Originally Posted by MadMorbius
There's a simple fix to keep spambots out. Put the entire site behind simple authentication /htaccess. Doesn't matter if it's a shared username / password, but the bots will hit the auth page and won't be able to go beyond it unless someone tells the bot the password.
Intrusive perhaps, but desperate times....note that this will also stop web crawlers from indexing the site. So if that's a problem, perhaps it's not the right solution.
Not feasible for ASC, too much work for the other sites with phpbb; I've just disabled the insecure forums, they weren't even being used.