Gotcha for user registration?
ryooki - November 27, 2007 - 12:25
| Project: | Gotcha - Contact Spam Catcher |
| Version: | 5.x-1.x-dev |
| Component: | User interface |
| Category: | feature request |
| Priority: | minor |
| Assigned: | NancyDru |
| Status: | postponed |
Jump to:
Description
I haven't installed this module b/c we don't seem to have a problem with spam bots combing through emails. But, what we do have a problem with is Spam bots registering on my site. Every week I delete two or three spam bots who registered, and I think a module like this would be wonderful at blocking those people. Any chance you might develop something like that?
#1
I am planning a version 2 of this module that will be more generically forms-oriented, so it may be able to handle user registrations.
Can you give me more details on how you know they are bots and what they are doing that gives them away? I don't have this problem because none of my sites allow public registrations (yet). However, I know there have been many postings in the forums on this problem (have you searched for possible solutions). Indeed, DO itself occasionally has this problem.
In the meantime, if you know that people should be registering, for example, from only US-based IP addresses, there is a module that will limit that. It's called Register_Country.
#2
hm... US-based IP addresses is a good idea, but I do have some people who come from other countries using my site. Primarily Canada, but some central/south america, and a few from asia.
As for bots, a lot of user names look like trash: zFDrclsdqAfed, ScE_lsOdFRkspr, etc. Those I usually just block, but if I don't, they've been known to come back and post spam on my site.
Others register with innocous looking names, and I used to ignore them just in case they were real: billjacobson, jolene, etc. But, I became suspicious and started checking out their user profiles, which consisted of spam in every memo field:
The user profiles are not visible to non-logged in people, so it's not very useful for the bots to be spamming that way, but they don't know that. They never seem to post any comment spam, so it doesn't matter much to me in some ways. Still, I'd rather not have it taking up space on principle.
Does that help?
#3
I don't know how much help I can be on the weird names unless you can devise some rules that would detect them.
Spam content in other fields should be taken care of by version 2, if I can figure out how to get the user form (it doesn't use the normal form stuff).
I wonder if the original idea for this module just might be effective in this case. That is, a field which is hidden to humans but visible to bots; if it contains data, it has to be a bot and can be ignored. Hmm...
#4
http://drupal.org/node/171780
Since Jeremy is actively developing V3 of the Spam module and adding more form filtering, I am postponing this issue. V3 may even so grossly change things that Gotcha might become unnecessary.