Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+10 votes
15.8k views
in Q2A Core by

Many new user registrations are done on my site by spam users. They register with different IP addresses. Their user names contain only several letters with no meanings.  I have no idea to control this issue and finally I have enabled -Temporarily suspend new user registrations. Because of that change genuine users also cannot register on my site. Please help me to solve this problem. Here I have upload an image of one page of users. 

Q2A version: 1.6.3

4 Answers

+6 votes
by
selected by
 
Best answer
First of all, instead of temporarily suspending user registrations you could go to the Admin -> Spam section and tick:
Enable moderation (approval) of users: add registration fields
All new users must be approved
 
That way users will be able to register but would go into a moderation queue. I think it is better to disable registrations.
 
Regarding the not working captchas, I will have to assume that you're using a default installation, which comes with reCaptcha. So in the same section tick all the Use captcha... checkboxes. Save the settings. After saving the settings, in the same section, locate the Use captcha module combobox. There is an options text next to it. Click it. This will bring you to the plugins section and open the recaptcha module options. Click on sign up.
 
You will have to register in reCaptcha. You will be asked for a Google account and the domain names you want to use the captchas on, which I guess it is wikifirst.net in your case. Continue the process and you'll see a link for your domain. Click it. This will display the public and the private key, which look like this: 6McLMPgSGAAAACutJ_dHk-mRfxhoKzaJnztJCchn. Copy and paste both keys in the corresponding fields of the reCaptcha plugin options.
 
Then logout or open a private session in the browser and try to post anonymously, or go to the feedback page, or try to reset your password or try to register. You should see the captcha there.
by
Thank you very much your quick and complete answer with step by step instructions. According to your instructions I could enable capcha for new user registration and other anonymously activities. I really hope this will solve my problem. Today I also disabled temporarily suspending user registrations.
by
There is no such option (reCAPTCHA) in Version 1.8.0 and Donut theme, please update your answer.
by
The question clearly states v1.6.3. If you require support for v1.8.0 feel free to post a new question. Also note that Donut theme is not distributed in the Q2A release
+1 vote
by
1. Are you using Captcha on registration page?

2. Are you using e-mail verification for registration?
by
1. I have enabled Use captcha for user registration:, but when I checked with registration there was no Capcha showing.

2. I have enabled All new users must confirm their email:
by
same is the case with me.
I have enabled both Use captcha and confirm email address.
Still I am facing these bizarre registrations. I had to enable approve manually each registration. :(
by
Like Pupu has mentioned below in the detailed answer, you will have to sign up for a full recaptcha account for the captcha to work (it is free)
by
@ dkd903, Thank you very much. I could enable capcha by following instructions given by pupi1985.
by
@ atultiwari, Please read the answer given by pupi1985 which I have selected as the best answer.
by
@rgd, thanks for reminding me, but I checked, my reCaptcha was already working. And for resaons unknown,  I am still facing this problem :(
I don't know, how someone can bypass reCaptcha?
if anybody interested to look into my users list, here is my q2a site link -
medicalguru.in
+7 votes
by

I have the same problem, and intend to try something like this in whatever function loads the registration page:

if (strpos(file_get_contents("http://www.stopforumspam.com/api?ip=" . $_SERVER['REMOTE_ADDR']), '<appears>yes</appears>')!==false) die('Go away, Spammer.');

The die function call will stop all page execution if the spammer's ip is registered at stopforumspam.

by
edited by
Good idea. I put this in qa-page-register.php around line 70. It appears to be working so far. However, I think the API url should be http://api.stopforumspam.org/api?ip=

http://www.stopforumspam.com/usage
by
Very nice solution, I have added it into my post http://www.jasom.net/basic-anti-spam-configuration-for-question2answer (Basic anti-spam configuration for Question2Answer)
by
I am using it for months with much success.  However then last 10-15 days I noticed that the spam registrations increased at my site.  Then I noticed that there are many errors in the error log in the last 20-25 days:

PHP Warning:  file_get_contents(http://www.stopforumspam.com/api?ip=192.211.54.167): failed to open stream: HTTP request failed!  in /xxxxxxxx/q2a/qa-include/qa-page-register.php on line 71

Anybody else noticed this?

I tried a registration myself and there was no problem (no errors).  So maybe the stopforumspam.com suffered problems/disconnections recently.  I do not have a high volume of registrations., less than maybe
by
Many of the cloud will limit the number of requests. It may be cause that is beyond the limit of the number of checks by stopforumspam. As much as possible, it is better not to rely on external system.
https://www.google.co.jp/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=stopforumspam+file_get_contents+failed+to+open+
+3 votes
by
edited by

I found a Q2A Add-On that checks stopforumspam.com and botscout.com to see if the IP or email address belongs to a known spammer.

It did most of what I wanted but I added logging so that I could verify that it was working.

The original project is: 

It was missing some logging so I added a few updates

...