New Anti Spam Efforts - Volunteers Needed

jvroig

Super Moderator
Hello,

Our forum is actually pretty up to date, with the latest stock anti-spam services (vBulletin 4.0, akismet, recaptcha), but as with all "stock" security measures, they can get broken by really smart spam bots eventually.

I just finished cleaning up almost 100 +threads and nonsensical spam posts that have accumulated for a few days. This amount exceeds the allowable POST size in our php settings, so I can't do it in one fell swoop through the admin panel. I am not happy. And I will even be more unhappy if the spam starts spilling out into more active areas of our forum.

To fix this problem, there are several anti-spam measures we can implement, some more hassle-free than others. We'll be implementing some new measures and policies that will significantly make the life of spammers harder without affecting legit users wanting to sign up/register or post.

The first of these steps is an extra human verification step we will add in the registration options through custom fields. In effect, Bryan and I will be adding an extra question in the registration form. It is a simple question that can be readily answered by anybody not a bot, and this question will be rotated weekly (that is, we have a pool of several questions and answers, and we will change them per week). It is hard for bots to adapt, since it is unique to our site and changes regularly (meaning for them to keep on spamming us, it will have to be a directed effort, human-assisted).

I'm calling on volunteers to help test this new feature. I will need atleast 3 people. I will be allowing multiple registrations per user and multiple registrations per email address to help the volunteers test this new anti-spam effort. If you wish to volunteer for this test (all you will have to do is create fake/test accounts to test our registration mechanism) please say so in this thread. I will follow up in a private message to give you your specific instructions.

Regards,
-JV
 
Hello,

Our forum is actually pretty up to date, with the latest stock anti-spam services (vBulletin 4.0, akismet, recaptcha), but as with all "stock" security measures, they can get broken by really smart spam bots eventually.

I just finished cleaning up almost 100 +threads and nonsensical spam posts that have accumulated for a few days. This amount exceeds the allowable POST size in our php settings, so I can't do it in one fell swoop through the admin panel. I am not happy. And I will even be more unhappy if the spam starts spilling out into more active areas of our forum.

To fix this problem, there are several anti-spam measures we can implement, some more hassle-free than others. We'll be implementing some new measures and policies that will significantly make the life of spammers harder without affecting legit users wanting to sign up/register or post.

The first of these steps is an extra human verification step we will add in the registration options through custom fields. In effect, Bryan and I will be adding an extra question in the registration form. It is a simple question that can be readily answered by anybody not a bot, and this question will be rotated weekly (that is, we have a pool of several questions and answers, and we will change them per week). It is hard for bots to adapt, since it is unique to our site and changes regularly (meaning for them to keep on spamming us, it will have to be a directed effort, human-assisted).

I'm calling on volunteers to help test this new feature. I will need atleast 3 people. I will be allowing multiple registrations per user and multiple registrations per email address to help the volunteers test this new anti-spam effort. If you wish to volunteer for this test (all you will have to do is create fake/test accounts to test our registration mechanism) please say so in this thread. I will follow up in a private message to give you your specific instructions.

Regards,
-JV

Good timing. I just deleted several hundred too and added some plugins to see if they help.
 
Since the SFS plugin installed by Millard Baker, I've seen only 4 so far, and that's in a span of 24 hours. It's a marked improvement.

Thanks for volunteering Tot. Now I'm wondering where Fausto and friends are so they can volunteer as well ;)
 
I can help. I have no life...

And I particularly appreciate this forum!

Tell me what you need for me to do.

[I've not been allowed to register more than once per email]

Best,
 
Last edited:
Throughout the weekend and today, I've only had to remove 20 posts/threads. And all of them, I believe, were already filtered for moderation, so nobody else but admins/mods saw them before they got sent to oblivion. The only bad news was that one of them was not in FYI (saw it in General Training), so I hope we finally beat the spammers before they start infesting other forums aside from FYI.


All volunteers should have gotten my PM now, and I am hoping that the new measure will keep 99% of the spambots from registering successfully at all (meaning, even less work for mods cleaning up the spam posts held for moderation).

Here's to hoping for the best.

Regards,
-JV
 
Throughout the weekend and today, I've only had to remove 20 posts/threads. And all of them, I believe, were already filtered for moderation, so nobody else but admins/mods saw them before they got sent to oblivion. The only bad news was that one of them was not in FYI (saw it in General Training), so I hope we finally beat the spammers before they start infesting other forums aside from FYI.


All volunteers should have gotten my PM now, and I am hoping that the new measure will keep 99% of the spambots from registering successfully at all (meaning, even less work for mods cleaning up the spam posts held for moderation).

Here's to hoping for the best.

Regards,
-JV

Great job! There are a ridiculous number of spambots trying to register daily (50-100?) so I'm sure some are bound to slip through. This is addition to the almost 2500+ pre-existing spambot accounts that have been purged since 10th. If you thought the spambot problem was ugly for members, you should have seen what mods were seeing with all the spam held up in moderation.
 
Last edited by a moderator:
BTW, thanks to the mods for taking care of this. Thinkmuscle forum is a great site; it would be a shame to see it ruined by bots.

Best,
 
Great job! There are a ridiculous number of spambots trying to register daily (50-100?) so I'm sure some are bound to slip through. This is addition to the almost 2500+ pre-existing spambot accounts that have been purged since 10th. If you thought the spambot problem was ugly for members, you should have seen what mods were seeing with all the spam held up in moderation.
The entire first two pages of FYI were moderated threads! I have to say, that was a surprise when I first saw it. Thankfully, forum software has advanced pretty well. Can you imagine what it would have taken us if we were still using the old ikonboard? Back then, I remember having to weed out ~100 spam registrations on an almost daily basis (and ban them individually, and sometimes the fishy domains altogether) and it got pretty old pretty fast, and lots of valid users had to wait a while before their registrations finally got through. I wish there was another way then, but the old ikonboard was just no match for the spammers and I have no doubt a lot of valid potential users got turned off from our community.

Anyway. between the plugins you've configured, and the additional custom field present at registration that our volunteers are now testing, I'm pretty hopeful we won't have to go through pages of moderated spam again. Just a couple of posts/threads everyday would be manageable. I pretty much just refresh my CP every several hours and zap/ban the one or two that get through since you put the SFS plugin.
 
BTW, thanks to the mods for taking care of this. Thinkmuscle forum is a great site; it would be a shame to see it ruined by bots.

Best,


The test I just did seemed to work as designed, so I hope it helps eliminate the problem.


First, thank you for volunteering to be testers. We can't do it all by ourselves, so we really need your help.

My initial attempt seemed to have an incomplete regex, and thus allowed phrases that contained the correct answer. I've repaired it, and pending your second set of test results, I'm hoping it does the trick.

Up reps to both of you for willingly participating without any thought of compensation :)
 
jvroig said:
Up reps to both of you for willingly participating without any thought of compensation

Having a weight training board where overbearing egos are not the norm, but rather reasonable thinking and lots of help and good information is well worth it.

Since I found this form I’ve been worried about that the low active participation might cause the plug to get pulled which would be a great shame considering how helpful it is.
 
First, thank you for volunteering to be testers. We can't do it all by ourselves, so we really need your help.

My initial attempt seemed to have an incomplete regex, and thus allowed phrases that contained the correct answer. I've repaired it, and pending your second set of test results, I'm hoping it does the trick.

Up reps to both of you for willingly participating without any thought of compensation :)

If you still need some help, I'd be happy to do something for the forum between now and Thursday.
 
If you still need some help, I'd be happy to do something for the forum between now and Thursday.

Thanks, however the initial volunteers seemed to have ironed out the problems so far, and we're good. I'll remember to ask you again next time we need some volunteers against spam :)
 
That last post in the context of this thread is actually quite funny! :)
 
This question is off topic but since posts to this thread may be seen by admin/moderators I thought I would ask here.

I have tried several times to start a thread to inform forum members about the availability of a HST spreadsheet for download but it seems I am being prevented from doing so. The spreadsheet is highly configurable, user friendly, informative and can cater for both HST novices and experts. I have personal permission from Bryan via e-mail to release it into the public domain. I believe it to be the most useful HST spreadsheet currently available, but that is up to the forum members to confirm for themselves, which at present they are being prevented from doing as I cannot tell them about it or where it can be downloaded from. I have tried to contact admin regarding this but have not been replied to.

Now I am not suggesting I am deliberately being preventing from starting a new thread. It may be that thread roots are being screened using an overly restrictive regex filter which my post is triggering, in which case I may need to send the admin or moderator personnel the message so it can be checked. I know some forum members would find the spreadsheet extremely helpful with setting up their HST cycles and so they should to be informed about it. Is there a reason why I cannot start a new thread on this topic ?
 
Last edited:
I have just logged in and approved the threads that were held in moderation. They should be up now.

I am sorry I did not see your posts/threads immediately. I was somewhere else.

Regards,
-JV
 
Back
Top