Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By dmnd on
Some bot is coming and registering a lot of users. It comes every 2 hours, and registers 2 users 1 minute apart. The username is jtsfds followed by 2 to 3 random digits.
The bot never logs in. The email address used for registering is the domain name is sags.us, which is actually a valid domain. (Previously I got bots from domains that are not registered.)
I know about captchas. I don't use them because I've had several instances on websites of not being able to get past the captchas.
What I'd like to know is why the bot is registering, and why so many. I can see that if the bot is trying to hack its way in, it might register one person to see if authenticated users have more privileges (which they do.) But why register 14 in 7 hours?
Comments
Of course...
... you could have cron delete these users, not allow users with this pattern to register, or require administrator approval to register.
As to why they're doing it, who knows, but you can bet they're plotting something.
their plot
Hi Davidlark,
All posts and comments are moderated, so right now I'm not doing anything. Because I don't want to make it hard for legit users.
I want to know what they want. And what risk I'm taking.
And we definitely have bot users with randomly generated names that use other patterns.
some notes on Drupal and spam
http://drupal.org/project/user_register_notify
drupal 5 and 6
http://www.centernetworks.com/mollom-spam-protection
mollom versus akismet
http://tedserbinski.com/2007/06/01/reducing-drupal-blog-spam
Spam—we all hate it and it’s not just for email anymore, hello Drupal comment spam.
To determine what is effective at preventing Drupal spam, I decided to run a little case study when I redesigned this site and the following are the conclusions I drew from trying a number of different combinations:
1. A Drupal 5 site that allows anonymous user comments will be consumed by spam. I was receiving over 500 spam comments a day on this site.
2. Changing the comment settings to force a comment preview for anonymous users reduced spam by 80%, but I was still seeing around 100+ a day.
3. Adding in the captcha module reduced spam even further by about 90%, to only a dozen or so.
4. To catch the remaining spam, I added in the Akismet module which was then able to filter out the remaining 98-99% of spam, with only possibly 1 or 2 every few days slipping by.
Of course, if I forced my users to signup and verify their accounts I probably wouldn’t have much of a spam problem to begin with, but why should I put that extra burden on my users? :-)
http://drupal.org/node/85494
verify change user address
http://www.jakob-persson.com/node/470
compares various methods
I have installed Mollom. All
I have installed Mollom. All these strange guys stopped registaring with my site. Before mollom I had abt 10 users a day, nearly all of them were strangers. Now I have far less, but they are living persons.