Sciencemadness Discussion Board
Not logged in [Login ]
Search the forums Search   Frequently Asked Questions FAQ   View member list Member List   Today's Posts Today's Posts   Forum Stats Stats Back to: sciencemadness.org
Sciencemadness Discussion Board » Non-science » Forum Matters » Fighting against spambots, IP banning is not effective Go To Bottom

Printable Version  
Author: Subject: Fighting against spambots, IP banning is not effective
Oxirane
Hazard to Self
**



Posts: 92
Registered: 19-9-2014
Member Is Offline

Mood: No Mood

[*] posted on 28-9-2014 at 09:38
Fighting against spambots, IP banning is not effective

If you want to fight against general bots, add a simple question or a task to the registration form. Most bots currently do not handle those. Questions would be simple like how many legs does a horse have, who is the president of usa or stuff like this. Changing the questions or making tricks that humans understand will prevent the more advanced ones too.

Please do not ban IP:s or IP ranges. I am accessing this site via tor network and I have found that many nodes have been listed. Unless you're gonna ban all of the thousands of ever-changing nodes, do the registration trick.

[Edited on 28-9-2014 by Oxirane]
View user's profile View All Posts By User
kmno4
International Hazard
*****



Posts: 1502
Registered: 1-6-2005
Location: Silly, stupid country
Member Is Offline

Mood: No Mood

[*] posted on 28-9-2014 at 15:54


Fighting against spambots, IP banning is not effective
Of course, I agree.
The ONLY REASON that these "bots" like SM is possibility of posting links (in posts or in BIO in their profiles). Efficient blocking of this possibility would give good effects. But it seems that administration has completely different point of view and prefers statistical method of detecting/deleting of this kind of spam + IP banning.

[Edited on 28-9-2014 by kmno4]



Слава Україні !
Героям слава !
View user's profile View All Posts By User
franklyn
International Hazard
*****



Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 28-9-2014 at 16:59
S E E . H E R E

http://www.sciencemadness.org/talk/viewthread.php?tid=26252&...
View user's profile View All Posts By User
Polverone
Now celebrating 21 years of madness
*********



Posts: 3186
Registered: 19-5-2002
Location: The Sunny Pacific Northwest
Member Is Offline

Mood: Waiting for spring

[*] posted on 28-9-2014 at 20:03


Now when non-administrators view the member list they will not see zero-post profiles. Nor will zero-post members appear in the 'members who have visited today' list. This should make profile and bio spammers invisible to search engines and ordinary users. Spammers who actually post are easier to automatically eliminate, so this should cut down on spam activity.

EDIT: and I cleared the IP ban list too.

[Edited on 9-29-2014 by Polverone]



PGP Key and corresponding e-mail address
View user's profile Visit user's homepage View All Posts By User
Oxirane
Hazard to Self
**



Posts: 92
Registered: 19-9-2014
Member Is Offline

Mood: No Mood

[*] posted on 29-9-2014 at 01:06


Good, thanks. I host some forums myself and I have found IP banning zero effective. Spambots are nowadays basically programmed to change IP servers between every task, and also many users(especially mobile customers) have unlocked IP:s nowadays and they change everytime they disconnect. I have found myself banned from forums and sites I've never visited before and had to notice the admins about the issue.

I remember there was manual activation in use few years ago. This may cause grey hairs to admins because they will find hundreds of activation posts and they must manually search the legit users from the never-ending spambots. And it is damn difficult to distinguish legit users from bots because just about any name can look bot or no-bot.

I have found the "stupid-question" Q&A-task most effective. The autospamming stopped dead cold and I have had only two incidents of spam since last 3 years and I believe they were real human farmers.
View user's profile View All Posts By User
gdflp
Super Moderator
*******



Posts: 1320
Registered: 14-2-2014
Location: NY, USA
Member Is Offline

Mood: Staring at code

[*] posted on 29-9-2014 at 03:49


What is going on here, the post number looks contradictory?



Screenshot.jpg - 166kB
View user's profile View All Posts By User
Haber
Harmless
*



Posts: 40
Registered: 13-4-2014
Location: Thule
Member Is Offline

Mood: No Mood

[*] posted on 29-9-2014 at 05:55


I agree completely with Oxirane.

Or just put a captcha on the registration page! Im not trying to be offensive but how hard can it be?
Or am I missing something obvious?
View user's profile View All Posts By User
Oxirane
Hazard to Self
**



Posts: 92
Registered: 19-9-2014
Member Is Offline

Mood: No Mood

[*] posted on 29-9-2014 at 06:52


Altering the registration page code can be PITA if the forum software does not support it. It must be installed to the software, otherwise it is only cosmetic addition and registration can be carried out without filling it. I understand the admin when this is the case, it took me a year to fix a simple problem until I found the script codes. Maybe this is one of the reasons why there is discussion on updating SM software to a newer one?
View user's profile View All Posts By User
Loptr
International Hazard
*****



Posts: 1348
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

[*] posted on 29-9-2014 at 07:16


A Guide to Combating Spam on a Simple Machines Forum
http://www.simplemachines.org/community/index.php?topic=4527...

They talk about using captcha and quizzes.

I personally think quizzes would be a good idea, which can't easily be overcome by addition of widely available and open-source OCR libraries.

Again, I am sure Polverone is well aware of the options.
View user's profile View All Posts By User
kmno4
International Hazard
*****



Posts: 1502
Registered: 1-6-2005
Location: Silly, stupid country
Member Is Offline

Mood: No Mood

[*] posted on 4-10-2014 at 03:13


Quote:

Or just put a captcha on the registration page! Im not trying to be offensive but how hard can it be?
Or am I missing something obvious?


Quote: Originally posted by Polverone  
I'm not going to make people take a chemistry quiz to join. I'm not going to require every new member to get manual approval before posting. This has been suggested many times before and I'm not going to do it.
(...)
I have disabled captchas for registration because legitimate members or would-be members found them frustrating to solve.

Nothing more to say
As I have written earlier, spammers' goal is posting https(s) links in their personal profiles or main board. It is enought to disable possibility of posting any links by new users for a week (or something like this). When a spammer tries to post it by force, several times, his account will be suspended/deleted automatically.

Just some script detecting "http://" phrase anywhere in post or profile and warning (for new users) not to post links during few days.
Seems doable, but I do not know if doable for this aged forum soft.

It is just an option, I am not going to write more post in this and similar ridiculous threads.



Слава Україні !
Героям слава !
View user's profile View All Posts By User
hyfalcon
International Hazard
*****



Posts: 1003
Registered: 29-3-2012
Member Is Offline

Mood: No Mood

[*] posted on 4-10-2014 at 03:20


Active outside links are the problem. If everyone would post their links using BB Code,
Code:
Text here
, you can still communicate your information without an active outside link. Then look for new posts with active links and kill them.
View user's profile View All Posts By User

 Sciencemadness Discussion Board » Non-science » Forum Matters » Fighting against spambots, IP banning is not effective   Go To Top