Start by using reCAPTCHA, fail2ban, and nginx to block 70-80% of spammers, most of whom are bots. While AI solutions can be expensive, free tools can be a good starting point. I’m also developing an AI Antispam module via API, which will be more affordable depending on usage, but there are limited options available at the moment. In the meantime, you can manually moderate the spam, especially if it isn’t too frequent, until you can invest in AI.

With nginx, fail2ban, and an IP list, you can block registrations from countries outside your target audience while still allowing users to sign up via invitation or if they already have an account. However, setting this up requires a solid understanding of nginx and some coding skills. You can import spammer IP lists into nginx using Lua, or consider more advanced solutions like Tengine, a feature-rich fork of nginx, or OpenResty, which offers a wide range of additional modules for more powerful and flexible configurations.

Writing recipes and filters for Fail2Ban is quite straightforward. Since you already have an account with Coozila! AGI, you can copy the access and error logs from /var/log/nginx/ and provide them to Hypatia for analysis. Request Hypatia to create recipes for the different types of attack patterns identified in the logs. This way, you can manually filter out what no module can handle. It requires some effort, but you can develop very effective filters.