PDA

View Full Version : New Users... and spam prevention.



wingnutLP
-15th November 2006, 09:53
The problem of spammers on this board has been getting consistently worse over the last few months. It seems that the spambots are able to "read" the image verification text and register. To try to prevent this new members have to post 10 times before they are able to post any links to external websites. This includes anything including images that begin http://, we are sorry for any inconvenience that this causes.

I hope that this does not cause further problems such as 10 meaningless posts followed by one with a link but if that does start to happen we will have to address it at a later date.

If you have any problems or thoughts or suggestions please feel free to share them here.

Gav
-15th November 2006, 09:55
I'd like to add that if you have signed up to the board to distribute entry forms or other documentation then we (the mods), not to mention the established forum members, will be happy to post them up on your behalf. Please contact us via a private message if you need any help.

Don't forget to report any anomalies you come across.

Steve
-15th November 2006, 13:06
This is problem on nearly every message board I've been on but there's one quite good measure on this board:

Anti-spambots (http://forum.pgmfi.org/profile.php?mode=register&agreed=true)

I know that this mightn't cover you completely but it's a pretty good idea, and I find that ppl tend to get a bit upset when they have to do too many things just to get the same privileges as other members.

nickos
-15th November 2006, 13:11
It also appears that you cannot view any links unless yu are logged in.

Gav
-15th November 2006, 13:51
Nickos,

Can you provide a little more information? I have logged out and had a look at the board. I can browse it adequately as a guest.

wingnutLP
-15th November 2006, 15:40
This is problem on nearly every message board I've been on but there's one quite good measure on this board:

Anti-spambots (http://forum.pgmfi.org/profile.php?mode=register&agreed=true)

I know that this mightn't cover you completely but it's a pretty good idea, and I find that ppl tend to get a bit upset when they have to do too many things just to get the same privileges as other members.

Maybe that is our next effort, lets see how this goes but it is always an option. My concern is that a spam bot may be programmed to post 10 times and then post their link which will end up causing more spam!

There is also the option of trickier character recognition when you register but I have found many of these warp the characters so much that it can take several efforts even for an almost human like me! It can be really off putting eg here: http://www.vbulletin.com/forum/search.php on Vbulletin's very own forum. Refresh the image a few times and I think you will agree that it is not obvious what the characters are.

At the moment the only thing you shouldn't be able to do is post links. Asking questions, replying to posts, starting threads etc... should all be fine for people as soon as they join.

Spider5
-15th November 2006, 15:55
Why don't they animate the registration bitmap images to make it easier for humans to interpret the content but not for machines?

rory
-15th November 2006, 16:20
Animated GIFs still contain still images - just several of them. The spam software would simply have to pick out one of the still images to analyse.

Spider5
-15th November 2006, 16:30
Animated GIFs still contain still images - just several of them. The spam software would simply have to pick out one of the still images to analyse.

I know how they work!

My point is that each frame in an animation can contain a lot less information than a single static image. However, the information contained in say 10-20 frames in an animation can be processed by the brain to recognise a series of characters. My guess is that with current pattern recognition technology, the human brain is still better at doing this than spammers algorithms as they are stuck with looking at each frame in turn.

Unfortunately it's just a question of how long it takes the spammers technology to catch up :upset:

rory
-15th November 2006, 16:34
Indeed.

Perhaps FF should implement a system that requires you to answer some questions that require actual though.

For instance "Reverse the following sequence of characters (AXGYQW), remove the last character in the reversed sequence, and place the results in this text box".

This might also reduce the number of genuine but stupid people who post on the forum - no bad thing!

wingnutLP
-15th November 2006, 16:35
Good point!

Anything that is not a standard system that a bot can be coded for will work so steves suggestion would work as long as not many forums adopted it!

nickos
-15th November 2006, 18:01
Nickos,

Can you provide a little more information? I have logged out and had a look at the board. I can browse it adequately as a guest.

OK Gav, I have this thread open twice, one with me logged in and the other with me as a guest.

wingnutLP's first paragraph in this thread for example appears as follows:

As a guest:

The problem of spammers on this board has been getting consistently worse over the last few months. It seems that the spambots are able to "read" the image verification text and register. To try to prevent this new members have to post 10 times before they are able to post any links to external websites. This includes anything including images that begin To view links in this forum your post count must be 0 or greater. Your post count is 0 momentarily. we are sorry for any inconvenience that this causes.

As a member:

The problem of spammers on this board has been getting consistently worse over the last few months. It seems that the spambots are able to "read" the image verification text and register. To try to prevent this new members have to post 10 times before they are able to post any links to external websites. This includes anything including images that begin http://, we are sorry for any inconvenience that this causes.

The http:// is replaced with the statement "To view links in this forum your post count must be 0 or greater. Your post count is 0 momentarily. we are sorry for any inconvenience that this causes."

nickos

Gav
-15th November 2006, 19:14
Thanks Nickos - that's a great help.

Update: I've logged in with a test account and I can see what you mean. Not sure if this is part of the new anti-spam features or not. I am sure Wingnut and KK can take a look.

nickos
-15th November 2006, 20:23
Hi Gav,

The email address in UglyBug's first post in the Refereee Ranking List thread are also replaced for guests.

However, the links in members signatures display OK, for example madfencer's www.sarniaswordclub.com

nickos

wingnutLP
-16th November 2006, 08:18
Strange, a 0 should turn the feature off! I have modified the setup to exclude all groups so it should now work fine for everyone.

Gav
-18th November 2006, 11:57
http://fencingforum.com/forum/showpost.php?p=157989&postcount=2

According to that post new members cannot PM at present. This will be looked into.

TLove
-20th November 2006, 20:05
Why don't they animate the registration bitmap images to make it easier for humans to interpret the content but not for machines?

I'm not really aware of any spambots that have the OCR technology that would be required to interpret the maximum perturbed CAPTCHA images that vbulletin can require for verification.

Having said that, there is a vbulletin hack (on vbulletin.org I think) that allows for rory's suggestion of asking users questions instead of using CAPTCHA.

wingnutLP
-21st November 2006, 08:26
The GD image verification library that VB uses as standard seems to be readable by bots... maybe an update to a new version would help?

AT the moment it seems as if teh inability to post links seems to have done the trick.

wingnutLP
-21st November 2006, 08:27
BTW PM's have bene fixed.

TLove
-21st November 2006, 12:23
The GD image verification library that VB uses as standard seems to be readable by bots... maybe an update to a new version would help?

AT the moment it seems as if teh inability to post links seems to have done the trick.

Check the image verification I use at ulufencing.net

It's a lot more perturbed than you have here. I'm running 3.6 though :)

TLove
-21st November 2006, 13:13
Also installed projecthoneypot.org to catch spambots/harvesters.

TLove
-21st November 2006, 13:25
Try this also:

vbulletin.org/forum/showthread.php?t=124828

wingnutLP
-21st November 2006, 13:52
Try this also:

vbulletin.org/forum/showthread.php?t=124828

Sheer genius :) I will try that right now...

wingnutLP
-21st November 2006, 13:53
Check the image verification I use at ulufencing.net

It's a lot more perturbed than you have here. I'm running 3.6 though :)

Yup that seems standard on the latest version of VB but I don't think that alone is worth upgrading for.

wingnutLP
-21st November 2006, 15:23
Sadly I get an error when I try to upload the question verification patch. Hopefuly someone on the VB forum will be able to help.

The honeypot is a great idea and I have installed it on the site.

Thanks Tlove

TLove
-21st November 2006, 17:08
Darn, I know why - it's a 3.6 mod, bet it has trouble with 3.5

TLove
-21st November 2006, 17:19
On pages 3-4 of that thread, there are instructions on getting it to work with 3.5.4 and below.

New xml file to download, plus a quick template edit.

Gav
-22nd November 2006, 10:01
It's like a Vbulletin geeks convention in here.

Next you'll all be wanting your pictures taken next to the person who cam up with the Honeypot hack...

;)

TLove
-22nd November 2006, 14:31
Anyone got a camera?

wingnutLP
-22nd November 2006, 15:42
If anyone understands VB templates can they help me with this http://www.vbulletin.org/forum/showpost.php?p=1077273&postcount=53

I guess it is asking me to add a referral to $nospamfield in the subscription template but I am not sure what exactly this means!

TLove
-27th November 2006, 21:27
Have you seen

http://www.vbulletin.org/forum/showthread.php?t=124828&page=8

wingnutLP
-28th November 2006, 08:56
nope, I hadn't seen that but I will give it a go now and let you know how I get on. :)

TLove
-28th November 2006, 12:31
Cool, if you need any PHP/vbulletin help (now or in future) let me know

wingnutLP
-19th December 2006, 15:27
Thanks for your suggestions and your offer of help T love.

We now have had no spam (that I have seen) for several weeks.

:)

IainW
-19th December 2006, 16:29
Dunno if you've noticed this yet, but when I tried to sign up earlier the only answer it would take for the question was "epee" (the final weapon I tried).

wingnutLP
-19th December 2006, 16:52
Wierd, I tested it when I installed and it worked fine. . . I just tried it and as you said the only answer that worked was epee. I re saved the changes and tested again and now foil, epee, eppe, sabre and saber all work fine.

Very odd, I will have to test it again in a few weeks and see if it still works.

Alex