11 Apr 2011, 22:05
CarlitoBrigante's Avatar
CarlitoBrigante CarlitoBrigante is offline
 
Join Date: Nov 2002
"Anybody interested in security and in anti-spam measures instead of just advertising their services would never spend time to criticize the methods I outlined: they are added layers of protection."
__________________
Yes, that's only a nickname! - MagnetiCat.com - Professional development and administration, disaster recovery (also in desperate situations), PHP and Mobile App development.
Reply With Quote
  #27  
Old 20 Dec 2012, 17:34
thenags thenags is offline
 
Join Date: May 2008
I've tried the Q&A verification with about 6 different pretty good questions. No answers given away in the question, no simple math problems, etc... spam kept flying in.

I've been testing out Glowhosts Spam-O-Matic all day and it's catching quite a bit of spam but it's also letting in about 2 spambots for every 8 it blocks.

I've now temporarily disabled Spam-O-Matic and I'm testing out KeyCaptcha to see if that can get 'em. Hopefully this works.

I really wish we had the option of enabling 2 Human Verification options. I'd love to have KeyCaptcha on as well as a Q&A.

Last edited by thenags; 20 Dec 2012 at 18:56.
Reply With Quote
  #28  
Old 20 Dec 2012, 18:03
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Originally Posted by thenags View Post
I've tried the Q&A verification with about 6 different pretty good questions. No answers given away in the question, no simple math problems, etc... spam kept flying it.

I've been testing out Glowhosts Spam-O-Matic all day and it's catching quite a bit of spam but it's also letting in about 2 spambots for every 8 it blocks.

I've not temporarily Spam-O-Matic and I'm testing out KeyCaptcha to see if that can get 'em. Hopefully this works.

I really wish we had the option of enabling 2 Human Verification options. I'd love to have KeyCaptcha on as well as a Q&A.
Try this Mod of the Month:

http://www.vbulletin.org/forum/showthread.php?t=289463
Reply With Quote
  #29  
Old 20 Dec 2012, 18:55
thenags thenags is offline
 
Join Date: May 2008
Originally Posted by Max Taxable View Post
I'll keep that in mind if KeyCaptcha doesn't work. I've only had it installed for about 2hrs so far but so far I've had no spambots join. It was so bad earlier that I was getting several an hour.
Reply With Quote
  #30  
Old 20 Dec 2012, 20:55
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Originally Posted by thenags View Post
I'll keep that in mind if KeyCaptcha doesn't work. I've only had it installed for about 2hrs so far but so far I've had no spambots join. It was so bad earlier that I was getting several an hour.
There's no conflict, it's a turnkey installation, and you'll be amazed the number of bots it stops and reports.
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 14:20.

Layout Options | Width: Wide Color: