XenForo (or your selected script) and spam detection

[Tracy]

I don't know about others... but I simply use all the built in spam options in XF and I'm having a GREAT result in preventing BS users from joining...
I keep a close eye on my "online users" and it's amazing at how may of them that are "registering" never even get to the point of actually creating an account.
How successful is your chosen script provider at dealing with it. I know IPS, as long as you had a current license, did a "decent' job... but once you let your license lapse, you were quickly kicked to the curb and had to figure out a 3rd party solution, whereas XF is built in and free no matter if your license is current or not (since they use 3rd party data).
I've yet to find that I needed to engage in the use of the 3rd party add-ons that are available to XF to prevent spam accounts actually getting past the front door.
I also notice on my small SMF site using StopForumSpam it's catching a LOT of users trying to register...
.

One thing I hate about SMF... I click on that IP in the above, and it horribly fails to give me ANY real information about it.. simply linking about to the same BS that it already told me. I'm used to clicking on the IP, and it checking against an IP address checker and showing me something like this (which also frequently shows if they are a new spam infector)

You know... seeing something like this in the online users

And when checking that IP you see this

And they never get in through the front door.

 

[Cedric]

I've been getting a lot of spam accounts the last week, I think we've banned like 20 accounts that were never really activated but still caught by the spam detection. I just email ban them and that seems to work great.

 

[cdub]

I'm using the stopforumspam addon and seems to help. I also make it so that you need to be a member a while with a certain amount of posts and reactions before you can edit your profile.

I used to get a TON of spam in the middle of the night and I had to delete it when I woke up. It seems to come in waves. I added a bunch of keywords to automatically flag and that seemed to help as well.

I've noticed two types of spam:

• Obvious fake passport or pills posts
• Seemingly innocuous and generic bland replies to posts with a URL almost hidden within. The spam addon does a good job flagging those for me.

I used to have a problem with conversation porn spam which is icky and I actually turned off conversations for new members for a while unless you were a Supporting Member.

I think this actually hurt my site because conversations are HUGE on my site and less people were coming back to be on the conversations so in turn they didn't interact with the public posts as much or they tried to take their convos to Whatsapp etc.

I've since turned it back on and I'm rolling the dice with conversation spam but so far so good.

 

[Arantor]

One thing I hate about SMF... I click on that IP in the above,

You're in the error log, clicking any of the things is a filter to find other errors that otherwise match. There are other places to get the IP from and plug it into a tracker that aren't the error log, such as the profile (where the IP links to a 'show more info on this IP' page). Or even the IP address link in who's online, just like XF.

Note that if you click on the error message you'd get other instances of the same error message, or click on the user to get other errors from the same user... At least that's what it did in 2.0, I haven't checked if they broke that in 2.1 amongst the other things that were broken.

It is kinda poor that the SFS plugin shows a 'your request was denied' error to the user that also gets backfilled into the error log rather than having a proper log of these things that would link to the IP address. Like, I'm all for bashing stupid things but don't bash the wrong thing here.

I will also remind anyone running SMF that the official advice has been for years to use Q&A, it even got upgraded some time ago to support multiple variations of an answer to a single question, if that's a consideration you need to deal with. I will also note that the official site doesn't follow their own advice, originally because SMF didn't support different questions for different languages, but once it was added to 2.1 and then backported to 2.0 for the live site as it was then, they still didn't because 'getting translations is too hard'. That was a conversation nearly 9 years ago.