Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+4 votes
in Q2A Core by
I've been having a problem recently with spam accounts getting set up on my site. Because of the limited nature of my site, all new users require admin approval before being able to post, so no real damage is being done other than wasting my time. These users are using different IPs and email addresses every time, but use the same values for the fields such as Full Name, Company, Job Title, etc. Is there a relatively simple way to prevent users from being created if Full Name = WhateverTheyPutHere? I have reCaptcha and email verification enabled which is what leads me to believe these are human spammers rather than bots, although I know those processes can be outsmarted. Any suggestions would be appreciated!

I am using the Snow Theme, if that helps at all with suggestions.
Q2A version: 1.6.3
I am also facing same issues . So many Spammers are registering daily . :(

1 Answer

0 votes

Unfortunately my php skills are pretty lacking, but in doing some research, I believe there is a way to do what I'm requesting. Looking at the filter modules available, there is clearly a way to use some logic on the fields associated with a user profile. In my particular case, I want to filter a registration field 'name' to prevent the use of "WhateverTheyPutHere" in that field. Again, my issue is that every spammer I get is using a different IP, email, and username, but name, location, and about are all identical. 

I believe the correct approach would be to build a plugin that utilizes the filter_profile module, however I think this could rather easily be applied as a core hack to the qa-include\qa-filter-basic.php file (with the recognition that an update would overwrite it). This statement already exists in qa-filter-basic.php, and I'm hoping someone with better php skills than myself can advise what needs to be added to this section to achieve the results I want:

function filter_profile(&$profile, &$errors, $user, $oldprofile)
    foreach ($profile as $field => $value)
           $this->validate_length($errors, $field, $value, 0, QA_DB_MAX_PROFILE_CONTENT_LENGTH);
I was thinking something along the following lines, but I couldn't get it to function correctly (no errors, just nothing happens that I can see):
if (preg_match("WhateverTheyPutHere", $field['name'])) {
       echo 'Not today!'; //obviously this doesn't really block anything, it would just print...did I mention I'm not php proficient?


I am facing the same problem on my site https://adunaschool.org/studentsquestions-answers which uses q&a version 1.8.3. I had a spammer registering over 4500 fake users with  "info@wolframalpha" and different IPs. I think that Question2Answer team should seriously look into this spam issue.