Domoticz

The last one is hxw8groax who is spamming a lot the entire forum....

can we add a much more secure authentication against bots and spammer?

something like a CAPTCHA to the unknown users? (less than 100messages or manually flagged by admin as a certified user....)
this could help to avoid spammers and help the admis that would need to clean their mess

ciao
M

I highly support this...

Did ask about this before, never heard anything about it. Tehre is a simple plugin for PHPbb forum software from stopforumspam.net, which is working great., but ist's for the admins to decide to use it. For now I'm jius reporting posts

thanks all! we will check it for sure.

Suggestion...

1) A pfSense firewall running Snort with the commercial rules (https://www.snort.org/products) needs to sit in front of the web server. This will stop a HUGE number of malicious IP's from ever reaching the forum and attempting to leave spam. This is probably the number one most effective thing that could be done. The admin will need to monitor the implementation and whitelist certain rules that cause problems as necessary.

2) Apache Mod_Security should be implemented with the OWASP Core Ruleset, again the admin will need to go through the logs and whitelist rules as needed.

I think the above two points should solve > 95% of the issues we are seeing with spam and significantly improve the forum and wiki's security, captcha's are not as effective as they used to be unfortunately.