I dropped the older, convoluted registration anti-spam method for a ReCaptcha module. Registration seems to work fine.
Given that ReCaptcha is not 100% secure, we'll see how this goes...
And a user named Test5 alrady started to manipulate the Wiki Main page. It was only a test, but be carefull... it will strike soon. Be scared....
Test5? Ohhh you mean the test account I created to see if the system catches external links! :D
Yeah. Basically ever since I re-enabled signups without having to approve each new user, we got 19 spam accounts created in less than two days. Two or three of them managed to post spam, too. And this, despite a ReCaptcha module being in place.
So what I did was to block a long list of known 'bad' addresses originating in China in .htaccess (spam accounts were exclusively posting from IPs in China and the US), and switched the ReCaptcha module for one serving out custom questions.
At the moment the questions have to do with the amount of memory in a 464 and a 6128, but I'm worried that this may drive away legitimate users as well. So, can you think of any alternative questions?
Cheers
T