How to weaken spam attacks from XRumer

Question

Though this topic : How do spambots work? is related and enlightening but it talks about general spam logic. Moreover it is really difficult to follow many anti-spam measures mentioned in it in case of CMS based sites like Joomla, Drupal, Wordpress since tickering code requires special expertise.

Just like we concentrate on Google for SEO, we should concentrate on Xrumer specifically.

It is so much of trouble that in my sites I've even disabled typing http word in comments but still I receive many test comments( like Xrumer testing ...).

Looks like Xrumer is the chief culprit of spam attacks. It is most sophisticated spam software I guess. If we can make our sites immune to this software only I guess 90% of attacks can be averted.

It is so much of trouble that in my sites I've even disabled typing http word in comments but still I receive many test comments( like Xrumer testing ...)

Does anybody have internal insights/weaknesses of this software which we can use to prevent the attack.

Answer 1

An old trick was to use a hidden field in the registration form of your site. I would assume this still works, but I'm not 100%

Assuming that you require people to register before they can post, you want to make a form field that will catch only spambots. You do that by hiding it from normal users using CSS.

An example:

Say your normal registration form has the standard password, and password confirmation:

<input type="password" name="password" />
<input type="password" name="password_confirm" />

The spam bots will automatically fill those out, because it's looking for input fields of the type "password". So, you kind of set a trap for it, by doing this:

<input type="password" name="password" />
<input type="password" name="password_test" style="display:none;" />
<input type="password" name="password_confirm" />

Now, a normal user won't see the password_test field because it is hidden from view, so if there is data submitted in the password_test field, it is a bot doing it. Simply check for that when the form is submitted and reject any registrations that have it present.

A note: there's a chance that the spambots are smart enough to look for hidden fields like the one above. To make it tougher to detect, you could hide the field using other means, like this:

<input type="password" name="password" />
<div style="display:none;">
   <input type="password" name="password_test" />
</div>
<input type="password" name="password_confirm" />

Answer 2

I adjusted the phpBB code so that users with less tan 5 posts could not post any replies or new topics with URLs in it. This works pretty good, but you still have spambots signing up as new users. The more recent phpBB installations allow you to set up custom challenge questions instead of captchas. I ask my users for the year or city of summer or winter olympics games and give a link to the wikipedia page where they can find the answer. This is for an international forum, however if you have a forum about cars you might be better of asking car related questions you target audience won't have to look up.

Other forum webmasters i know suggested to change the urls for user registration or posting replies. I had a look into it, but at this point it seems like it would be quite a lot of work to change and test the URLs in the code.