How do I prevent spammers from registering with my website
One of the biggest problems is spammer that tries to post their spammy links on you website or tries to harvest email address from your contact forms and visitors leaving comments on your articles.
One of the biggest problems is spammer that tries to post their spammy links on you website or tries to harvest email address from your contact forms and visitors leaving comments on your articles.
I am not going to go into any details about how XMS Systems block these kind of visitors. Fact is the more successful your website is, the greater the possibilities that you will be plagued by visitors registering with your website in the hope that they would be able to sell their “blue tablets” by posting a link somewhere in a comment section of your website.
As you can see in the image below, the logs has been reset on 17 March 2017. The figures are staggering to say the least.
The sad part is that this is only known “bad” visitors. A further functionality in XMS Systems has detects unknown bad visitors that will also be blocked automatically from the website on the next visit.
To enable this functionality you will need to submit a support ticket with Exelwebs to get hold of an API key to be able to access the remote databases. Once this is done you can go the the “Country Block List” page as above and enable the options to block known bad visitors.
You will also be able to update the list of new unknown bad visitors from the centralised database.
This update functionality will be automated in a future release.
General contact and registration form protection.
In the event that a bad visitor still manages to get past the blocks and make it to your website registration page we uses a reCaptcha functionality on the form. The latest release of XMS Systems uses Google reCaptcha. If the visitor id a human being, they would be able to solve the captcha with the click of a mouse button or tap of a finger. Automated registration bots will have a bigger problem to solve the captaca
This is part of the basic configuration of your website. To configure your captaha
Login to Admin > Dashboard > Website Configuration > General Configuration
Scroll down to the contact form details section and paste the Google reCaptcha keys in the fields. Click update and you are set.
This reCaptcha will be expanded to all the pages that ask the user to solve a captcha in the next version.
There are two other features that I am not going to discuss that works in the background and have no available configuration. They will be set by default.
Last line of defence
If everything above fails there is still one last manual way of blocking an IP address.
XMS Systems records the IP address of the user when they register. part of the registration process is selecting the country the user resides in. If the selected country and the recorded IP address doesn’t match the same country the registration will be “flagged”
You have two options here;
- Click the “stop sign” to ban the IP address outright
- The following screen will be displayed
- The member list will look like the image below.
- The following screen will be displayed
- Consider the fact that XMS Systems got it wrong and the “missmatch” is legit. (maybe the user is legit and using a VPN)
In this case you can edit the user profile and find the “Registration IP and GEO Location” section in the user profile. Tick the box and update the user profile to un’flag the account, The account will then look like the first account in the image above.
You will still have the option to click the stop sign if needed.
