Your right Yoram the board has been getting a ton of spam lately. The last update seems to have left open a hole in the security so we have tried to go back to the previous version. However the hole remained. So now we are working on ways to block them until the new release becomes available. We have to thank the mods for keep most of the spam at bay, but these spammers are relentless and its hard to get them all.
I hope this is fixed in the next update. If not we may have to port over to something like Vbulletin. It would be nice to use but a lot of work to get it there.
Mark and Trish

 

Hi David, We have tried almost every thing out there and even added a few of our own, but they seem to be getting in some other way. We are still looking into it and trying to find a solution in the meantime.
Thanks
Mark and Trish

 

A couple of things I noticed while whacking spam. If the spammer is in it appears that the board is REALLY Slow. Not sure why or how, but of the 3 or 4 times I caught them in the act so to speak it was REALLY slow. As soon as they were banned, and were kicked off, it sped up. Coincidence? Maybe.

Mark, also have you checked into any plugs that will limit access based on bad IP addresses? I know almost ever one I looked up, their IP was on at least one banned list; most of the time they were on MANY banned lists.

Also I asked our Spamfilter tech rep who was a convicted spammer how and why they are attacking boards like this. He basically said that in some places these folks get paid to manually log in and do this. It's all about quantity, not quality. This recent wave of gibberish is just the latest way for them to see what is working and is most effective. So blocking by IP is about the only way with this type of stuff.

When I used to run a board, I think I used a plug-in called bad behavior or something like that. Just make sure your not on a naughty list before applying ;-)

 

Thanks for the tips Dave I will look into that plugin. I actually think they maybe getting in somehow though a plugin.
We do use a few plugins that checks IP's against DNS Blackhole List as well as checking e-mail domains for valid MX records but to no avail.
We are trying some new settings today but I will need to wait until tonight to test them out fully and see how smooth the registration process is. We want to keep it as simple and quick as possible but of course that means spammers can get in easy as well. The old give and take Hopefully this will work.
Mark and Trish

 

Good points Larry and you hit the nail on the head with the code being public allowing anyone to make holes. It seems they (the programmers) are always trying to stay a step ahead with each release but over time hackers figure out a hole and they are in. Sometimes its amazing how fast they find a way in after a release.
We have been looking into migrating the forum over to a seat of vBulletin we purchased sometime back. Its very nice a powerful software and we have a few test sites we were working on but just need to find the time to get back to it and do a complete merge. It is on the plate after we get the kickstarter rewards shipped. We should have a little more time then to focus on it. In the meantime I feel you are right we need to work at kicking them off like we have been until this is complete.
Thanks
Mark and Trish

 

Thats a good idea too Yoram, however since the last update the board has had some issues that will not allow some of the back end features to be accessed until the code errors are fixed. So when we get these done we will definitely look into setting up these options
Thanks
Mark and Trish