Fighting the Russians, Part 2
In Part 1, I was fighting bogus membership registrations on my community bulletin board by blocking IP addresses and certain e-mail domains. It was fairly effective for a while, but lately I was getting 10-20 bogus signups and the blocked IP addresses, which I could see were blocking people every day, could not keep up. It was also a pain to look up an IP address (to see where they were coming from, usually Russia, Ukraine, Poland, etc., but also France, China, Africa, even places in the US that wouldn't be interested in my bulletin board). Given all the different IP addresses using the same or similar e-mail addresses, I think the spammers were somehow spoofing IP addresses. They may have been using computers in other places that had been infected or something, but that seems unlikely just because it would be harder to do (though I don't know how hard it is to spoof an IP address either).
So I got rid of the Captcha (the blurry letters or numbers that you have to read to prove you're a real person) and added a plug-in that asks a simple question like "What is the capital of our state?" (that question has the advantage that anyone local will know the answer, but you can't Google the answer). I had never installed a plug-in with MyBB, but it wasn't that bad actually. I downloaded a file, unzipped it, and had to place about 8 files in the right place on my installation, and then I was able to use MyBB's control panels to activate the plug-in and customize the questions. I tried registering a couple of times and was able to register by answering the question correctly. The control panel for the questions shows me the percentage of people getting the answer to the questions correct.
After a day, I have gotten no spam registrations (and no real ones either since the bulletin board is barely active), though my IP blocks still show they are blocking some people. I am not sure if the Captcha was hacked so that a bot could read those letters or if people were reading them and registering or some combination where people read the Captcha and then a robot does the registration. Whatever, I like that the Captcha is gone because sometimes I have a hard time reading those anyway, and answering the question should be really much easier and more effective.
Comments (3)
Yesterday was the first spam registration I've gotten since installing the security questions. It was a Polish e-mail address and Polish IP address, so it had to be bogus. However, the database tracks how many people are answering the questions correctly and incorrectly and there were no additional results from when I tried it out a couple of weeks ago. So the new registration was somehow bypassed, maybe by using a cached version of the registration page. Weird.
Posted by Ted | August 26, 2011 11:19 AM
Haven't gotten anymore registrations. I checked to see if I was getting any incorrect answers to any of the questions and I had 4 wrong answers to "What is the name of the local baseball team?" so I'm thinking anyone who missed that question isn't local.
Posted by Ted | September 19, 2011 11:18 AM
A spammer made it through the registration process today. The IP address for the person was in the UK, so not a local. The question control panel indicated that 7 wrong answers and 1 correct answer were given for "What state are we in?" So maybe a real person looked it up?
Posted by Ted | September 28, 2011 6:15 PM