Pages:
1
2 |
clearly_not_atara
International Hazard
Posts: 2787
Registered: 3-11-2013
Member Is Offline
Mood: Big
|
|
This forum needs more moderators
I mean there's like spam all the time lol
If you don't trust people to be full mods maybe you should just give some users the power to move threads, then they can move it to Detritus but they
don't have "real" mod powers.
|
|
Loptr
International Hazard
Posts: 1348
Registered: 20-5-2014
Location: USA
Member Is Offline
Mood: Grateful
|
|
Yeah, something does need to be done.
I volunteer.
[Edited on 26-7-2018 by Loptr]
[Edited on 26-7-2018 by Loptr]
"Question everything generally thought to be obvious." - Dieter Rams
|
|
MultiplePersonality
Harmless
Posts: 12
Registered: 25-7-2018
Member Is Offline
Mood: PHD Chemist
|
|
Nah, just some limits. Why allow just registered person to post 10 topics at once? Why allow them at all? Why allow any person to post more than 10 or
20 posts a day, or 1 topic a day? Same things that is universal in life, to enjoy, avoid suffering, disease, etc. For example, overeat and you will
suffer. Same rules apply in software, internet, everywhere. Life can be fully enjoyed if we keep it in limits, optimality, reference values. Either
using max value as limit, or min value, or from-to (between min-max). That is only way to enjoy, protect something, not suffer, succeed anything.
Haven't you noticed that it is only 1 or 2 persons, posting 10 topics? Why allow anybody to post that number of topics? 1 per day is enough,
everything else is boredom, spam, trolling. While it would not fully prevent that from happening, it would be optically better.
|
|
TheMrbunGee
Hazard to Others
Posts: 364
Registered: 13-7-2016
Location: EU
Member Is Offline
Mood: Phosphorising
|
|
Yea, I don't really like the idea of 1 new post a day, but it could be like 3.
I could also do some cleaning job. It is really sad that this disease has come to this forum. (At least it looks more active on a quick glance this
way. )
|
|
RogueRose
International Hazard
Posts: 1593
Registered: 16-6-2014
Member Is Offline
|
|
I second the "more mods" or some kind of elevated privildge.
How about we create a sub forum where only trusted members have access, this forum is for reporting spam only. Members would create a thread and in
the body of the thread you could put the member name of the person flooding with spam.
Thread title - Spam report
Body of thread:
Username1
Username2
Username 3
Username 4
etc
Post the thread and then use the "report" function, and in the report section use an indicator like "spam accounts".
Then the program can reference the posting and take all the usernames listed in the thread, add them to the "delete" filter, and all their postings
would get cleaned.
It could be done a few other ways similar to this, but reporting each post, the way we do now is a PITA. I reported close to 40 in the last 2 days
alone and at one point I said F' it, and let about 50+ just stay on the forum b/c I had beter things to do. One poster had about 30-40 postings in 10
mins. How is that possible when I can't even post 3 posts in under 2-3 mins and I get a flood warning.
It seems these spammers have some way to work around this process.
Do we know where these IP's are coming from? It would be interesting to know what c country the spam is originating from.
This is the type of stuff that Congress needs to pass laws about, cyber crimes that effect businesses from outside countries. This may seem like a
"small" issue but it effects thousands of sites.
I would support some kind of sanctions, reduce of aid, etc to countries that allow spammers to operate from their countries and they need to be
penalized for allowing them safe harbor. Some sites went under because of these attacks years back.
|
|
MultiplePersonality
Harmless
Posts: 12
Registered: 25-7-2018
Member Is Offline
Mood: PHD Chemist
|
|
There are limits and rewards for members on most forums, where how much you are allowed depends on how long you've been there, or how many posts you
have, the more the better for you. And it is stupid to do anything manually in this century, imagine having to rotate motor by hand. And when I talk
about limits or quantity it's really sometimes all the difference.
I just went outside it was after rain, good temperature, clean air, no pollen, no animals (insects, snakes...), no heat from which many people die
each year. Much better than having to tolerate sneezing, stings, pain, itching, heat, sweat... That is subjective experience.
But what is objectively or scientifically different there? Only quantity really. Different temperature, pressure, light, number of particles in air,
number of animals, moisture. See how just changing some quanitity or numbers things easily turn from hell to heaven, and vice versa.
That's why I like chemistry, math, and most sciences. Because we can change those parameters, and make heaven artificially.
And it's true in computer world too. In everything. OK, to not go fully off topic, stop here.
|
|
RogueRose
International Hazard
Posts: 1593
Registered: 16-6-2014
Member Is Offline
|
|
If members can be assigned some kind of "trusted" status, then there should be a forum where ALL new members posts go until we know they aren't a
spammer. When a new member makes a thread it goes to "new member section" and then a trusted member can read it and go to the "report" function and
write the pre-determinied word/phrase for "all ok with post", so the opposite from writing "spam" in the report.
Then the thread gets moved to the appropriate forum.
There could also be a field for where they want the thread posted, like Organic Chem.
So it would look like this
Forum - New Members posts
Thread title - How to make Benzene from paper towels
Thread body:-destination forum - Organic Chemistry
So mix paper towels with benzyl alcohol, milk and tomato juice, allow to ferment and distill while adding fermented goat urine. (sorry for bad joke)
/thread
Then when a trusted member see's this thread they report it and in the report box they could write something like:
/verified
/move-to: [forum] Organic Chemistry
I would think some kind of BBC code could be incorperated to allow users to semi-automate the verification of new users and to purge spammers like
this:
Trusted member reports posting
/purge [member]spammer-asshole
/purge [member]spammer-asshole2
etc,
Or as I said, doing this in a thread that only some members have access to, like Detritus. If members post spammers names there, others will know
that they have been reported already. If you need more than one person to report (some members should be trusted enough.........) then they can reply
to the thread with the same /purge [member]spammer-asshole names as well, so the replies could be double verification.
I'm sure everyone is tired, but I'm just throwing ideas out that may be reasonable within this forum software, IDK the limitations.
|
|
j_sum1
Administrator
Posts: 6320
Registered: 4-10-2014
Location: At home
Member Is Offline
Mood: Most of the ducks are in a row
|
|
The spam and trolling has gotten everyone a bit riled.
To the OP, more mods will probably make little difference to the current problem. I don't object to additional mods but the current need is to stop
spam before it hits the board.
The board does suffer from a bit of inertia. Change happens slowly. As far as I can tell, the software is not as flexible as we might like. Which
means that certain combinations of trusted membership, restricting post counts and so forth, these things are not easily possible.
I would love to get a captcha happening. I think that would go a long way to minimising the spam. However, I think that needs Polverone on board.
Sending him a polite U2U might be worthwhile.
|
|
WGTR
National Hazard
Posts: 971
Registered: 29-9-2013
Location: Online
Member Is Offline
Mood: Outline
|
|
How many new members do we get every day? By that I mean real members, not spambots. How about just requiring new members to introduce themselves in
a U2U/email to a mod/admin, to gain posting privileges? A quick search of the message on Google could tell if the intro was copy/pasted from
somewhere else.
I think there are enough moderators overall, although there are many who haven't logged in here for years. Life gets in the way sometimes. Active
mods, though? There are probably enough, but I would volunteer myself as available for general spam cleanup, etc, if that was needed.
|
|
j_sum1
Administrator
Posts: 6320
Registered: 4-10-2014
Location: At home
Member Is Offline
Mood: Most of the ducks are in a row
|
|
We did recently limit new signup to a small number per day and these filled within minutes after the clock ticking over. Genuine new users did not get
a look in.
As far as numbers go. A ballpark figure at present would be less than 10 genuine users and more than 200 spam accounts per day.
|
|
WGTR
National Hazard
Posts: 971
Registered: 29-9-2013
Location: Online
Member Is Offline
Mood: Outline
|
|
Here's a wild idea then; probably poorly developed, but just an idea at this point:
Let's say that clicking on the registration link allows you to register, but also refers you to a thread that explains how to gain posting privileges.
The new member has to send an intro to a U2U member listed in the post to gain privileges, otherwise they only have read access to the forum. This
U2U address would be one that all the mods could access, and could be a throwaway that changes every now and then (if it starts getting spammed).
Limiting read access of the "Members List" to people who are currently signed in could remove any benefit that spammers would gain, of registering
accounts that have spam links in their profiles (since these are currently viewable to non-members, robots, etc.).
|
|
j_sum1
Administrator
Posts: 6320
Registered: 4-10-2014
Location: At home
Member Is Offline
Mood: Most of the ducks are in a row
|
|
What you are suggesting is u2u access only to new users with posting priveleges given on request.
Already proposed, but unfortunately it is apparently not an option with the software as it is currently configured. It would require some coding.
|
|
MultiplePersonality
Harmless
Posts: 12
Registered: 25-7-2018
Member Is Offline
Mood: PHD Chemist
|
|
Let's make conclusion. World (or this board) needs more time, programmers, security, automation, space, smart people, wise people, truth... 5 years
ago I thought I will need 10 m2 space, then I realized it is 100 to 1000 m2. Also most people have no time, or don't know hot to properly use time, to
save some time for unfinished business. Polverone? Time is eluding me every single day, seriously, I can't do anything, even simple task like wash my
hands.
|
|
streety
Hazard to Others
Posts: 110
Registered: 14-5-2018
Member Is Offline
|
|
There is plenty of spam but it only hangs around for a few hours before getting deleted. The mods seem to be doing a fantastic job for the moment and
hopefully the situation will be resolved before the burnout.
Between the 'Tired of reporting spam' thread and here there is no shortage of good ideas. The issue had been implementing them, i.e. writing the code
to implement them. I was able to implement a captcha question in a few hours. If that is insufficient I'm happy to work on other ideas.
The bottleneck now is getting the new code deployed on the server. As j_sum1 indicates that needs Polverone.
A more interesting question is how we might limit the spam, and the work required by the mods, without altering the code running the site if Polverone
remains unavailable for a while. That will take some thought but something might be possible.
|
|
Loptr
International Hazard
Posts: 1348
Registered: 20-5-2014
Location: USA
Member Is Offline
Mood: Grateful
|
|
Who here is capable of coding? The forum software language is PHP. I am a software engineer. If you guys come up with a plan, and I agree to it, then
I can make the changes. Anyone else willing to help can join in.
I think there is a VM of the Site somewhere here. I think Polverone also has a Github repo with the forum software committed.
Do we still make backups frequently?
[Edited on 26-7-2018 by Loptr]
EDIT: I offered to Polverone to make some changes to apache rewrite filters to redirect the HTTP site to the HTTPS site, but I never got around to it
for some reason. It was just a matter of writing some regular expressions. I can still do it.
[Edited on 26-7-2018 by Loptr]
From Polverone (while back):
Quote: | Quote: | Could we deprecate http and force https? Also, a filter would have to be in place to redirect the /talk/ addresses in the forum to /whisper/, which I
have to manually do every time I click on a link pretty much.
Any issues with that, other than man hours?
|
I would like to do that. I would also start using a "real" signed HTTPS certificate instead of sticking with self-signed certs that always set off
warnings in browsers.
The trickiest part is setting up the redirects. A year or two past I tried to set up Apache rewrite rules to do the trick but was unsuccessful. If you
can figure it out I would be grateful.
I need to rewrite every URL of the form:
http://www.sciencemadness.org/talk/viewthread.php?params=bla...
To:
https://www.sciencemadness.org/whisper/viewthread.php?params...
It seems like it should be simple, but I was unable to do it the last time I tried. |
[Edited on 26-7-2018 by Loptr]
[Edited on 26-7-2018 by Loptr]
"Question everything generally thought to be obvious." - Dieter Rams
|
|
streety
Hazard to Others
Posts: 110
Registered: 14-5-2018
Member Is Offline
|
|
Way ahead of you.
https://www.sciencemadness.org/whisper/viewthread.php?tid=16...
Quote: Originally posted by streety | I believe I now have a simple captcha question implemented.
The steps needed to add this to the forum are:
1) Merge in the pull request on github: https://github.com/mattbernst/xmbforum/pull/1
2) Copy member.php and templates.xmb to the forum (these are the only files changed)
3) Restore the templates cache by going to the Administration panel, then templates under 'look & feel', clicking 'Restore all' and then 'yes'
4) Add the questions to the database by going to Administration panel, then 'insert raw sql' under 'database tools' and submitting the sql query in
the attached file
|
If you're up for getting the virtual machine running from the backup and providing a code review that would be useful.
|
|
Loptr
International Hazard
Posts: 1348
Registered: 20-5-2014
Location: USA
Member Is Offline
Mood: Grateful
|
|
Quote: Originally posted by streety | Way ahead of you.
https://www.sciencemadness.org/whisper/viewthread.php?tid=16...
Quote: Originally posted by streety | I believe I now have a simple captcha question implemented.
The steps needed to add this to the forum are:
1) Merge in the pull request on github: https://github.com/mattbernst/xmbforum/pull/1
2) Copy member.php and templates.xmb to the forum (these are the only files changed)
3) Restore the templates cache by going to the Administration panel, then templates under 'look & feel', clicking 'Restore all' and then 'yes'
4) Add the questions to the database by going to Administration panel, then 'insert raw sql' under 'database tools' and submitting the sql query in
the attached file
|
If you're up for getting the virtual machine running from the backup and providing a code review that would be useful. |
I'm pulling down the OVA file now for the latest backup. I will take a look at your PR tonight. I left an intro comment in the PR on Github.
"Question everything generally thought to be obvious." - Dieter Rams
|
|
JJay
International Hazard
Posts: 3440
Registered: 15-10-2015
Member Is Offline
|
|
Oh, I can program. I should probably grab the OVA too....
|
|
unionised
International Hazard
Posts: 5126
Registered: 1-11-2003
Location: UK
Member Is Offline
Mood: No Mood
|
|
As a bit of an aside, could someone please clarify the "automatic" process for getting rid of spam once it's reported by members?
Does anyone's reporting a post as spam have the same "weight" in terms of thee system deleting it?
Is the process automatic, or does a real live person have to agree with it?
Would it be more efficient if, for example, we all agreed to report the first 3 bits of spam from a given user - I suspect that at the moment people
report the ones they notice first.
If I report posts 1,2 and 3. someone else reports 4,5 and 6 and a third person reports 7,8 and 9 does the system notice that the poster is a spammer?
Is there some (deliberate) delay between people reporting spam and it being deleted- does the system only sweep out the trash every hour or something?
|
|
Loptr
International Hazard
Posts: 1348
Registered: 20-5-2014
Location: USA
Member Is Offline
Mood: Grateful
|
|
Quote: Originally posted by unionised | As a bit of an aside, could someone please clarify the "automatic" process for getting rid of spam once it's reported by members?
Does anyone's reporting a post as spam have the same "weight" in terms of thee system deleting it?
Is the process automatic, or does a real live person have to agree with it?
Would it be more efficient if, for example, we all agreed to report the first 3 bits of spam from a given user - I suspect that at the moment people
report the ones they notice first.
If I report posts 1,2 and 3. someone else reports 4,5 and 6 and a third person reports 7,8 and 9 does the system notice that the poster is a spammer?
Is there some (deliberate) delay between people reporting spam and it being deleted- does the system only sweep out the trash every hour or something?
|
I believe it just notifies the mods. If you look at your U2U outbox you will see the reported post messages.
As far as I can tell, streety has an implementation of captcha for the registration page.
Gotta love in-line SQL...
[Edited on 26-7-2018 by Loptr]
"Question everything generally thought to be obvious." - Dieter Rams
|
|
unionised
International Hazard
Posts: 5126
Registered: 1-11-2003
Location: UK
Member Is Offline
Mood: No Mood
|
|
I believe there's some automated element.
I'd really like to hear from someone who actually knows.
|
|
JJay
International Hazard
Posts: 3440
Registered: 15-10-2015
Member Is Offline
|
|
Quote: Originally posted by Loptr |
As far as I can tell, streety has an implementation of captcha for the registration page.
Gotta love in-line SQL...
|
I'll take a look at it.
|
|
streety
Hazard to Others
Posts: 110
Registered: 14-5-2018
Member Is Offline
|
|
I did wonder about that automated script myself. The admin interface in the virtual machine backup doesn't suggest there is any automated deletion
system and a quick look through the code didn't reveal anything either. It's possible the virtual machine doesn't include that functionality.
Implementing/replacing an automated spam deletion script could potentially be done without needing to modify the code on the site. If the admins/mods
would be willing to set up a server somewhere[0] we could create a script that every 5 minutes logged in with their credentials, or the credentials of
a newly created account, and swept out any new spam.
[0] This would cost ~$2/month. I'm sure many users, including myself, could host this for free but that's a bad idea from a security perspective.
[Edited on 26-7-2018 by streety]
|
|
Vosoryx
Hazard to Others
Posts: 282
Registered: 18-6-2017
Location: British Columbia, Canada
Member Is Offline
Mood: Serial Apple Enjoyer
|
|
I agree that we need more mods. Even if the spam posts still get made, if there are enough mods around to delete them as soon as they come up then
they will eventually get discouraged and give up.
I'll help if I can.
"Open your mind son, before someone opens it for you." - Dr. Walter Bishop
|
|
woelen
Super Administrator
Posts: 8013
Registered: 20-8-2005
Location: Netherlands
Member Is Offline
Mood: interested
|
|
Spam bots never will get discouraged. They just post their spam and do not bother anymore about their "offspring".
The real problem is not really the number of active moderators, but it is the old software we are using. This software cannot cope with the modern
internet anymore.
Several good ideas were posted in this thread, but none of them can easily be implemented with the standard forum software.
The spam-deletion script we have now is activated every few minutes. It looks for reports of spam by one of the moderators or admins. If a post is
reported as spam, and the account which did the post is sufficiently recent, then all posts of that account, all associated U2Us about that spammer
and finally the account itself are removed. The check on the age of the account is added to avoid accidental deletion of regular users who have been
around for a while already. This mechanism works very good and makes removal of spam very simple. Just with two or three clocks we can remove a
spammer and all its posts.
Since a few weeks, however, it seems that the removal of U2Us about the spam are not removed or are only removed under some specific circumstances and
this leads to enormous amounts of reporting U2Us in the moderator's and admin's U2U boxes. Removing all those U2Us at the moment is more work than
removing actual spam. We need Polverone to have a look at this. At them moment of writing I again have 170 U2Us in my inbox. This also is the reason
why moderators may miss some regular U2Us from other members. When wading through all those 100s of U2Us it easily happens that one too much is
removed.
|
|
Pages:
1
2 |