Oxirane
Hazard to Self
Posts: 92
Registered: 19-9-2014
Member Is Offline
Mood: No Mood
|
|
Fighting against spambots, IP banning is not effective
If you want to fight against general bots, add a simple question or a task to the registration form. Most bots currently do not handle those.
Questions would be simple like how many legs does a horse have, who is the president of usa or stuff like this. Changing the questions or making
tricks that humans understand will prevent the more advanced ones too.
Please do not ban IP:s or IP ranges. I am accessing this site via tor network and I have found that many nodes have been listed. Unless you're gonna
ban all of the thousands of ever-changing nodes, do the registration trick.
[Edited on 28-9-2014 by Oxirane]
|
|
kmno4
International Hazard
Posts: 1503
Registered: 1-6-2005
Location: Silly, stupid country
Member Is Offline
Mood: No Mood
|
|
Fighting against spambots, IP banning is not effective
Of course, I agree.
The ONLY REASON that these "bots" like SM is possibility of posting links (in posts or in BIO in their profiles). Efficient blocking of this
possibility would give good effects. But it seems that administration has completely different point of view and prefers statistical method of
detecting/deleting of this kind of spam + IP banning.
[Edited on 28-9-2014 by kmno4]
Слава Україні !
Героям слава !
|
|
franklyn
International Hazard
Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline
Mood: No Mood
|
|
S E E . H E R E
http://www.sciencemadness.org/talk/viewthread.php?tid=26252&...
|
|
Polverone
Now celebrating 21 years of madness
Posts: 3186
Registered: 19-5-2002
Location: The Sunny Pacific Northwest
Member Is Offline
Mood: Waiting for spring
|
|
Now when non-administrators view the member list they will not see zero-post profiles. Nor will zero-post members appear in the 'members who have
visited today' list. This should make profile and bio spammers invisible to search engines and ordinary users. Spammers who actually post are easier
to automatically eliminate, so this should cut down on spam activity.
EDIT: and I cleared the IP ban list too.
[Edited on 9-29-2014 by Polverone]
PGP Key and corresponding e-mail address
|
|
Oxirane
Hazard to Self
Posts: 92
Registered: 19-9-2014
Member Is Offline
Mood: No Mood
|
|
Good, thanks. I host some forums myself and I have found IP banning zero effective. Spambots are nowadays basically programmed to change IP servers
between every task, and also many users(especially mobile customers) have unlocked IP:s nowadays and they change everytime they disconnect. I have
found myself banned from forums and sites I've never visited before and had to notice the admins about the issue.
I remember there was manual activation in use few years ago. This may cause grey hairs to admins because they will find hundreds of activation posts
and they must manually search the legit users from the never-ending spambots. And it is damn difficult to distinguish legit users from bots because
just about any name can look bot or no-bot.
I have found the "stupid-question" Q&A-task most effective. The autospamming stopped dead cold and I have had only two incidents of spam since
last 3 years and I believe they were real human farmers.
|
|
gdflp
Super Moderator
Posts: 1320
Registered: 14-2-2014
Location: NY, USA
Member Is Offline
Mood: Staring at code
|
|
What is going on here, the post number looks contradictory?
|
|
Haber
Harmless
Posts: 40
Registered: 13-4-2014
Location: Thule
Member Is Offline
Mood: No Mood
|
|
I agree completely with Oxirane.
Or just put a captcha on the registration page! Im not trying to be offensive but how hard can it be?
Or am I missing something obvious?
|
|
Oxirane
Hazard to Self
Posts: 92
Registered: 19-9-2014
Member Is Offline
Mood: No Mood
|
|
Altering the registration page code can be PITA if the forum software does not support it. It must be installed to the software, otherwise it is only
cosmetic addition and registration can be carried out without filling it. I understand the admin when this is the case, it took me a year to fix a
simple problem until I found the script codes. Maybe this is one of the reasons why there is discussion on updating SM software to a newer one?
|
|
Loptr
International Hazard
Posts: 1348
Registered: 20-5-2014
Location: USA
Member Is Offline
Mood: Grateful
|
|
A Guide to Combating Spam on a Simple Machines Forum
http://www.simplemachines.org/community/index.php?topic=4527...
They talk about using captcha and quizzes.
I personally think quizzes would be a good idea, which can't easily be overcome by addition of widely available and open-source OCR libraries.
Again, I am sure Polverone is well aware of the options.
|
|
kmno4
International Hazard
Posts: 1503
Registered: 1-6-2005
Location: Silly, stupid country
Member Is Offline
Mood: No Mood
|
|
Quote: |
Or just put a captcha on the registration page! Im not trying to be offensive but how hard can it be?
Or am I missing something obvious? |
Quote: Originally posted by Polverone | I'm not going to make people take a chemistry quiz to join. I'm not going to require every new member to get manual approval before posting. This has
been suggested many times before and I'm not going to do it.
(...)
I have disabled captchas for registration because legitimate members or would-be members found them frustrating to solve. |
Nothing more to say
As I have written earlier, spammers' goal is posting https(s) links in their personal profiles or main board. It is enought to disable possibility of
posting any links by new users for a week (or something like this). When a spammer tries to post it by force, several times, his account will be
suspended/deleted automatically.
Just some script detecting "http://" phrase anywhere in post or profile and warning (for new users) not to post links during few days.
Seems doable, but I do not know if doable for this aged forum soft.
It is just an option, I am not going to write more post in this and similar ridiculous threads.
Слава Україні !
Героям слава !
|
|
hyfalcon
International Hazard
Posts: 1003
Registered: 29-3-2012
Member Is Offline
Mood: No Mood
|
|
Active outside links are the problem. If everyone would post their links using BB Code, , you can still communicate your information without an active outside link. Then look for new posts with active links and kill them.
|
|