Deleting SPAMMY Users

Hi Everyone,

Our site has what we understand to be approx 800 users that have been active at one time or another combined with 5200 that are all spam bots.

We have modified the registration process such that anyone signing up for the forum must wait for an admin to manually approve them. This should keep out new spammers.

To get rid of the old ones I am probably going to delete every account with a post count of zero in the last 6 months. If people created accounts to just lurk on the site they will have to re-create those accounts. Sorry for the inconvenience.

If i can come up with a more sensitive way to do this I will, but its not looking like i will.

– Jeff.

Most of this wave of spam came in the last month or so. See how many that gets rid of.

Old users with 0 posts are not a problem until they post spam.

Obviously, this latest wave is something new. I think we’ve attracted the attention of a spam bot or we now have a spam bot that has acquired the ability to get past the captcha we use.

Um… 15 minutes ago we had 6100 users, now we have 242. I made an executive decision to wipe anyone who’s never posted ever.

As new ones come in we should:

  1. Ban the email if it is not mainstream (not though).
  2. Ban the IP if it is from overseas (google the IP, don’t go to it!).

This will harden us and prevent a large number nuisance accounts from driving us nuts or cause us to be so trigger happy that we mistakenly ban valid people.

I’m not sure banning the email does much, they just pick random ones.

I might be able to setup something on apache to ban via geo-ip, but right now I lack time.

Agreed, same with user names.

However, with wild cards banning]( is useful.

With IP’s I’ve been banning the whole subnet if the domain is in eastern Europe with a wildcard: 74.55.66.*

So is now getting bombarded with approval requests, and they’re all spam. 51 since i turned on that requirement to be approved.

I’m dealing with a funeral/family death right now so i’m busy, but i think my plan will be to have people have to email us for a password that we give them to fill in. or something…

Wow, bad timing for this. My condolences.

I’ve been deleting the requests that make it to me. I’m sure we can handle the flood until you have more time.

Agreed and sorry to hear Jeff.