About a week ago, I was so surprised to see my inbox full of email notifications. A total of 344 registrations were made to my site while I was asleep. I immediately suspected to be spam registrations because I saw a pattern. All of the email addresses that were being used has a two digit number after their name. I thought this was nothing to be worried about and soon it will stop. But all day long my Phone kept on showing notifications after notifications that I have a new user registration. I told myself this has to stop. I was worried my hosting provider might call my attention because of traffic spikes. I couldn't believe Google Recaptcha can't subdue these spam registrations. So I disabled my registration page. I searched Google for solutions. I read article after article suggesting to use various wordpress plugins. I also read suggestions in using certain forms that can deter spam but I guess it won't work for me because my registration page was customized with the theme I was using. Then I read an article to adjust the difficulty of Google Recaptcha to maximum which I did. After that, I enabled my registration page and waited. It didn't took a minute, two email notifications came in saying I have two new users. Then 10 users, then 15 users within 10 minutes. I guess it didn't worked so again I disabled my registration page. Then something dawned upon me. During the era before the Penguin and Panda updates, software like "Sick Submitter" and Xrummer were good at scraping registration pages where the software could register and drop links. Some would even scraped registration pages to make a living. They would scrape forum registration pages and sell these URLS to webmasters who are using software to register and drop links. I then realized that the URL of my registration page has been scraped and now it is being used by who knows how many of them that uses software to register. So I immediately changed the URL of my registration page which could easily be done in the pages section, I'm using wordpress by the way. Original URL: http: //website.com/registration New URL: http: //website.com/registration-2 After changing the URL, I adjusted my internal links, enabled my registration page and waited. And to my surprise the spam registrations stopped. I received a couple of registrations after an hour but they were valid. So for those who are having the same problem as I did, hopefully this solution will help you stop these annoying registrations. Thank you.
One way would be to generate a timestamp when someone access the registration form, then when they submit the form, generate another timestamp. You then check the interval/elapsed time between the timestamps, and if it's below a certain time (too quick) then deem that registration attempt to be a possible bot. Reject it but give the user a generic "oh crap something went wrong" error
That's good to hear, and thanks for sharing. This will serve as a reference. BTW, you said that your business niche is about garage sale, is this local only?
It's an interesting idea. In this case, fake users can be removed. Some people register on the forums just for advertisement.