A while ago I launched an online forum on my site. The spam problem eventually became so great that I closed off adding any new members and just let the site sit.
The spam was really ridiculous. I tried using captchas and other things, but the bots are just too smart. Nothing worked.
Last week, on a whim I revisited the forum and decided to upgrade the vBulletin software that was running on it.
I screwed up and accidentally deleted everyone’s account and all the old posts. I was pretty frustrated at what I had done, so I just left the forums alone because I was heading off to the Galapagos Island for several days.
Someone later posted a hint for checking to see if your site was hacked. I did a Google search for “Site:everything-everywhere.com viagra” and sure enough something came up….and it was a forum post. I thought I had killed all the posts.
It turns out in those few days when I was in the Galapagos, over 15,000 spam comments were posted to the forum. FIFTEEN THOUSAND!!! Porn, gambling, viagra, you name it, it was on the forum.
Needless to say, the bots were hitting my forum hard even though it had been offline for months.
I went in, deleted all the users and all the posts. I then tried to set up some of the built-in anti-spam protection, which didn’t do so well last time.
I noticed that the new version of the software had a new option. Instead of using captchs, you could ask a simple question. This time, I stayed away from the captchas and asked users: Which is bigger, 7 or 77?
The spam completely stopped. 100%. If I go to the forum now, I can see many bots still hitting the server, but they can’t register anymore.
I was amazed at how effective asking a simple question could be against bots. Moreover, if bots should ever figure it out, I just have to change the question to something simple and it will probably work again.