Community & Support
Support » Post installation

How to stop "backlinkers" from registering (SEO=spam)

Posted by rubyji on October 28, 2009 at 4:01pm

Hi folks, I'm wondering if you have any suggestions because we're at the end of our rope! The web site I manage has been hit with a flood of new user registrations that are NOT people authentically trying to join our community. Since this started on October 1st, we have been getting approximately 10 new users per hour, 24-7. The IP addresses are almost always unique and the profile information is different each time, sometimes with spammy links, sometimes not.

More backstory in this blog entry.

What I have tried:

  • Standard text and math CAPTCHA, reCAPTCHA, Mollom, and Spam module. These are no help, which indicates that it is humans and not bots filling in the forms.
  • Closing the user registration form entirely and redirecting users to a webform (still with a CAPTCHA). (This way at least the database doesn't get clogged with these fake users.) This has only caused a tiny slow down in the pace of submissions.

Does anyone have other suggestions for how to make it stop? The best idea I have heard so far is to charge a few cents for each registration (and probably refund it later). I am also looking into the Riddler module, but I will have to make the questions pretty nuanced, which may frustrate some of our users...

Login or register to post comments Categories: ,

Comments

Some techniques

Posted by yelvington on October 28, 2009 at 5:38pm

Here are some options, which you may find distasteful:

* Check the IP addresses of the spammers. If they're coming in from a geographic location you don't wish to serve, block the entire IP address range of the ISP (at a firewall, not in Drupal). I have, on occasion, blocked much of China, India, Romania, Ukraine and Russia from being able to access. I don't like doing this, as I travel abroad quite frequently, but it works for a site that has no need to serve those regions.

* Configure Drupal to disallow registrations from email addresses used by known spammers (@spam.ru) and any Gmail addresses containing a '+' sign. Consider disallowing all webmail systems.

* Force all registrations to go through an approval process.

The Advanced User module http://drupal.org/project/advuser can be a big help in flushing out these accounts.

I think you'll find that most of them are being created by individuals connecting from Internet cafes and sweatshops in poor countries, paid a pittance piecerate to boost the Google rankings of casino/drug/porn sites.

SEO Spammers

Posted by tstarback on December 10, 2009 at 10:48pm

Our site was also recently attacked by relentless SEO spammers.
Assuming they were "bots" I installed recaptcha and turned on email verification which did nothing to stop them.
Manually checking each new account proved time consuming and tedious so we came up with our own solution that would automatically search any account that had been accessed in the last 96 hours for url's in the user profile or comments section.
The search returns a list of the posted ads with a "block user" button that does what it implies + adds their IP to the block site list. We had many spammers from the Philippines and India which I later revised the IP block to their entire ISP.
We are still getting spammer accounts but it has gone down about 70% and the administration is almost effortless.

It's old-school php code, sorry no fancy module here but I'd be happy to share with anyone who needs it!

Code Please!

Posted by WeaveGeek on December 14, 2009 at 7:21am

I am having the same issue with relentless human SEO spammers. It's frustrating, and having to approve every new user is wearisome. Please share the PhP code. Pretty please!

Code please, too =)

Posted by Dimas999 on December 24, 2009 at 8:10pm

Please share the PHP code again!

r u sure they are humans, or

Posted by fender on December 24, 2009 at 8:23pm

r u sure they are humans, or are they jst bots

I am using riddler captcha, that works the best, you could try mollom too

Drupal professional development
Drupal Themes For Only 50 Eur

They are humans....

Posted by tstarback on December 31, 2009 at 7:07pm

Yep, nothing stops these guys!

I posted what we've done to manage this issue (along with some rough PHP code) here:
http://www.info-lounge.org/BFF

Hope it helps!
Tim

Here is a new twist

Posted by otreva on December 28, 2011 at 6:28pm

Use CloudFlare to block a country like India for example like @tstarback mentioned above.

I have basically only allowed the POST function on my site to the USA and Canada. I may be blocking some other legitimate comments however it is worth it to save my contact form.

Here is some more information on this here:
http://www.otreva.com/blog/how-to-stop-seo-spam-contact-form-7-wordpress...

Mike Averto
Scranton Web Designer

nobody click here