Question

how to stop spam posting from auto-boot spyders, spam users registred by boot spyders. I aded captha and still registred fake users on my qa website, wtf is with this script? i have many post from fake users with captha active.

Comments

Captcha is useless these days. If you really want to avoid spam add mobile otp verification or some email verification which is custom built for your site. Otherwise let the spammers come and use mass delete feature to delete them. Spam posting can be avoided by activating moderation approval for posts.

Answer 1

Captchas help with spam protection, but they are not a silver bullet that would magically defeat all spammers. The most significant drop in spam account creation I noticed when I changed SSH access to my server to whitelist. On top of that I'm using ReCAPTCHA and a plugin for blocking particular usernames, e-mail addresses, or domains from registering accounts. That reduced the spam account creation rate to a manageable number (5-10 per week). But still, fighting off spammers remains a continuous effort. At least until shooting spammers on sight becomes legalized.