Just had about 38 bot accounts and posts sign up and spam in the space of 30 mins

Hi, forum is idmforums.com

We have nipped it in the bud quickly, but the numbers were increasing so rapidly that we had to disable new user signups till we can figure out why it’s happening and prevent it. We are running 3.5.0.beta8-dev and about 2 weeks ago enabled OAuth from discord, but that is limited to our guild only. So, I don’t think it’s that as we would have seen the same bot accounts on the Discord server.

We are working on updating some of our post filtering for first time posters right now. Going to use these messages and their content to build up some “words and phrases” to use as auto flagging. Any ideas or tips to filter this type of thing from happening?

Have you read Tips for Preventing Spam? Maybe the capcha plugin would help in your case?

Thank you, yes we employ most of these tactics already. Not the captcha plug-in though.

Problem was that the bot accounts were coming from different IP addresses

Have you checked if they coming from the same region? If so, you might be able to block at least some of them (assuming you don’t have regular users in that part of the world), either using the geo-blocking plugin or directly with something like geoip-shell.

I’ll have a look, thanks!

It says that hcaptcha is bundled with discourse core. I don’t see it anywhere in our plugin list and I don’t see any git repo to add to the app.yml file. We are self hosted.

Any ideas?

Try updating your forum, the plugin was included in core a few days ago.

When did you last update your forum?

28th June. It’s not currently saying an update is available, I might have to do a rebuild.

Did the rebuild, got the hCaptcha plugin. happy days. Thanks!