I've been suffering this on all my PHP Fusion sites, even one that doesn't have a credit to PHP Fusion on the bottom of the page. However, I have some observations to make about this spamming which may help provide a solution: -100% of the spam comes from members registered at a .info address, but none of my legitimate members have .info addresses. If there's a way to block all registrations using a .info email address, that would kill all of the current spam registrations. I would love to see this feature available, it would be quick and easy and end (until they use a different TLD) all the spam. -If you set the membership to be admin approved, the spammers never get through because they're always something in the form name11111 and very easy to spot. -The domain of a spammer's email address looks like it's fake and autogenerated, but it isn't. All of the domains used by the spammer are real, you can check them on a WHOIS service. One of them I checked was registered to "Mike Tyson Boxer" so they've clearly faked the name when registering the domains. The links in the spammers' actual spam are often hosted by these domains as well. If you add that domain to the blacklist it will prevent any more registrations from that domain. If the number of domains run by the spammers is small, we could assemble a list of spammer domains on here and people could preemptively block them on their blacklists. Some domains have been reused by spammers on different sites before I blocked them, which suggests the number of domains they own is limited. Here's all the domains I've spotted so far: aacwmrzb.info cwwsjxsk.info ftajpqsj.info hpfnro.info ijzezd.info jaqois.info kspdtd.info ktimpwi.info kxqvtjv.info mrfcju.info npqisc.info pqiiip.info uxvvlhtw.info vflnesac.info vjzaar.info wzllgqv.info ydsqdiyf.info zbzdpmss.info zfkvtrs.info

If I set a custom page as my front page, PHP Fusion won't display the Forum Threads panel. Latest Forum Threads works, and Forum Threads works if I use a non-custom page like news.php, but the custom page seems to mess things up somehow. Using a custom page as the front page also prevents the welcome message being shown.

I've recently had literally thousands of spam messages posted as comments on my site. They have to have been generated by bots, no human could have posted so many messages. The problem seems to be that the image validation code can be read by bots, is there any way to make it more challenging for them? I've tried using email validation in the past, but that causes more problems than it solves. Many people who tried to register said they didn't receive the confirmation mail, and I suspect it's often ended up in people's spam bins without them noticing.

As Wanabo says, just delete the user from the user admin control panel. It instantly removes all of their comments. If they've posted that many, they deserve to have their account deleted anyway.

Sounds extremely dodgy...

Sometimes the search function finds results correctly, says they're found, but doesn't actually display them. One condition for such an error is if the search terms and article titles both have brackets () in them, but I think there are other conditions too. Also, a more minor bug is that sometimes results are spaced apart, sometimes they aren't, and sometimes it's a combination of the two.