Since I launched my pligg site 2 years ago, spammers kept signing up and posting their trash links... even with Akismet and the captcha, they are still able to go through... how is this possible? What is the best way of making my Pligg-site spam-free? I am using Pligg 9.9.5 with these modules: Akismet 0.4 Submit Antispam Addon 0.1 I am really clueless as what I am supposed to do now... if these spammers can go through the captcha, akismet and the antispam addon, how can they be stopped???
First, the Pligg captcha is known to be useless ... As an example, there was a Pligg 9.9.0 vulnerability that allowed a remote user to get the clear text behind the captcha: if the captcha image was: http://www.mypliggisgonnagetspamed.net/ts_image.php?ts_random=54771854, then the clear text can be found using code similar to this: <?php $sitekey=82397834; $ts_random=$_REQUEST['ts_random']; $datekey = date("F j"); $rcode = hexdec(md5($_SERVER['HTTP_USER_AGENT'] . $sitekey . $ts_random . $datekey)); print substr($rcode, 2, 6); ?> Code (markup): Bottom line is you should try to change your captcha from default to Whitehat or reCaptcha and remove ts_image.php.
You can also add another field to the registration form- something like "type the first 4 letters of the alphabet"- this has been very effective for my forum
I haven't had the same trouble with spammers, but then again my pligg powered site (lensroll.com) is set up to only allow submissions with links to squidoo.com How many legitimate links are being submitted daily and how many spam links?
Don't any of the modules work ? Scarecrow, Askemet, IP Block ? I just got into it (Pligg). Please tell me that they aren't worthless.