I need major help with my bot situation PLEASE!

This has gotten so bad i have had to enable promotions, and sort through by hand.. and I get thousands a day!

I been trying to find the common denominator so I can stop them from joining, this is defiantly computer bot generated sign ups. And the ips are all different and mostly us ips. One thing they do all do is add html to the description box when they join. So is there a way I can tell the join page not to allow html?  ... I swear I cant take no more guys!!

I already have in place a security question, that i have changed a few times.. they just modify and keep on going.

ANY ideas are welcome at this point, and a way to stop html when joining would be awesome!

Deano's anti-spam module has that feature.

OR you can get the Anton http://www.boonex.com/m/Access_Management_System_2_0_0 . I had the same issue for over years. "protect your site and members from annoying users (scammers, spammers and etc)."

Yeah looks like im gonna have to BUY an anti spam module, it is a damn shame a site owner has to PAY to stop the spam that dolphin sites seem to generate!

One important thing you must do is to split the join form; at least to two pages.

Another thing is to remove the captcha and put in a human question; I have one on each page of the join form.  The other is to make sure confirmation of email is turned on.  This won't stop the human sign ups but it will stop a lot of the bots, if not most of them, because they don't have emails.  And get the free mod that blocks unconfirmed email users from browsing the site; search for it in the market.

As for the join form description box, you can change remove the HTML from that using the builders.

 Thank you dear,, yes I was aware of all these and done them all YEARS ago back in the famous .shou and .163 email china ugg boots invasion of 2009.

I already have it set for promotions and non active  unconfirmed ,, I had to do promotions due to the fact these bots were confirming,   I was able to stop them from hitting the blogs and forums and such, it was just me and my mods are so tired of deleting 1200 or more bots a day! .. they dont manage to get anything done on the site cause the profiles are not even seen due to me having promotions running, but I dont want to do promotions and i want to be able to auto activate the confirmed email accounts. But I cant till I can figure out how to stop this new invasion.  So far the only common ground I see on these are they all use multiple caps in the usernames such as "CarrieKa"   or something like "SteveSJY" like that, and they all throw a description on their profile that has a few words href'd with html so they can get back links.. so that is why I said the only thing I could go for would be the description box to try to stop them, and it looks like only deanos module is going to help me here.

 Yes and No ... I can stop the box from displaying and producing html acts that way by just switching it to "text box" but that will not help me, cause the bots will still just past the links in there and benefit just as much from the back links. I need something that wont allow the href in the first place, and I can maybe modify to exclude all "www, html. .com .net" and so on.. see my dilemma ?

At present I get a few spam accounts once in a while.  They either post some blog post or a forum post.

email confirmation does not help. I have one site that still get spammed hundreds a day even though everything has been set in place on it... even set to invite only and email confirmation etc... but they just bypass that also somehow. I swear these spammers are getting smarter and 'learning' how to avoid whatever we post on here to deter them!...

I have noticed that on new installs, the spam control is much better, but on older sites that get upgraded they seem to suffer a lot more... maybe something wasnt done right on upgrade, or maybe there's still a weekness in the pre 7.1 code that wasnt addressed properly.

I spent 8 hours on this yesterday, but I finally slowed em down to a manageable level now. I am probably the most lazy site owner on these forums I can admit that. But it is a shame that we honestly have to spend as much time talk and working around the bots thing, I mean from day one this has been an issue and one that I have seen cause many site owners throw in the towel, I just hope the new fixes I put in place keep em away for atleast a couple months, I was wanting to spend the time I spent on this yesterday, fixing the poker bugs instead.

Do a search for join.php on this site, there's an article by HL that spells out how to stop them in their tracks.

http://www.boonex.com/forums/topic/How-To-Block-The-Entire-Planet-From-Joining-Your-Site-well-almost.htm

Deano has this article as well...

http://www.boonex.com/forums/topic/Rename-join-php.htm

I was getting 20 - 30 a day and I did 2 things.

Split the join form and put a captcha on page 2.

2 I changed the join.php to another name (that I am not naming for obvious reasons), use your imagination. antibot.php doodoohead.php  whatever you want to call it.

You only have to change the code in like 4 places to make it work.

You put the newly renamed join.php in another folder and point dolphin to it.

The bots can't join because they have no clue what the new filename is.

The biggest help to stop the BOTS is to move the join.php and rename it, name it something odd so they can't rewrite their script and guess it.

Then watch your logs.

Start blocking the IP groups where those bots are trying to use join.php (because it no longer exists).

This is what happens when you rename the join.php and/or move it.  LOL

74.118.193.28 - - [20/Oct/2013:06:41:08 -0400] "GET /join.php HTTP/1.1" 404 4068 "http://dev2.mytikibar.com/help.php" "Mozilla/5.0 (Windows NT 5.1; rv:22.0) Gecko/20100101 Firefox/22.0"
74.118.193.28 - - [20/Oct/2013:06:42:02 -0400] "GET /join.php HTTP/1.1" 404 4067 "http://dev2.mytikibar.com/help.php" "Mozilla/5.0 (Windows NT 5.1; rv:22.0) Gecko/20100101 Firefox/22.0"
74.118.193.28 - - [20/Oct/2013:06:55:18 -0400] "GET /join.php HTTP/1.1" 404 4069 "http://dev2.mytikibar.com/help.php" "Mozilla/5.0 (Windows NT 5.1; rv:22.0) Gecko/20100101 Firefox/22.0"

404 = Page not found = failed to join by bot.