How to stop a serial spammer???

I will definately not be the only one having this problem but enough is enough.

I have a guestbook on my website which is protected with a Captcha to prevent spam. Some time ago some black hat SEO software has broken the Captcha security (not gonna mention the name to give them extra publicity). They've added comment as (X test hello and goodbye) in my guestbook.

I'm getting loads of junk in my guestbook. 90% comes from the same shady website. Through the whois info I found oud the name of the hosting company. I've contacted them several times but without any result.

Now I'm starting to get messages they send through the contact form.

Does anybody have a clue on how to stop this? Just an extention to add another Captcha won't help. Spammers seem to have found a way to bypass this by using the software I mentionned above.

It's not just me. When I google the website name I find hundreds and hundreds over website all over the world all with the same spam in their guestbook.

Is there a way to figure out the IP address and block them on IP????

well, just check your Server Access log, then you will find out easy, what IP's they use.
Then either lock 'em out, blockwise, or reroute them to someplace else by .htaccess,
Ernie

Stupid question but how do I access my weblogs?

well, you better ask your hoster about this.
Ernie

You can't block Spammer IP, because they use random proxy to put their comments in your guestbook.

When you have found 1 IP, there will be a different IP to try spam back to the guest book on your website.

You can't block Spammer IP ...

well, this sounds similar to, you can't keep Gangsters from breaking into your house,
so, what's the use to lock your doors in the first place...
But it's an ongoing battle, and it never ends, so, I am still updating my 'blocker' .htaccess,
whenever one tries again, by blocking entire segments, so, it at least reduces such attempts.
It's the best way, I found so far, and according my logs, it does it's job quite well.
Ernie
Onby my latest .htaccess file:

psxgamer wrote: ↑

Wed Jun 07, 2017 5:38 am

I have a guestbook on my website which is protected with a Captcha to prevent spam. Some time ago some black hat SEO software has broken the Captcha security (not gonna mention the name to give them extra publicity).

If IP blocking isn't doing the job (i.e., the spammer just jumps to another address), it sounds like all you can do (as a practical matter) is upgrade your CAPTCHA. Unfortunately, spammers have gotten very good at automated and semi-automated cracking (using AI, or forwarding your puzzle to porn sites where someone will eagerly and immediately solve it to get in). To keep ahead of them, you can't use something already widely used (and therefore already cracked). Most CAPTCHAs cranked up enough to stop a bot are also too difficult to solve by mere humans, so the solution is to make a different approach (a different kind of puzzle to solve). Be sure that you don't exclude blind or deaf people in the process! Move fields and controls around (maybe with some randomness) to fool bots into misfilling the page. Randomly change prompts, too.

If there is a pattern that the spammer(s) always use, such as links to a specific site, you could accept the guestbook entry, scan it for keywords, and simply vaporize it if it looks like spam. Should a guestbook entry contain links? If not, automatically remove or disable the link, or even the entire post. I can't imagine a guestbook not disabling HTML in a post, so spam should be more annoying than serious.

My small contribution, although late, it might be useful for someone else.
Blocking a spambot by ip filters is like trying to close a hole in a colander.
Many spambots are embedded into viruses, trojan horses, malawares, installed on thousands of computers. This way the spammer builds a bot net, with thousands of pc turned into "zombies machines". Each machine gets a list of target websites to spam from some source, then it sends fake registrations, password reset requests, login attempts, etc.
Of course the owner of the infected pc in unaware that his machine is infected, and his ip is flagged as spam, when he tries to register on a site that implements an ip based antispam filter, his (legitimate) registration fails.

You block an ip? They spam from another computer. Bot nets can be made of hundreds of thousands of ip addresses, and a bot can attack a site with new ips every day (switching off and on a router assigns to a victim computer a fresh clean ip can be re-used for spamming).
New bots can even solve alphanumeric captchas, expecially the simple captcha included by default with Opencart.

I wrote an extension 5 years ago to block spam, and I updated it few days ago, if you are getting flooded by fake registration take a look at this link:



https://www.opencart.com/index.php?rout ... n_id=13097

Latest release of CSRF Protection Form has been released. Tested by a forum user and confirmed the latest release no longer floods registration. No packages required, totally FREE! - no discounts necessary either: https://www.opencart.com/index.php?rout ... on_id=4773

For v1.5x users, send me a PM after installing the extension if you're unable to propagate the CSRF tokens.