SPAMMERS! OMFG

I have just logged onto my site and 180 spammers have joined, created 180 groups and posted absolute nonsense. I had already set up my anti spammer stuff on dolphin but somehow this feking bot made all these accounts. What else can I do to stop this kind of attack, I swear to god I only didn't log in for 1 day and look what happens :(  Is there something else I can do to stop this ? I have even had to uninstall the feed back module and reinstall it because I couldn't manually delete all those garbage posts they made. there was too many.

OMFG!!!!!!!!!!!! How do i even begin to delete all those forum posts? I deleted the spammers but all the forum posts remain. Why doesn't the posts they make disappear when I delete the spammer? How am i meant to get rid off all this absolute SHIT?

I need to be able to mass delete all this shit, is there a way to do this? where can I find these posts in the database? can I do it that way? If I uninstall the forum module I will uninstall all the work I have done in setting up the forums. i would like to get a big gun and blast this individuals testicles off!

The forum is like a public place so by default forum posts are not removed.  It keeps the integrity of the forum in place if a member decided to quit.  You can easily remove the posts in the database by either using the phpMyAdmin or similar to select all the rows and then delete the rows.  Or you can run a query; the posts will be marked by anonymous.

First, you turn off auto verification of members; any member that registers must confirm their email.  Now it may be possible that some spam farm has set up a special bot just for Dolphin sites but I doubt it.  I also recommend you get the module by AntonLV https://www.boonex.com/m/Access_Management_System_2_0_0  The module makes it easy to block countries and let's be honest, some countries are spammers heaven like China.  It also can shut down a hammer attempt at hacking a profile.

And if you haven't done it, move the admin account off of number one.   Turn account one into a dummy account and create a new admin account.  Boonex was stupid in making the admin account a regular account that can be hammered to gain access.

You might also want to look at this module to block unconfirmed members from accessing the site.

https://www.boonex.com/m/site-protection-tool-block-unconfirmed-profile-an

thankyou GG i will look into this, I just spend the past 2 hours manually deleting every post that bot made. not going through that again. 

The first step I would take is to make newly registered members UNABLE to ADD anything. Then offer them an upgrade to (as if you are giving them something) (from NORMAL MEMBER to VIP for example). That way if they don't upgrade they cannot post any crap on your site. They will be compelled to upgrade to add blog posts etc.

For the free Standard Membership Actions Do a search for ADD and POST and disable them ALL so they cant post even after registering and confirming.

Add the: Delete Unconfirmed mod

Add the:  Mandatory Confirmation mod

Add the content of the attached txt file to your htaccess file in the root of your site.

Since upgrading to the latest version I have been getting a few registeres per week but at least they cant post anything and are being deleted on autopilot in most part.