What's new
By:
DiscussionHQ - General Discussions

DiscussionHQ is a general discussion forum that has opened December 2024!
We provide a laid back atmosphere and our members are down to earth. We have a ton of content and fresh stuff is constantly being added. We cover all sorts of topics, so there's bound to be something inside to pique your interest. We welcome anyone and everyone to register & become a member of our awesome community.

Massive spam bot attack

Smithy

Smithy

The Awesome One!
Administrator
Joined
Dec 15, 2024
Messages
1,505
Location
England, UK
Hello all,

Some of your posts may have been removed reason being we was hit with a massive spam attack this morning, 6 AM UK time.
I have restored the forum database back to 8:36 PM UK time yesterday (29/09/2025).

I am now going to put in a better security measures for registering on DiscussionHQ.
Registering has been disabled until I can figure out how to stop the spam bots registering. (Registering has been re-enabled)

Sorry for those who have posted from 8:36 PM to the time this thread was posted. (UK time)
 
Last edited:
Smithy said:
Hello all,

Some of your posts may have been removed reason being we was hit with a massive spam attack this morning, 6 AM UK time.
I have restored the forum database back to 8:36 PM UK time yesterday (29/09/2025).

I am now going to put in a better security measures for registering on DiscussionHQ.
Registering has been disabled until I can figure out how to stop the spam bots registering.

Sorry for those who have posted from 8:36 PM to the time this thread was posted. (UK time)
Click to expand...
Thank you Smithy!
 
The thing that worked really well for us in our senior forum was having to use an actual name ( first and last) to register. It didn’t have to be their real name, just one that looked real. Most of the spammers didn’t read the directions, so they used the regular garbage names and the registration didn’t work.
 
Smithy said:
Hello all,

Some of your posts may have been removed reason being we was hit with a massive spam attack this morning, 6 AM UK time.
I have restored the forum database back to 8:36 PM UK time yesterday (29/09/2025).

I am now going to put in a better security measures for registering on DiscussionHQ.
Registering has been disabled until I can figure out how to stop the spam bots registering.

Sorry for those who have posted from 8:36 PM to the time this thread was posted. (UK time)
Click to expand...
Thanks for your efforts.
 
What about using like a pin-code extracted from an ajax call using JS. Most bots can't use javascript.

Or getting a pin-code from an url (different from the registration page) where the user have to copy/paste that url to go and get the code? That url should be shown to the user as an instruction to register. (the url shown should not be a clickable link) -- This should full-stop bots.
 
Registering has been re-enabled. I have put better security measures on registering.
To register now you need to move objects on a picture to get the picture right, this should hopefully stop spam bots registering.
 
It will slow them down, which is the best you can do. Something you should do is is change the password for the forum database and Admin Panel every once in a while, but not in a machine recognizable pattern. And of course, make backups of the database yourself. Don't count on your web hosts to do it. I know bots are great for making your forum searchable, but you need to find a balance between doing that and how private you want your forum to be. The forum software should have options for setting what specific member groups can do. Assign all spider bots to a visitors only group, and all they will be able to get access is a designated unregistered visitors forum, and registered members have all access. It's far easier to keep track of malicious bots that way...
 
Axel Slingerland said:
It will slow them down, which is the best you can do. Something you should do is is change the password for the forum database and Admin Panel every once in a while, but not in a machine recognizable pattern. And of course, make backups of the database yourself. Don't count on your web hosts to do it. I know bots are great for making your forum searchable, but you need to find a balance between doing that and how private you want your forum to be. The forum software should have options for setting what specific member groups can do. Assign all spider bots to a visitors only group, and all they will be able to get access is a designated unregistered visitors forum, and registered members have all access. It's far easier to keep track of malicious bots that way...
Click to expand...

I do a database backup every night before I go to bed.
I also have security in place to try and stop the spam bots registering.. see how it goes if not I will have to up the security more. :D
 
Smithy said:
Hello all,

Some of your posts may have been removed reason being we was hit with a massive spam attack this morning, 6 AM UK time.
I have restored the forum database back to 8:36 PM UK time yesterday (29/09/2025).

I am now going to put in a better security measures for registering on DiscussionHQ.
Registering has been disabled until I can figure out how to stop the spam bots registering. (Registering has been re-enabled)

Sorry for those who have posted from 8:36 PM to the time this thread was posted. (UK time)
Click to expand...
if you know the range of those ips, I'd block them via Cloudflare's WAF system.

You're able to block an entire ASN via the use of Cloudflare. :)

Sorry to hear about the spam attack!
 
You should never block a range of IP addresses, as you could be preventing thousands of people from getting on your website. Each individual IP address could be used by thousands of people through Network Address Translation (NAT) in a router. For example, my old accounts from when we lived in Eureka, were from AT&T. If you did a back trace on the IP addresses in the forum logs you might think we lived in San Jose, Hayward, Fremont, etc., because that is where the server farms are. All of which are about 300 miles south of Eureka. In just those three cities alone, there are 1.5 million people.

Times have changed and it could now be possible to ban a specific computer based on it's IP address and do things I could not do in the pre-GPS world. But as far as blocking IP addresses goes, based on recent research that is not the case. However, even if you did ban an IP address, out of all the people that you're blocking, the one you banned can always find ways around it. For example, people who use laptops in Internet cafes or restaurants with free Wi-Fi, of which there are too many to count within 100 miles of my house. (We live 100 miles north of LA.) Each time you ban that person's IP address, you're blocking thousands of other people. Then off he goes to another Internet cafe and does it again. It can quickly turn into a no win scenario for everyone involved, either directly or indirectly.
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top