Bots or humans? (General)

by WorldofBB, Sunday, November 04, 2018, 16:32 (42 days ago) @ Alfie

Not only you. 10–20 / day for years… Are you talking about registrations (without activation) or “true” spammers? The former ones should be deleted within 24 hours anyway.

Well, I have been deleting them all pretty quickly - but they are probably bots. I didn't realize tha unactivated accounts are automatically deleted after 24 hours. If that's true then I will leave them and see if they actually get activated or not. If not, then problem solved!

Would be great if reCAPTCHA was an option, as I find it to be one of the most effective ways to limit spam accounts these days.

What about accessibility and Google’s questionable data protection?

Well, all captchas are going to inevitably be harder for accessibility visitors to deal with - but reCAPTCHA is better than most. For people who log into a google account they usually get authenticated without any intervention at all. As for data protection - I suppose it could be an issue for some - but considering how pervasive google is on the web along with how many websites already use google analytics and google ads - I'm not sure reCAPTCHA is contributing much difference one way or the other in the grand scheme of things. But considering how much better it is than other options it would be nice to at least have the option to use it for those that feel the tradeoffs are worthwhile.

Any suggestions?

According to my server-logs it takes humans (yep, and the true spammers as well) about one minute register. I’m considering to throw a nice

exit(header("HTTP/1.0 403 Forbidden"));

if the registration takes less than one second – and switch off all other filters I have now (query a recent local copy of StopForumSpam’s banned IPS, query remotely SFS and BotScout).

In the past I used ZB-Block from spambotsecurity, which worked perfectly for years. The original author stopped supporting it awhile back - but it's development has been picked up by someone else so while it's a bit of a kludge to configure at first it is definitely the best protection against spam I've ever used.

Complete thread:

 RSS Feed of thread

powered by my little forum