That was fast for the first day listed

**ttb62** · November 8th, 2011, 15:55

The first day listed on freewebspace.net and the sign ups start. I used a simple contact form for sign up. some sent two or three duplicate request. Mostly from China. Most requested hosting for a sub domain. Then I realized they might be live spammers. So that's not going to work. I am getting traffic, but I moved the sign up to a forum. Maybe I can weed out the ones who actually want hosting for there domain. The package is so small a user will have to know how to use it. A script like wordpress is just to big for it. But I got traffic already.

ttb

**Seraphim** · November 8th, 2011, 18:02

Originally Posted by ttb62

The first day listed on freewebspace.net and the sign ups start. I used a simple contact form for sign up. some sent two or three duplicate request. Mostly from China. Most requested hosting for a sub domain. Then I realized they might be live spammers. So that's not going to work. I am getting traffic, but I moved the sign up to a forum. Maybe I can weed out the ones who actually want hosting for there domain. The package is so small a user will have to know how to use it. A script like wordpress is just to big for it. But I got traffic already.

ttb

Welcome to FWS.

I noticed this too, every time I make a hosting offer for a few days after that I get 2-3 signups a day originating from Chinese and Russian address space with bot-like info. Unfortunately enough hosts use automatic activation and these bots actually do succeed in getting live accounts.

Not sure though if there is anything that can be done about it here at FWS, but filtering the signups is relatively effective if time consuming.

**wswd** · November 8th, 2011, 20:45

I get these all the time, at least 20-30 per day. It's just a matter of thorough checking by your staff. Many are attempting to get smart and are using US addresses and American names...even US proxies. Just have to be really careful and use due dilligence.

**Trel** · November 10th, 2011, 14:29

There are a number of different things you can do to help filter your new signups.

- MaxMind MinFraud checking - http://www.maxmind.com/app/ccfd_promo?promo=WHMCS4562

1000 basic queries per month are free and additional queries are as little as $0.005 per query for standard.

- Use GeoIP blocking to protect your signup page. You can simply block all Russian, Chinese, etc IPs from every reaching your signup page without blocking them server wide.

- Use two or more separate captcha tests that will be difficult for robots to bypass.

http://www.recaptcha.net/ and custom questions such as "What is the third word in second paragraph on our Terms of Service page?" might be a good start.

- Check the signup IP against DNSBL of known problem and proxy IPs and block access to the page to any known bad IPs.

**Peo** · November 11th, 2011, 17:27

Some good advice there. But I wouldn't make it too hard to sign up as people are kind of tired of all the forms and captcha they have to enter for everything. Out of curiousity, anyone tried requiring signup using facebook connect? I imagine that would reduce spam bots? And it would make it easy to sign up.

**Trel** · November 11th, 2011, 17:41

Originally Posted by Peo

Some good advice there. But I wouldn't make it too hard to sign up as people are kind of tired of all the forms and captcha they have to enter for everything.

MaxMind checking is offloaded to the billing software (WHMCS, Hostbill, Blesta, etc), GeoIP/DNSBL blocking is handled via Apache extensions such as mod_security and mod_httpbl, and the two captcha tests are only shown on one form one time at signup taking an extra 5 - 10 seconds while they read the Terms of Service and Forum Rules. 90% of it is transparent to the user.

Originally Posted by Peo

Out of curiousity, anyone tried requiring signup using facebook connect? I imagine that would reduce spam bots? And it would make it easy to sign up.

Leaving aside Facebook's extremely poor track record on privacy, Facebook's own signup form uses recapthca.net and email address verification. Beyond that there is no additional confirmation at signup. I don't consider the methods mentioned above to be very difficult from a user perspective. Compared to SMS verification for many Google services, copy and pasting a confirmation code from a linked page is simple.

**Peo** · November 11th, 2011, 18:03

Ok, but if you already have a Facebook account you don't have to enter captcha or verify your email.

**TaoPhoenix** · November 11th, 2011, 20:18

Trel's post sounds like it has a lot of info though. I tried to mod him but "have to spread more"

**Seraphim** · November 18th, 2011, 11:12

Incidentally since I posted this, they appear to be coming more frequently. I'm up to 5 a day now, with more and more of them having japanese IPs.

**ttb62** · November 19th, 2011, 23:01

I do not think its bots signing up any more I think it live people. I was getting five of the same sign up put in some java to clear the form fields and some anti spam and the sign ups went way down. blocked some IP's also.

**sander k** · November 21st, 2011, 10:03

What software are you guys using? I don't have any problems with WHMCS, but then I am not a free host.

**Seraphim** · November 21st, 2011, 15:58

Originally Posted by sander k

What software are you guys using? I don't have any problems with WHMCS, but then I am not a free host.

I wrote my own software for this. Going to be giving it another security shakedown soon, since they seem to have found a way into it again.

But I also have my eye on some new coding techniques that I was perfecting over the weekend, so it's possible that I have another solution to this problem.

**ttb62** · November 21st, 2011, 20:58

Just a php contact form. no where near as bad since I clear the form fields on page load. I think they were just hitting the back button and resubmitting.