Spambots
- Zack Morris
- Posts: 2837
- Joined: Mon Dec 26, 2011 8:52 am
- Location: Bayside High School
Spambots
My experience suggests the following to be a good idea:
1. Ban *@mail.ru -- this will only stop a fraction of spammers, but I've never seen anything legitimate from this address.
2. Require that new users have their first 1 or 2 (1 is enough) posts moderated. New users are by default added to a New Users permissions group by phpBB and you can control for how many posts they remain there (before being promoted to ordinary users) and whether those posts should be moderated (that is, approved explicitly by the moderator).
3. Use the Q&A filter for registration. You will need to design intelligent questions that a human being will not know the answer to immediately unless he is a member of the target community. Also, make sure the questions are not easily answerable by plugging into Google.
Suggestion 3 is the most effective. You don't want the Members list to become full of inactive spambot accounts (which is what will happen if you only implement idea 2). What we need are some suggestions for questions and answers from other users. The answers should be at most one or two words. For those unfamiliar with how phpBB's Q&A works, the administrator enters questions and multiple responses for each question. Each individual response (a single line) is compared to directly against the user's input. So it's a very "dumb" system that cannot intelligently parse sentences.
I would suggest question/answer pairs like this:
Q:
Which German philosopher, whose name an Asia Times Online columnist used as his pen name for several years, is famous for proposing a cyclical theory of civilization?
A:
spengler
Spengler
oswald spengler
Oswald spengler
Oswald Spengler
oswald Spengler
For something more neutral, you can try this:
Q:
Enter the name of the capital of Japan but with each letter shifted by 1 (e.g. a -> b, g -> h, etc.). Use lower case.
A:
uplzp
Its effectiveness will depend on the laziness of the spammers.
1. Ban *@mail.ru -- this will only stop a fraction of spammers, but I've never seen anything legitimate from this address.
2. Require that new users have their first 1 or 2 (1 is enough) posts moderated. New users are by default added to a New Users permissions group by phpBB and you can control for how many posts they remain there (before being promoted to ordinary users) and whether those posts should be moderated (that is, approved explicitly by the moderator).
3. Use the Q&A filter for registration. You will need to design intelligent questions that a human being will not know the answer to immediately unless he is a member of the target community. Also, make sure the questions are not easily answerable by plugging into Google.
Suggestion 3 is the most effective. You don't want the Members list to become full of inactive spambot accounts (which is what will happen if you only implement idea 2). What we need are some suggestions for questions and answers from other users. The answers should be at most one or two words. For those unfamiliar with how phpBB's Q&A works, the administrator enters questions and multiple responses for each question. Each individual response (a single line) is compared to directly against the user's input. So it's a very "dumb" system that cannot intelligently parse sentences.
I would suggest question/answer pairs like this:
Q:
Which German philosopher, whose name an Asia Times Online columnist used as his pen name for several years, is famous for proposing a cyclical theory of civilization?
A:
spengler
Spengler
oswald spengler
Oswald spengler
Oswald Spengler
oswald Spengler
For something more neutral, you can try this:
Q:
Enter the name of the capital of Japan but with each letter shifted by 1 (e.g. a -> b, g -> h, etc.). Use lower case.
A:
uplzp
Its effectiveness will depend on the laziness of the spammers.
- Zack Morris
- Posts: 2837
- Joined: Mon Dec 26, 2011 8:52 am
- Location: Bayside High School
Re: Spambots
Another alternative is to provide an email for the administrator requiring prospective users to write to for permission to join the board. A few explanatory sentences should be enough to weed out spammers. The administrator could then reply with a password, which would be used as the answer to the question "ENTER THE SECRET PASSWORD".
The problem with this is that it requires work on the part of the administrator. Because forum traffic is currently low, this won't be a problem, but if there are plans to substantially expand the membership, it can become a cumbersome task.
The problem with this is that it requires work on the part of the administrator. Because forum traffic is currently low, this won't be a problem, but if there are plans to substantially expand the membership, it can become a cumbersome task.
Re: Spambots
Thanks for your suggestions. Will look into the Q&A option.
This last Polish spambot, opelrodker, was nothing if not prolific, so it's clear that the time has come to harden the registration process.
This last Polish spambot, opelrodker, was nothing if not prolific, so it's clear that the time has come to harden the registration process.
May the gods preserve and defend me from self-righteous altruists; I can defend myself from my enemies and my friends.
- Zack Morris
- Posts: 2837
- Joined: Mon Dec 26, 2011 8:52 am
- Location: Bayside High School
Re: Spambots
Indeed. It will only get worse from here. It starts as a trickle but becomes a torrent. You can expect at least 5 a day within the next week or so.
Re: Spambots
The phpBB registration captcha has now been upgraded to the Google reCAPTCHA.
Let's see if this helps.
Let's see if this helps.
May the gods preserve and defend me from self-righteous altruists; I can defend myself from my enemies and my friends.
Re: Spambots
Fortunately the admin board has the capability to delete a registered spambot and all it's posts at once.Zack Morris wrote:Indeed. It will only get worse from here. It starts as a trickle but becomes a torrent. You can expect at least 5 a day within the next week or so.
May the gods preserve and defend me from self-righteous altruists; I can defend myself from my enemies and my friends.
Re: Spambots
Is it an option to register people personally?
Maybe assign a special "registration moderator" who does/allows for the final registration after somebody applied for registration with indeed a personal question and answer as Zack suggests, plus a short personal motivation textfield, plus the usual graphics letters to be typed in.
Point is to put a human being somewhere in the process.
Maybe assign a special "registration moderator" who does/allows for the final registration after somebody applied for registration with indeed a personal question and answer as Zack suggests, plus a short personal motivation textfield, plus the usual graphics letters to be typed in.
Point is to put a human being somewhere in the process.
Deep down I'm very superficial
Re: Spambots
Both Zack and your suggestions are good, but I would first like to see how well the Google reCAPTCHA performs in blocking spambots.Parodite wrote:Is it an option to register people personally?
Maybe assign a special "registration moderator" who does/allows for the final registration after somebody applied for registration with indeed a personal question and answer as Zack suggests, plus a short personal motivation textfield, plus the usual graphics letters to be typed in.
Point is to put a human being somewhere in the process.
It's a bit early to be optimistic, but so far the recent increase in spambot registration has been stopped.
Now all we need is for some real humans to register
May the gods preserve and defend me from self-righteous altruists; I can defend myself from my enemies and my friends.
Re: Spambots
It's a matter of time something named Turing will register, wanting to find out if we are true bots or merely human.Typhoon wrote:Now all we need is for some real humans to register
Deep down I'm very superficial
Re: Spambots
It has now been over one week since the Google reCAPTCHA for registration has been installed.
During this time no new spambots have registered.
During this time no new spambots have registered.
May the gods preserve and defend me from self-righteous altruists; I can defend myself from my enemies and my friends.
Re: Spambots
Wow. C'est bien.Typhoon wrote:It has now been over one week since the Google reCAPTCHA for registration has been installed.
During this time no new spambots have registered.
Deep down I'm very superficial
-
- Posts: 2206
- Joined: Fri Dec 16, 2011 7:59 pm
- YMix
- Posts: 4631
- Joined: Mon Dec 12, 2011 4:53 am
- Location: Department of Congruity - Report any outliers here
Re: Spambots
The topic was deleted and the spambot was banned.
“There are a lot of killers. We’ve got a lot of killers. What, do you think our country’s so innocent? Take a look at what we’ve done, too.” - Donald J. Trump, President of the USA
The Kushner sh*t is greasy - Stevie B.
The Kushner sh*t is greasy - Stevie B.
-
- Posts: 2206
- Joined: Fri Dec 16, 2011 7:59 pm
Re: Spambots
A look behind the scenes at how the Freepers handle these thingsYMix wrote:The topic was deleted and the spambot was banned.
Been busy doing stuff
- monster_gardener
- Posts: 5334
- Joined: Fri Dec 23, 2011 12:36 am
- Location: Trolla. Land of upside down trees and tomatos........
Spam Alert Congratulations
Thank you Very Much for the maintenance of the Forum
Spam Alert
viewtopic.php?f=3&t=787
Current events at top of forum.
WOW!
Congrats.......... You got it already!
Spam Alert
viewtopic.php?f=3&t=787
Current events at top of forum.
WOW!
Congrats.......... You got it already!
For the love of G_d, consider you & I may be mistaken.
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
- monster_gardener
- Posts: 5334
- Joined: Fri Dec 23, 2011 12:36 am
- Location: Trolla. Land of upside down trees and tomatos........
Re: Spambots
Thank You Very Much for maintaining the forum.
Spambot sighting..........
viewtopic.php?f=3&t=428#p23886
Spambot sighting..........
viewtopic.php?f=3&t=428#p23886
For the love of G_d, consider you & I may be mistaken.
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
- YMix
- Posts: 4631
- Joined: Mon Dec 12, 2011 4:53 am
- Location: Department of Congruity - Report any outliers here
Re: Spambots
Deleted & Banned. Thanks for being vigilant, citizen!
“There are a lot of killers. We’ve got a lot of killers. What, do you think our country’s so innocent? Take a look at what we’ve done, too.” - Donald J. Trump, President of the USA
The Kushner sh*t is greasy - Stevie B.
The Kushner sh*t is greasy - Stevie B.
- monster_gardener
- Posts: 5334
- Joined: Fri Dec 23, 2011 12:36 am
- Location: Trolla. Land of upside down trees and tomatos........
Spambot sighting
Thank you Very Much for maintaining the Forum
Another Spambot alert.......... weird one........
viewtopic.php?f=3&t=987
Another Spambot alert.......... weird one........
viewtopic.php?f=3&t=987
For the love of G_d, consider you & I may be mistaken.
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
- YMix
- Posts: 4631
- Joined: Mon Dec 12, 2011 4:53 am
- Location: Department of Congruity - Report any outliers here
Re: Spambots
Deleted & Banned. We're getting upper class spambots.
“There are a lot of killers. We’ve got a lot of killers. What, do you think our country’s so innocent? Take a look at what we’ve done, too.” - Donald J. Trump, President of the USA
The Kushner sh*t is greasy - Stevie B.
The Kushner sh*t is greasy - Stevie B.
- monster_gardener
- Posts: 5334
- Joined: Fri Dec 23, 2011 12:36 am
- Location: Trolla. Land of upside down trees and tomatos........
TurnitinBot... for high quality forums vs. Plagiarism
Thank You For Maintaining the Board, Admins.
Found a bot that I had not seen before reading in Current Events.
TurnitinBot
Looked it up...........
http://www.webmasterworld.com/forum11/2899.htm
Apparently the level of the discussion here may be of such high quality that students plagiarize it
Found a bot that I had not seen before reading in Current Events.
TurnitinBot
Looked it up...........
http://www.webmasterworld.com/forum11/2899.htm
Apparently the level of the discussion here may be of such high quality that students plagiarize it
TurnitinBot/2.0 [turnitin.com...]
is thisbotis harmfull ... is this bot can help me any way... or it is useless... please help me out
kevinpate
[print msg]
msg:404508 3:25 pm on Jul 18, 2005 (gmt 0)
The bot exists to gather information for their service, a service sold to school instructors to aid them in detecting plagiarism by their students.
Clint
[print msg]
msg:404509 5:32 pm on Jul 18, 2005 (gmt 0)
[webmasterworld.com...]
Other info I see on it states that it tries to exploit webserver vulnerabilities. Do a search on it (TurnitinBot).
osujit
[print msg]
msg:404510 5:41 am on Jul 19, 2005 (gmt 0)
Thanks... for the reply ...
SO it is Not really a search engine, but. turnitinbot/1.4. .is an User Agent: TurnitinBot/1.4
[turnitin.com...] IP: 64.140.48.25...
not much use full taking unnecessary bandwidth.
thanks again
-sujit
Dijkgraaf
[print msg]
msg:404511 9:38 pm on Jul 19, 2005 (gmt 0)
Well it might catch students who are trying to pass your work of as their own.
keyplyr
[print msg]
msg:404512 9:48 am on Jul 24, 2005 (gmt 0)
As an educator myself, at first I was theoretically supportive of TurnitinBot until it came by my site. It requested robots.txt and then proceeded to ignore disallowed list.
Upon further investigation at their site, I found cached copies of my heavy content webpages. The very same pages I don't want copied - LOL
Yes, they sell their service, but so far they haven't offered me my cut.
I emailed them demanding they remove my property from their DB but never received a reply. I now ban them by UA.
Clint
[print msg]
msg:404513 12:11 pm on Jul 24, 2005 (gmt 0)
Are all of you showing the bot's IP is 64.140.48.25? I want to go ahead and block it now.
GaryK
[print msg]
msg:404514 6:52 pm on Jul 24, 2005 (gmt 0)
These are the IP Addresses I have on file for this bot:
64.140.49.66
64.140.49.68
64.140.49.69
204.9.204.203
Clint
[print msg]
msg:404515 9:35 am on Jul 25, 2005 (gmt 0)
Thanks.
You don't have 64.140.48.25 listed?
GaryK
[print msg]
msg:404516 3:27 pm on Jul 25, 2005 (gmt 0)
Nope. But that doesn't mean anything really. Perhaps it uses different IP blocks to crawl different geographic regions. My servers are located in Virginia and Texas in the USA.
Global Options:
top home search open messages active posts
For the love of G_d, consider you & I may be mistaken.
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
Orion Must Rise: Killer Space Rocks Coming Our way
The Best Laid Plans of Men, Monkeys & Pigs Oft Go Awry
Woe to those who long for the Day of the Lord, for It is Darkness, Not Light
-
- Posts: 2206
- Joined: Fri Dec 16, 2011 7:59 pm
Re: Spambots
Been busy doing stuff
Re: Spambots
Over the last couple of days we've had a increase in spambots getting past the captcha.
All were from Russia and the Ukraine.
Sorry for the inconvenience.
Will look into how we can further make it difficult for spambots to register and spam.
All were from Russia and the Ukraine.
Sorry for the inconvenience.
Will look into how we can further make it difficult for spambots to register and spam.
May the gods preserve and defend me from self-righteous altruists; I can defend myself from my enemies and my friends.
Re: Spambots
I've replaced that Google reCAPTCHA visual challenge, which apparently has now been hacked, with a Question and Answer challenge for the registration process
as a test to determine if this will reduce the number of spambots registering.
as a test to determine if this will reduce the number of spambots registering.
May the gods preserve and defend me from self-righteous altruists; I can defend myself from my enemies and my friends.
Re: Spambots
So far the new Q & A registration challenge appears to be working.Typhoon wrote:I've replaced that Google reCAPTCHA visual challenge, which apparently has now been hacked, with a Question and Answer challenge for the registration process
as a test to determine if this will reduce the number of spambots registering.
No spambots have been able to register since it was implemented.
May the gods preserve and defend me from self-righteous altruists; I can defend myself from my enemies and my friends.