Spam Alert!

Alas, the forum has been discovered by spammers, as this post shows… Well, perhaps it does qualify for the Miscellaneous section as "anything not related to development"; nevertheless, it feels wrong to me. With all those Yii-based blogs out there (and mine in-the-making) perhaps this is an opportunity to discuss anti-spam techniques?

Well spam is spam. :D We had little spam here before, no big deal yet. As you can see re-captcha is used on register-page, that will/should block all auto-spammers. The thread in question was obviously created by a human. So all we can do is marking those threads as spam, then they get deleted.

Yes, I agree. But how would I go about blocking his IP address?

Well I for example have dynamic ip. Every 24 hours I get new ip or I can request a new one by reconnecting to the internet. That would mean to block me, you would have to ban a whole ip range 84.128.***.***. That means you would probably block others as well. Also I could just use a proxy-server to signup here and then post something (with completely different ip). Another problem is that some users use a global proxy (for example from AOL) and they have same ip address as well.

The captcha on signup-page is enough. You can’t do anything against threads started by humans except deleting.

Oh, well… Thanks for the advice.


I was going to suggest you remove the re-captcha on the registration page but looks like my timing is probably off. Not the time to convince people that captcha as a technique is useless as security unless it is completely unusable by a human and just gives a false sense of security. It is far better to use a behavioural approach especially as you already require registration and email confirmation. An example would be limiting functionality for new users like max 3 posts per day.


I just want to comment on some docs and apparently I have to make a post first. This seems like a dead thread where no one would cry…

Akismet is pretty good at stopping spam ^^