Opinions Please

Submit / Make your "FORUM SPECIFIC" posts here.
*** NOT A FREESCO SUPPORT SECTION ***

Postby Howler » Thu Apr 12, 2007 1:29 pm

Hello all,

Well since we seem to be getting a lot of spammers 9 out of 10 registrations now :( :( :( :( :( :( :( :(

I am considering closing the forum to "user registration", meaning no more signing up for an account. What I am thinking to do, to remove almost ANY POSSIBILITY of a SPAMMER getting allowed on the forum, is to have them email me directly, no registration page, just a direct email. This email will be responded to. The responce will ask specific questions that would pertain to FREESCO (and hopefully something that is not shown on the forums here) so that if the question( s ) are answered correctly I will create the account for them.

This is the only way I can think of to reduce my time in checking all of these (hundreds of) registrations that end up as SPAMMERS.

If anyone has any ideas that I may be able to use to take care of this I would be more than willing to listen.

If I can not find a better way, then the email idea will be put into action. I am getting sick and tired of the fukheads that have no respect for others and have no life besides being a god danm son of a bitsh. If you can not tell I am very very upset about this and am not going to take it much longer.

Howler
The first, the original and still the main FREESCOsoft site http://www.freescosoft.com/
The best place for FREESCO packages and related files.
Created and maintained by me (Howler), and mirrored by many (well, ok mirrored by some).
User avatar
Howler
Advanced Member
 
Posts: 227
Joined: Wed Nov 14, 2001 12:24 am
Location: Wisconsin USA

Postby Marc » Thu Apr 12, 2007 1:36 pm

Hi,

Are the registrations done by bots? Isnt there a way to stop bots? I mean, isn't there a way to build in a random freesco question into the registration process?

Or are they real people? (I can only imagine very ill people do this :)

Marc
Marc
pc1mh.nl.eu.org
User avatar
Marc
Senior Member
 
Posts: 85
Joined: Fri May 17, 2002 3:42 pm
Location: The kingdom of the Netherlands, Twente

Postby strampke » Thu Apr 12, 2007 1:52 pm

Hi Howler and other moderators,

Thank you for keeping this forum clean. I appreciate it very much.

Strampke
Who knows knows, who doesn't doesn't.
User avatar
strampke
Junior Advanced Member
 
Posts: 151
Joined: Mon Jul 29, 2002 12:36 pm
Location: Delden, Netherlands

Postby dingetje » Thu Apr 12, 2007 2:36 pm

I have made some minor modifications to the CAPTCHA code (the numeric code that must be typed in to proof you're a human) of my forum (same software as this forum) because I too had about 90% spammers for new accounts. This prooves the CAPTCHA is too simple and has been cracked so bots are able to 'read' the generated code from the image, so I've decided to change it a bit from the default.
  • Added more background lines</li>
  • Use another true type font</li>
  • Added a random 'tilt' to the security code in the image</li>
These modifications make the CAPTCHA still readable for humans, but the amount of spammers has reduced to zero!

Take a look at <a href='http://dingetje.homeip.net/forum/index.php?act=Reg&CODE=00' target='_blank'>http://dingetje.homeip.net/forum/index.php?act=Reg&CODE=00</a>

Image

The security settings of my forum are as follows:

Image

Note how I've used a different font too, called scandal.ttf
I can upload that too if needed, but you may already have that one.

I have attached the modified function for the security image generation. It should replace the original function in the ../sources/functions.php file.
GreetZ
http://dingetje.hopto.org

"Software is like sex: it's better when it's free." - LINUS TORVALDS
User avatar
dingetje
FREESCO GURU !!
 
Posts: 1010
Joined: Wed Nov 14, 2001 12:13 pm
Location: The Netherlands

Postby Peppe/Sweden » Thu Apr 12, 2007 3:04 pm

I believe that this is the best forum in the universe since the moderaters and members show each other the higesest respect possible.
And , I am honered to one of the small member one this forum.

Howler , all of your work has always been impressive and all of your team members as well.
It would me and a lot of members sad if this forum would go offline.

Now , I have had my living hell with spammers since it cost me two months of disconnected broadband - because my broadband provider didn´t belive me and thought that I was the spammer.

As a final note ; Howler - you´re king of you corner - do as you please.

Regards , Peter
[COLOR=blue] You mean that I don?t fly airplanes , I don?t have a grilfriend and don?t have a dog ? Buuh , I grow up to be a real loser! (The Kid , walt disney) [COLOR=blue]
User avatar
Peppe/Sweden
Junior Advanced Member
 
Posts: 161
Joined: Wed Feb 05, 2003 4:41 pm

Postby strampke » Thu Apr 12, 2007 3:04 pm

Hi,

@dingetje - that was easy to rearrange in IPB !!!
@howler - once the forum has been set more secure, can you permit the search function to accept short words like php and www?

Strampke
Who knows knows, who doesn't doesn't.
User avatar
strampke
Junior Advanced Member
 
Posts: 151
Joined: Mon Jul 29, 2002 12:36 pm
Location: Delden, Netherlands

Postby dRB » Thu Apr 12, 2007 6:38 pm

I hear ya, Howler.

I haven't forgot about the VIP code port that we talked about earlier. So far it has been very effective against spam bot registrations,(zero bot registrations), simply because the registration format is not understood by the bots.

So if you wanted to hold tight till the weekend is out, I'll have a working port for you.

Or, as Dingetje suggested, you could try a slant on the existing captcha code. And if that doesn't keep the bots at bay, then include the VIP code.




/dRB
Please bear with me ... I seemed to have lost my marbles.
User avatar
dRB
Junior Advanced Member
 
Posts: 196
Joined: Tue Apr 30, 2002 2:08 am
Location: Dryden, Ontario. CANADA

Postby jason.b.c » Thu Apr 12, 2007 7:57 pm

Hey uh - Howler..

You could try creating a new form section here called "Aardvark1"...

That is how the Admin in the puppy linux forums solved their little spam bot / spammer problems....
User avatar
jason.b.c
Member
 
Posts: 51
Joined: Wed Mar 22, 2006 4:00 am
Location: Missouri , USA

Postby Thasaidon » Fri Apr 13, 2007 2:16 am

I think Dingetjes method should do ok against bots,
but what about those "F*ckheads" as Howler calls them (and I agree)...
It's not gonna stop a real person from creating an account and then adding spam.

Would it be an idea to combine both of the methods?
First people need to sign up using Dingetjes method,
then an e-mail will be send to an administrator (Howler) for a final check?

I know this will mean a lot of work for the admins, but it will defenately reduce the spam accounts beeing created.

just my 2 eurocents.

to Jason.
You mean this topic?
<a href='http://www.murga-linux.com/puppy/viewtopic.php?t=10831' target='_blank'>http://www.murga-linux.com/puppy/viewtopic.php?t=10831</a>
Experience shared, is experience gained.

Thasaidon's Freesco Page




Image
User avatar
Thasaidon
Advanced Member
 
Posts: 411
Joined: Tue Feb 05, 2002 9:38 am
Location: The Netherlands

Postby jason.b.c » Fri Apr 13, 2007 3:09 am

Thasaidon wrote:

to Jason.
You mean this topic?
<a href='http://www.murga-linux.com/puppy/viewtopic.php?t=10831' target='_blank'>http://www.murga-linux.com/puppy/viewtopic.php?t=10831</a>

Yes...

It seems to work quite well in their forums... ^_^

SpamBot postings have dropped by like 50% or so...
User avatar
jason.b.c
Member
 
Posts: 51
Joined: Wed Mar 22, 2006 4:00 am
Location: Missouri , USA

Postby Howler » Fri Apr 13, 2007 12:20 pm

Peppe/Sweden wrote:It would me and a lot of members sad if this forum would go offline.

Well it would not be "off line", it would just be a manual registration via an Admin, for all new members that would like to register.


On the other posts .. I will see what I can do. right now I have bigger issues (lost my main server MB, for my LAN). Will look things over after I get things working again.

Howler
The first, the original and still the main FREESCOsoft site http://www.freescosoft.com/
The best place for FREESCO packages and related files.
Created and maintained by me (Howler), and mirrored by many (well, ok mirrored by some).
User avatar
Howler
Advanced Member
 
Posts: 227
Joined: Wed Nov 14, 2001 12:24 am
Location: Wisconsin USA

Postby Howler » Fri Apr 13, 2007 7:12 pm

jason.b.c wrote:You could try creating a new form section here called "Aardvark1"...

That is how the Admin in the puppy linux forums solved their little spam bot / spammer problems....

Yes, I think I had read that post just before my server 'uumm' issue. I have also read some place that a forum named SPAM can deter some bots. I have already stopped about 3/4 of them (non registered users posting). I have also renamed a few forums to 'OTHER' rather than "GENERAL', as in General Section to Other Section. That took care of the bots posting in the General ????? ---> General ????? Forum . The old forum (on my server) had a lower quality CAPTCHA capability, so moving to this server helped with that.

At this point the BOTs are seeing the - lowest SQL "such and such" entry for the specific forums. i.e The forum creation order. It just happens that on the forum, the first one they have any real rights to (in the order of creation), is the Request Forum. Which does not go along with the "Aardvark1" purpose, as ...
3rd Party Package Release Announcements, would come before A-anything
I think in this case I would have to go with a lower number, at least we do not have "1st party Packages" ;) .

A combination of the suggestions here [ Dingetje's CATCHA mod , jason.b.c's reminder/suggestion and dRB's VIP (to come)] and what I have already done may make a difference. The only thing that would still get through are the manual entered ones. Will check it out after my LAN work tonight.

I still have not gotten things setup here yet (refering to my LAN issue), will be working on that in just a bit now, had to finish up a 'paying' project first, no disrespct intended towards FREESCO, but this may help my LAN issue at the same time.

Well Thanks to all suggestions / comments.

Howler
The first, the original and still the main FREESCOsoft site http://www.freescosoft.com/
The best place for FREESCO packages and related files.
Created and maintained by me (Howler), and mirrored by many (well, ok mirrored by some).
User avatar
Howler
Advanced Member
 
Posts: 227
Joined: Wed Nov 14, 2001 12:24 am
Location: Wisconsin USA

Postby leker » Sat Apr 14, 2007 9:16 am

This email will be responded to. The responce will ask specific questions that would pertain to FREESCO (and hopefully something that is not shown on the forums here) so that if the question( s ) are answered correctly I will create the account for them.

Why not instead require a real FREESCO question/problem from the one who wants to register.
This would show that they have "legal" reason for registering.
User avatar
leker
Newbie
 
Posts: 12
Joined: Sat Dec 28, 2002 11:52 am
Location: Sweden

Postby Howler » Sat Apr 14, 2007 10:44 am

leker wrote: Why not instead require a real FREESCO question/problem from the one who wants to register.
This would show that they have "legal" reason for registering.

So in a way, have them send me what they would be asking/saying in their first post.

This maybe a little harder to add to the forum, but the idea is what is a sound one.

Will keep it in mind. With a combination of all the suggestions here, I think it may even keep out 90+% of the SPAMMERS. There may stll be a few that manually do the registration, who may be willing to go the extra step to copy an old post, just for this purpose, but the chances would definetly be low.

Thanks

Howler
The first, the original and still the main FREESCOsoft site http://www.freescosoft.com/
The best place for FREESCO packages and related files.
Created and maintained by me (Howler), and mirrored by many (well, ok mirrored by some).
User avatar
Howler
Advanced Member
 
Posts: 227
Joined: Wed Nov 14, 2001 12:24 am
Location: Wisconsin USA

Postby dRB » Sat Apr 14, 2007 9:36 pm

:) VIP port is complete.

The bulk of the work was walking thru IPB code.

The logic is simple: bots that auto-register and then dump spam are unaware of the addon to the default template, and therefore registrations fail; and therefore no spam from the bots.

This allows for user registrations to be automatic.

The original idea was borrowed from a VIP add-on posted at the phpBB mods forum; coding for IPB is different, but the idea remains the same.

I post the addon here, in case someone else wants to integrate into IPB v1.3...
<a href='http://www.rbtd.com/HOWLER/1p3Final-VIPcode.zip' target='_blank'>1p3Final-VIPcode.zip</a>

3 files from IPB v1.3 have already been modified and included in this zip file, along with a readme file.

You will need to post the VIP code itself somewhere on the forum, other than on the register page, visible to all users, so they know what the value of that code is, in order to enter it into the registration page.

For those who would like the mods, but are unable to reach my site, pm me.


/dRB
Please bear with me ... I seemed to have lost my marbles.
User avatar
dRB
Junior Advanced Member
 
Posts: 196
Joined: Tue Apr 30, 2002 2:08 am
Location: Dryden, Ontario. CANADA

Next

Return to FORUM SPECIFIC Questions or Comments

Who is online

Users browsing this forum: No registered users and 1 guest