This is a read-only snapshot of the ComputerCraft forums, taken in April 2020.
Cloudy's profile picture

INPUT NEEDED - Spam

Started by Cloudy, 19 November 2012 - 03:51 AM
Cloudy #1
Posted 19 November 2012 - 04:51 AM
Hello!

As you've noticed we've been getting spam lately. One way to fix that would be to enable a captcha upon forum registration. Does anyone have a problem with that?
billysback #2
Posted 19 November 2012 - 04:52 AM
Nope; to be honest it won't effect everyone who will be able to post here as they will all already have an account, this is silly.

EDIT: btw I meant "Nope" as in "Nope I don't have a problem with that", just to clear things up
Tiin57 #3
Posted 19 November 2012 - 04:53 AM
Excellent idea; I concur with billysback and agree with the proposal.
Bubba #4
Posted 19 November 2012 - 04:55 AM
I think this is a great idea. Spam can and does end up ruining otherwise great forums, and it also leads to new users thinking that we are unreliable.

In fact I would also suggest adding a captcha for the first few posts a user makes if that is possible.
KaoS #5
Posted 19 November 2012 - 04:55 AM
this is a great idea. we need to sort out the spamming problem. is there no way to record the IP of someone who posts? if I ever ran a forum server I definitely would record all IPs… DDOS :)/>/>
Cloudy #6
Posted 19 November 2012 - 04:58 AM
Nope; to be honest it won't effect everyone who will be able to post here as they will all already have an account, this is silly.

I know this. My point is, I'm asking your opinion as to whether it would bother you if you were signing up for this forum.
KaoS #7
Posted 19 November 2012 - 05:04 AM
nah, it is one quick test that actually shows that the forums are making an effort to keep spammers out. wouldn't bug me at all
lieudusty #8
Posted 19 November 2012 - 05:35 AM
I'm fine with a captcha
BigSHinyToys #9
Posted 19 November 2012 - 05:38 AM
seams a completely reasonable requirement for sign up. It's not like you are asking for mobile numbers. I have never had a problem with human intelligence recognition programs when singing up on other boards.
Lyqyd #10
Posted 19 November 2012 - 07:16 AM
Yeah, go ahead. Captchas never bother me when I'm signing up for stuff.
Leo Verto #11
Posted 19 November 2012 - 07:36 AM
In fact I would also suggest adding a captcha for the first few posts a user makes if that is possible.
I think that might scare away new users.

I think a captcha is definitely a good idea, a lot of other forums have it too and as long as the captcha isn't too hard, it should be fine.
kazagistar #12
Posted 19 November 2012 - 07:54 AM
Are there really people who don't sign up if there is a captcha involved? I think the biggest inconvenience is email verification, but that still won't stop me from signing up for a forum.
Cloudy #13
Posted 19 November 2012 - 08:51 AM
Captcha enabled. Lets see if it works!
Cloudy #14
Posted 19 November 2012 - 11:15 AM
I THINK it could have actually been broken - I don't remember there being one either (although I was only the 6th user ever to sign up). Regardless, it is enabled - and I haven't seen any spam since!
Sammich Lord #15
Posted 19 November 2012 - 12:08 PM
I haven't seen spam on the forums since… hmm… October? xD but on the contrary I'm surprised the forum board lasted so long without being heavily spammed… and it didn't even have a capcha.
Another thing you could try doing is allow Email based verification of your account. This would prevent some people from creating a billion accounts under fake names.
I thought you already had to do email varification? Atleast there is no more "UGGS FOR CHEAP" or Russian porn link threads anymore.
PixelToast #16
Posted 19 November 2012 - 12:22 PM
o_o there was?
never seen them
thats because the admin act fast to reports :)/>/>

i dont mind if you add captia, they aren't that annoying
ETHANATOR360 #17
Posted 19 November 2012 - 01:14 PM
yes use captha theres no reason not to
D3matt #18
Posted 19 November 2012 - 03:20 PM
this is a great idea. we need to sort out the spamming problem. is there no way to record the IP of someone who posts? if I ever ran a forum server I definitely would record all IPs… DDOS :(/>/>
Recording IPs is pointless. Spam bots very rarely post from the same IP, from my experience. And the IP very rarely belongs to the hacker, usually an innocent victim. And DDOS is not a tool for enforcing the law.
ComputerCraftFan11 #19
Posted 19 November 2012 - 03:44 PM
The captcha isnt working, people are still spamming
djblocksaway #20
Posted 19 November 2012 - 07:04 PM
yea i think its worth enabling a captcha it cant hurt anyone, and will stop account spammers ^.^
KaoS #21
Posted 19 November 2012 - 08:18 PM
this is a great idea. we need to sort out the spamming problem. is there no way to record the IP of someone who posts? if I ever ran a forum server I definitely would record all IPs… DDOS :(/>/>
Recording IPs is pointless. Spam bots very rarely post from the same IP, from my experience. And the IP very rarely belongs to the hacker, usually an innocent victim. And DDOS is not a tool for enforcing the law.

I'm gonna admit to being a ruthless bastard and say that I'm not concerned about the law or innocent bystanders. if someone wrongs me I stop them, that's just me
gknova61 #22
Posted 19 November 2012 - 10:09 PM
Don't see why people would have a problem with entering a captcha once when they register (pretty standard on forums now anyways) - as long as it doesn't extend to logins :(/>/>
Kingdaro #23
Posted 20 November 2012 - 03:46 AM
There are plenty of websites that use captchas in their registration processes, it would be no problem for this forum to do the same.
D3matt #24
Posted 20 November 2012 - 08:46 AM
this is a great idea. we need to sort out the spamming problem. is there no way to record the IP of someone who posts? if I ever ran a forum server I definitely would record all IPs… DDOS :(/>/>
Recording IPs is pointless. Spam bots very rarely post from the same IP, from my experience. And the IP very rarely belongs to the hacker, usually an innocent victim. And DDOS is not a tool for enforcing the law.

I'm gonna admit to being a ruthless bastard and say that I'm not concerned about the law or innocent bystanders. if someone wrongs me I stop them, that's just me
Except in addition to being ruthless, it would be utterly and completely ineffective.
KaoS #25
Posted 20 November 2012 - 11:48 AM
if people actually did it would eventually work. if people cannot think enough to install antivirus and antimalware and watch the links they click then they end up spamming others. once such people are removed we shouldn't have an issue. in my mind the perpetrators are guilty. those who allow them to do what they want are just as guilty
D3matt #26
Posted 20 November 2012 - 12:11 PM
if people actually did it would eventually work. if people cannot think enough to install antivirus and antimalware and watch the links they click then they end up spamming others. once such people are removed we shouldn't have an issue. in my mind the perpetrators are guilty. those who allow them to do what they want are just as guilty
If you block the IP AFTER they post, you've done nothing useful.
Cranium #27
Posted 20 November 2012 - 03:58 PM
It seems that either it has not worked, or some of these accounts have been laying dormant for some time.
Cruor #28
Posted 20 November 2012 - 06:43 PM
They are just having a tea party :3 trust me, we be doomed.
Espen #29
Posted 21 November 2012 - 12:35 AM
Maybe in addition to entering a captcha, a little context-knowledge might go a long(er) way?
I.e. I'v seen on other forums that they ask you Minecraft-related questions, like:
Who created Minecraft? -> Notch
What is used to connect levers to pistons? -> redstone
Are fences a solid block? -> no
etc.

That at least should cut off any automated spammers who's operators either don't know the context-knowledge or the ones who won't invest the extra time to create a table with question<->answer pairs for their bots, just to get into the 136th website on their spam-list.
KaoS #30
Posted 21 November 2012 - 01:50 AM
if people actually did it would eventually work. if people cannot think enough to install antivirus and antimalware and watch the links they click then they end up spamming others. once such people are removed we shouldn't have an issue. in my mind the perpetrators are guilty. those who allow them to do what they want are just as guilty
If you block the IP AFTER they post, you've done nothing useful.

that is not what I am referring to. do not block them from the forums, render their internet useless so they cannot continue to spam. eventually you will have eliminated the problem. DDOS is not a long term solution as you would have to keep it up, I would prefer other methods
Cranium #31
Posted 21 November 2012 - 05:14 AM
Wow….if the captcha is enabled, then it is definitely not working. Porn post directly above.
Leo Verto #32
Posted 21 November 2012 - 05:35 AM
Maybe in addition to entering a captcha, a little context-knowledge might go a long(er) way?
I.e. I'v seen on other forums that they ask you Minecraft-related questions, like:
Who created Minecraft? -> Notch
What is used to connect levers to pistons? -> redstone
Are fences a solid block? -> no
etc.

That at least should cut off any automated spammers who's operators either don't know the context-knowledge or the ones who won't invest the extra time to create a table with question<->answer pairs for their bots, just to get into the 136th website on their spam-list.
You also need to write 'Notch' when registering.
Doyle3694 #33
Posted 04 January 2013 - 04:44 AM
any news on spambots? Seen 2 earlier today, just saw one, all 3 are reported. Have something been recently changed for easier registration, or anything like that?

EDIT: 4th one….
Dlcruz129 #34
Posted 04 January 2013 - 06:25 AM
any news on spambots? Seen 2 earlier today, just saw one, all 3 are reported. Have something been recently changed for easier registration, or anything like that?

EDIT: 4th one….

I talked to Cloudy. He's trying to figure out a way to block all users who use Tor.
KaoS #35
Posted 04 January 2013 - 06:29 AM
any news on spambots? Seen 2 earlier today, just saw one, all 3 are reported. Have something been recently changed for easier registration, or anything like that?

EDIT: 4th one….

if you look at the accounts used to post the spam you may notice that they were registered long ago. the new methods should work but it will take time to weed out the sleeping spam accounts
Cranium #36
Posted 04 January 2013 - 07:07 AM
if you look at the accounts used to post the spam you may notice that they were registered long ago. the new methods should work but it will take time to weed out the sleeping spam accounts
Actually, many of these spammers say that they just joined not more than 24 hours ago…
PixelToast #37
Posted 04 January 2013 - 07:43 AM
some register accounts a week / day in advance to avoid post restrictions
some also post 4 random things before dumping le spam
PixelToast #38
Posted 05 January 2013 - 06:17 AM
spam post used to be above here
most just dump TL;DR posts on random threads ;_;
Cranium #39
Posted 05 January 2013 - 06:20 AM
^^^^that right there^^^^
That is what I am talking about. It seems that this account was created today at 9:33 am, CDT.
Spoiler
Cranium #40
Posted 10 January 2013 - 09:38 AM
So, quite some time has passed since we started seeing spam on the forums. I see that we now use a reCaptcha and a security question,
Spoiler
but it seems that it is not enough to stop them, as new accounts are being made every day. Is there any other way we can prevent the spam? It's getting ridiculous, and the idea of "Just ignoring it" does not really appeal to me.
Tiin57 #41
Posted 10 January 2013 - 09:55 AM
So, quite some time has passed since we started seeing spam on the forums. I see that we now use a reCaptcha and a security question,
Spoiler
but it seems that it is not enough to stop them, as new accounts are being made every day. Is there any other way we can prevent the spam? It's getting ridiculous, and the idea of "Just ignoring it" does not really appeal to me.
Multiple, random security questions, and a block on users' first five posts containing links.
Edit: This is getting stupid. I count 16 (SIXTEEN) spam topics on the front page of General as of 3:58pm EST, 1/9/2013. -.-
NeverCast #42
Posted 10 January 2013 - 10:01 AM
I've got it, what would all minecrafters know?
Blocks!

We have screenshots of each block which we fuzz with GD library and then ask, "What block is this" in the registration… What board software is this.. IP.Board, I'll see if a module/addon already exists for this purpose.
PixelToast #43
Posted 10 January 2013 - 10:03 AM
I've got it, what would all minecrafters know?
Blocks!

We have screenshots of each block which we fuzz with GD library and then ask, "What block is this" in the registration… What board software is this.. IP.Board, I'll see if a module/addon already exists for this purpose.
http://www.minecraftxl.com/data-values/
not going to work
it will only work for questions you cant just google
Cranium #44
Posted 10 January 2013 - 10:05 AM
http://www.minecraft...om/data-values/
not going to work
it will only work for questions you cant just google
I think he's saying like what a captcha does with words, but with pictures of minecraft blocks.
Tiin57 #45
Posted 10 January 2013 - 10:06 AM
Not a bad idea.
Cranium #46
Posted 10 January 2013 - 10:10 AM
Although I think we might have to make it multiple choice for those who cannot spell ANYTHING.
Tiin57 #47
Posted 10 January 2013 - 10:14 AM
Although I think we might have to make it multiple choice for those who cannot spell ANYTHING.
Lol, if they can't spell "dirt", then I say they shouldn't even be in here in the first place :P/>

Cloudy, dan, Lyqyd, Cruor, Lochie, FuzzyPurp, casper (is he still alive?) and other assorted forum staff; have you thought about adding more moderators? :D/>
AfterLifeLochie #48
Posted 10 January 2013 - 10:20 AM
Although I think we might have to make it multiple choice for those who cannot spell ANYTHING.
Lol, if they can't spell "dirt", then I say they shouldn't even be in here in the first place :P/>

Cloudy, dan, Lyqyd, Cruor, Lochie, FuzzyPurp, casper (is he still alive?) and other assorted forum staff; have you thought about adding more moderators? :D/>

The number of moderators is certainly not the issue, I'll tell you that.

The fact of the matter is, the quantity and the rate of the spam becomes unmanageable. Last night I just sat on the forums, and after I'd delete three spam users, another two would reappear and litter the place with posts. I had to sit here and entirely devote my attention to watching the forums like a hawk and remove stuff straight away - and when I wake up, it's the same thing - go through the list of reports and clear them all out. There is an almost unbroken wall of spam-reports in the Reports Center, stretching back to at least, and if not further than, Page 8 now.

I still really, really suggest we approve new member's (<10) posts. It's much easier to delete content before it appears - and it keeps the Reports system in a manageable state.
Cranium #49
Posted 10 January 2013 - 10:21 AM
Lol, if they can't spell "dirt", then I say they shouldn't even be in here in the first place :P/>

Cloudy, dan, Lyqyd, Cruor, Lochie, FuzzyPurp, casper (is he still alive?) and other assorted forum staff; have you thought about adding more moderators? :D/>
I don't think the answer is as simple as more moderators. There will ALWAYS be more bots than moderators. We need to look into a permanent solution for stopping the spammers.
crazyguymgd #50
Posted 10 January 2013 - 10:38 AM
Although I think we might have to make it multiple choice for those who cannot spell ANYTHING.
Lol, if they can't spell "dirt", then I say they shouldn't even be in here in the first place :P/>

Cloudy, dan, Lyqyd, Cruor, Lochie, FuzzyPurp, casper (is he still alive?) and other assorted forum staff; have you thought about adding more moderators? :D/>

The number of moderators is certainly not the issue, I'll tell you that.

The fact of the matter is, the quantity and the rate of the spam becomes unmanageable. Last night I just sat on the forums, and after I'd delete three spam users, another two would reappear and litter the place with posts. I had to sit here and entirely devote my attention to watching the forums like a hawk and remove stuff straight away - and when I wake up, it's the same thing - go through the list of reports and clear them all out. There is an almost unbroken wall of spam-reports in the Reports Center, stretching back to at least, and if not further than, Page 8 now.

I still really, really suggest we approve new member's (<10) posts. It's much easier to delete content before it appears - and it keeps the Reports system in a manageable state.

I don't know what the number of spam posts really is but I sorted New content by Past 24 hours and found 15 posts on the first page, started by users with < 25 posts. Would approving all these new posts and disapproving all the spam posts be any better than just deleting spam posts?
Cranium #51
Posted 10 January 2013 - 10:42 AM
I agree. Approving posts would be just as time consuming (if not more) as deleting spam. I go back to the fact that accounts are being created at all. I didn't check, but do we require email verification?

Edit: It looks like we do have email verification, but I guess it's waaaaay too easy to automate.
Edited on 10 January 2013 - 09:47 AM
Exerro #52
Posted 10 January 2013 - 10:43 AM
make a bot to remove anything that has ugg in the name and dont let users with <50 posts see this topic
Exerro #53
Posted 10 January 2013 - 10:49 AM
Ok. Ummm….this is Cranium, and creating an account should not be this easy.
+1 for user experience, -100 for security.
i know this may sound crazy but are there any similarities in the usernames of the spammers and would it be possible to auto remove accounts that have a certain pattern or something…also you could put this on a page that lets ppl try ingame as a challenge (try and come up with a code that does the above)
Leo Verto #54
Posted 10 January 2013 - 10:55 AM
i know this may sound crazy but are there any similarities in the usernames of the spammers and would it be possible to auto remove accounts that have a certain pattern or something…also you could put this on a page that lets ppl try ingame as a challenge (try and come up with a code that does the above)
I think the names are just randomly generated from huge lists of words and random numbers.
A sample code wouldn't help much because you could use the same code over and over again, a dynamic verification that you're a human would be better.
Cranium #55
Posted 10 January 2013 - 10:57 AM
I think the names are just randomly generated from huge lists of words and random numbers.
A sample code wouldn't help much because you could use the same code over and over again, a dynamic verification that you're a human would be better.
True, but so far, the only one I know if is that silly captcha.
Unfortunately, it either isn't working, or we have someone who is taking the time to create all of these accounts manually, and then having them spam.
Leo Verto #56
Posted 10 January 2013 - 11:01 AM
I think the names are just randomly generated from huge lists of words and random numbers.
A sample code wouldn't help much because you could use the same code over and over again, a dynamic verification that you're a human would be better.
True, but so far, the only one I know if is that silly captcha.
Unfortunately, it either isn't working, or we have someone who is taking the time to create all of these accounts manually, and then having them spam.
There are also simple flash-game style programs to prevent bots from registering, another method is be providing some images of kitties and doggies and asking the user to mark all cats.

Minecraft blocks are pretty easy to detect because the graphics stay the same.
Cranium #57
Posted 10 January 2013 - 11:20 AM
That's true, I suppose we would have to do something else. No idea what would work well though.
billysback #58
Posted 10 January 2013 - 11:30 AM
we could ask questions about minecraft, like "who is the creator of minecraft/computercraft" and "what is the minecraft world made up of", then you can only register when these questions are answered correctly; use random questions from a selection.
I've seen that on some forums before… doesn't sound like it would be too effective but who knows?
zekesonxx #59
Posted 10 January 2013 - 11:31 AM
What about http://areyouahuman.com/? They've worked pretty well in my creations.
crazyguymgd #60
Posted 10 January 2013 - 11:34 AM
What about http://areyouahuman.com/? They've worked pretty well in my creations.

Ha that was kind of fun too.
zekesonxx #61
Posted 10 January 2013 - 11:39 AM
What about http://areyouahuman.com/? They've worked pretty well in my creations.

Ha that was kind of fun too.

See? And it's free.
Leo Verto #62
Posted 10 January 2013 - 11:42 AM
What about http://areyouahuman.com/? They've worked pretty well in my creations.
But the games do not seem to start over when you do something wrong, it wouldn't be that hard just to attempt dropping all items wherever they need to go.
zekesonxx #63
Posted 10 January 2013 - 11:44 AM
Read the FAQ and the Security page.

EDIT: And check out this better demo.
Cranium #64
Posted 10 January 2013 - 11:55 AM
we could ask questions about minecraft, like "who is the creator of minecraft/computercraft" and "what is the minecraft world made up of", then you can only register when these questions are answered correctly; use random questions from a selection.
I've seen that on some forums before… doesn't sound like it would be too effective but who knows?
We already do that, but it is only one question.
Leo Verto #65
Posted 10 January 2013 - 11:56 AM
That page told me I'm a bot :/

Gotta think about my life…
Cranium #66
Posted 10 January 2013 - 12:00 PM
That page told me I'm a bot :/

Gotta think about my life…
I do everything my turtle overlords tell me to….. It's not so bad being a slave.
Heracles421 #67
Posted 10 January 2013 - 12:19 PM
That page told me I'm a bot :/

Gotta think about my life…
I do everything my turtle overlords tell me to….. It's not so bad being a slave.
:P/>/>/> How does being a slave of a piece of metal feels?

I have another solution, why not limit the posts per day of new users to 1, needing to have 10 approved posts before being able to post unlimited things? Minecraft forum uses that technique, and for me it's quite well and doesn't really annoy the new ones

Edit: Another idea, based on the idea on top, instead of having to approve the posts manually, why don't you add a captcha for posting before the 10 posts are met
theoriginalbit #68
Posted 10 January 2013 - 01:07 PM
EDIT: And check out this better demo.
That is actually quite cool. much better than say a video captcha
BustedEarLobes #69
Posted 10 January 2013 - 06:02 PM
What CAN you do? Captchas are fine for bots, but some spammers spam themselves. Limiting new users is brilliant, but would suck if you are new and just want to make a few posts. I feel the best way is to have.one email account per user, a captcha or that amIAHuman game thing, and limit users with a thick 5 posts/day for 5 or so days. Spam is impossible to stop, but at least you can try to slow it down.
Dlcruz129 #70
Posted 10 January 2013 - 06:41 PM
While I would usually hate the idea of blocking a users first few posts, we're out of options. I say we go for it.
billysback #71
Posted 10 January 2013 - 08:33 PM
what about an "obligatory say hello thread" where you must make a post before you can post anywhere else?
that might scare away normal users however…

also these spammers only make about 3 posts per account.
5 per day limits would be pointless and most likely annoy people in the ask a pro section.
sjkeegs #72
Posted 11 January 2013 - 02:34 AM
True, but so far, the only one I know if is that silly captcha.
Unfortunately, it either isn't working, or we have someone who is taking the time to create all of these accounts manually, and then having them spam.

They have automated systems that ship the captcha off to places where people answer it and send it back.
Leo Verto #73
Posted 11 January 2013 - 04:07 AM
While I would usually hate the idea of blocking a users first few posts, we're out of options. I say we go for it.
I still think just don't let them post links in the first post or disallaw links (except for pastebin ones) for members of the clueless.
Dlcruz129 #74
Posted 11 January 2013 - 04:15 AM
While I would usually hate the idea of blocking a users first few posts, we're out of options. I say we go for it.
I still think just don't let them post links in the first post or disallaw links (except for pastebin ones) for members of the clueless.

I was thinking along the lines of moderators having to approve the first 5 or so posts.
theoriginalbit #75
Posted 11 January 2013 - 04:28 AM
While I would usually hate the idea of blocking a users first few posts, we're out of options. I say we go for it.
I still think just don't let them post links in the first post or disallaw links (except for pastebin ones) for members of the clueless.
then the spammers will just start using pastebin… I've seen it done before… ;)/> heck there are spammers ON pastebin, have you ever clicked on the side "new pastes" or whatever its called. like 70% are spam!
zekesonxx #76
Posted 11 January 2013 - 04:51 AM
True, but so far, the only one I know if is that silly captcha.
Unfortunately, it either isn't working, or we have someone who is taking the time to create all of these accounts manually, and then having them spam.

They have automated systems that ship the captcha off to places where people answer it and send it back.

Very true. I know of two of them, not going to post as the "Don't post malicious scripts" rule.
Cranium #77
Posted 11 January 2013 - 05:56 PM
We could stop new users from creating topics until they have maybe 10 approved posts on other topics? Although I think that would cause problems with the Ask A Pro section.
Heracles421 #78
Posted 11 January 2013 - 05:59 PM
We could stop new users from creating topics until they have maybe 10 approved posts on other topics? Although I think that would cause problems with the Ask A Pro section.
That was another idea, but as you just said it'll cause some problems
theoriginalbit #79
Posted 11 January 2013 - 06:15 PM
We could stop new users from creating topics until they have maybe 10 approved posts on other topics? Although I think that would cause problems with the Ask A Pro section.
Maybe for all areas other than Ask a Pro? it seems most pop up in general atm anyways… maybe just restrict general?
Cranium #80
Posted 11 January 2013 - 06:18 PM
Yeah, but I'm wondering if they will just start to spam Ask a Pro?
AfterLifeLochie #81
Posted 11 January 2013 - 06:21 PM
I'm going to repeat myself a little here. It's much easier for us (or me, personally), to approve posts and delete spam in an unapproved state, here's why.

If spam is posted to the site and is automatically approved - as it is right now - it fills the Reports System with garbage, not only making it harder for us to do our job to move stuff around, but makes it incredibly hard to navigate for things that have been reported - and personally, I do not have permissions to permanently remove reports, and neither do the other Moderators.

This certainly does not mean you should not, or must not, report spam - as it is currently the only way we see spam in posts that are not new (eg, a new thread created by a spammer is much easier to see, rather than necroposts/etc).

Whereas, if spam remains in an unapproved state, we can deal with it much more easily - press the Delete button on the post/thread the spambot created, hit "Flag Account" - rather than having to manually delete all the users' posts - and be careful we don't delete a legitimate thread - and clear any reports for that user. It's actually become one of my nightmares now. (I'm not kidding.)

I still, again (and I quote myself) "really, really suggest we approve new member's (<10) posts. It's much easier to delete content before it appears - and it keeps the Reports system in a manageable state." There are enough moderators that content will be approved expediently and we operate in timezones where we overlap by at least a few hours each, so the forum usually does not go un-watched by someone - and if all else fails, the reports system won't overflow.
theoriginalbit #82
Posted 11 January 2013 - 06:21 PM
Yeah, but I'm wondering if they will just start to spam Ask a Pro?
Well realistically anything that is done they will eventually find a way around… thats the problem…
Dlcruz129 #83
Posted 11 January 2013 - 06:29 PM
I'm going to repeat myself a little here. It's much easier for us (or me, personally), to approve posts and delete spam in an unapproved state, here's why.

If spam is posted to the site and is automatically approved - as it is right now - it fills the Reports System with garbage, not only making it harder for us to do our job to move stuff around, but makes it incredibly hard to navigate for things that have been reported - and personally, I do not have permissions to permanently remove reports, and neither do the other Moderators.

This certainly does not mean you should not, or must not, report spam - as it is currently the only way we see spam in posts that are not new (eg, a new thread created by a spammer is much easier to see, rather than necroposts/etc).

Whereas, if spam remains in an unapproved state, we can deal with it much more easily - press the Delete button on the post/thread the spambot created, hit "Flag Account" - rather than having to manually delete all the users' posts - and be careful we don't delete a legitimate thread - and clear any reports for that user. It's actually become one of my nightmares now. (I'm not kidding.)

I still, again (and I quote myself) "really, really suggest we approve new member's (<10) posts. It's much easier to delete content before it appears - and it keeps the Reports system in a manageable state." There are enough moderators that content will be approved expediently and we operate in timezones where we overlap by at least a few hours each, so the forum usually does not go un-watched by someone - and if all else fails, the reports system won't overflow.

You're the moderator. Whatever is easiest for you works for me.
theoriginalbit #84
Posted 11 January 2013 - 07:22 PM
You're the moderator. Whatever is easiest for you works for me.

Ditto
theoriginalbit #85
Posted 12 January 2013 - 01:06 AM
Aaaaannnnndddd its started in suggestions now… :/

EDIT: OMG Spam posted IN a spam post! from 2 different accounts!
remiX #86
Posted 13 January 2013 - 05:12 AM
Yeah this spam is going overboard :/.
Cranium #87
Posted 13 January 2013 - 07:11 AM
New suggestions:
  1. Run a script at registration that times how long it takes for the application to be filled out, and how long it takes for a response to be made on the registration email. If it is not done in a HUMANLY time frame, then we flag that IP as 'suspicious'.
    1. A moderator could watch the account, and approve the posts they make.
    2. Or, the system could place an automatic block on the account, and the user would have to re-verify themselves before continuing.
  2. Add additional security questions. But use random ones from a list. Also, the question should not be in plain text, but in an image, such as a .PNG.
    1. Two or three questions, pooled from a list of about twenty.
  3. This one is a little more tricky, but we could have an 'advanced' registration. The user could check a box, and they can use a lua prompt to create a function to return a certain value that we need.
    1. Spoiler
I don't know if any of these are really that good of ideas, but it's definitely something to ponder.
Dlcruz129 #88
Posted 13 January 2013 - 07:25 AM
New suggestions:
  1. Run a script at registration that times how long it takes for the application to be filled out, and how long it takes for a response to be made on the registration email. If it is not done in a HUMANLY time frame, then we flag that IP as 'suspicious'.
    1. A moderator could watch the account, and approve the posts they make.
    2. Or, the system could place an automatic block on the account, and the user would have to re-verify themselves before continuing.
  2. Add additional security questions. But use random ones from a list. Also, the question should not be in plain text, but in an image, such as a .PNG.
    1. Two or three questions, pooled from a list of about twenty.
  3. This one is a little more tricky, but we could have an 'advanced' registration. The user could check a box, and they can use a lua prompt to create a function to return a certain value that we need.
    1. Spoiler
I don't know if any of these are really that good of ideas, but it's definitely something to ponder.

#3 looks fun, but it would be way too complicated for new users.
Cranium #89
Posted 13 January 2013 - 09:09 AM
#3 looks fun, but it would be way too complicated for new users.
That's why it would be an option. Check a box here, and it will bring a new webpage that you need to write a function. This would be easy for many experienced coders.
PixelToast #90
Posted 13 January 2013 - 12:01 PM
a "implement a expression that returns x" would be easy for humans, and hard for bots
though they manage to ship captia off to places where the sun dosent shine and still gets past it :s
Cranium #91
Posted 13 January 2013 - 08:14 PM
a "implement a expression that returns x" would be easy for humans, and hard for bots
though they manage to ship captia off to places where the sun dosent shine and still gets past it :s
True, but they can't ship off a whole javascript that would choose a question at random. Something like that would be fairly easy for some of the people here to make, and probably not to hard to add to the regist
Tiin57 #92
Posted 14 January 2013 - 02:29 AM
a "implement a expression that returns x" would be easy for humans, and hard for bots
though they manage to ship captia off to places where the sun dosent shine and still gets past it :s
True, but they can't ship off a whole javascript that would choose a question at random. Something like that would be fairly easy for some of the people here to make, and probably not to hard to add to the regist
Yeah, I can think of half a dozen of us (myself included, though it'd be ugly) who could create such a thing with relative ease. Of course, the first person that comes to mind is Lochie. :P/>
Leo Verto #93
Posted 15 January 2013 - 06:10 AM
I think all the spam we get comes from a single spammer/spamming company that was attracted by this site's amount of traffic and set up a system to automatically fill out the registering form, answer the security question and solve the captcha somehow. Then the bots start posting advertising from the customers of the spammer/spamming company.
Cranium #94
Posted 15 January 2013 - 06:12 AM
That's exactly what has happened. All we need to do, is prevent new qaccounts from being created. We just need to figure out how.
Cranium #95
Posted 15 January 2013 - 06:18 AM
Actually, looking into things already available for IP.Board software, I came across this post: http://community.invisionpower.com/blog/1174/entry-8429-ipboard-34-dev-update-anti-spam-enhancements/
It discusses recent integration with keyCaptcha. Which is better than reCaptcha, since it uses a puzzle, rather than a image that can be solved easily. Since it's already been integrated, why not add it to the website?
KaoS #96
Posted 17 January 2013 - 07:10 AM
if it is a single company won't they be using a single/finite list or IPs? can't we just ban them?

EDIT: nevermind, Lyqyd mentioned that they are using different IPs every time

EDIT2: and ninja'd too -_-/>
Edited on 17 January 2013 - 06:19 AM
Cranium #97
Posted 17 January 2013 - 07:13 AM
if it is a single company won't they be using a single/finite list or IPs? can't we just ban them?
From what I understand, most of the accounts are using completely separate IPs.
PixelToast #98
Posted 17 January 2013 - 09:56 AM
yea, its easy to renew your ip
RunasSudo-AWOLindefinitely #99
Posted 18 January 2013 - 02:10 PM
On the topic of captchas and such, you need to fix your registration question. My experience with registering:

Who created Minecraft?
>Markus Alexej "Notch" Persson
[nope]
>Markus "Notch" Persson
[nope]
>Markus Alexej Persson
[nope]
>Markus Persson
[nope]
>Notch
DING DING!

theoriginalbit #100
Posted 19 January 2013 - 03:33 PM
Maybe keyword blocking may come in handy too… for example I dont ever see any point to someone on this forum posting the word "viagra" so that could go on the list of words, then thats about 30% of the spam stopped…
BigSHinyToys #101
Posted 19 January 2013 - 03:38 PM
Maybe keyword blocking may come in handy too… for example I dont ever see any point to someone on this forum posting the word "viagra" so that could go on the list of words, then thats about 30% of the spam stopped…
uggboot would remove another ~30%
theoriginalbit #102
Posted 19 January 2013 - 03:50 PM
Maybe keyword blocking may come in handy too… for example I dont ever see any point to someone on this forum posting the word "viagra" so that could go on the list of words, then thats about 30% of the spam stopped…
uggboot would remove another 30%
More like 50%
D3matt #103
Posted 19 January 2013 - 04:24 PM
One way that I've seen done before is to block newly registered users from posting links. If somebody with less than 5 posts tries to post a link (Maybe we can allow links to certain whitelisted websites like Pastebin so new users can post their programs still), they are prevented from making the post (otherwise the spam would still go through, just sans link)
theoriginalbit #104
Posted 19 January 2013 - 05:02 PM
also if a pattern match for "jerseygz65" where the 65 can be any number would stop a heap, then lastly a check for any non-english ( mainly Russian ) text and done… thats 99% of spam gone! :P/>
RunasSudo-AWOLindefinitely #105
Posted 19 January 2013 - 05:06 PM
mainly Russian
Also Japanese.
theoriginalbit #106
Posted 19 January 2013 - 05:17 PM
And louis vuitton… there is a heap of those too…
Cranium #107
Posted 19 January 2013 - 05:31 PM
http://puu.sh/1PyfJ
And this is how they get around most of what you guys just said……
BigSHinyToys #108
Posted 19 January 2013 - 05:51 PM
if user posts < 5 and user post Contains Urls's Other than pastebin and ((user post contain language other than English or list of keywords) or user post contain less that 50% words) and post is reported as Spam more than two times by users that have more than a hundred posts then delete posts and suspend user.
That could cut down quite a bit of it at least.
theoriginalbit #109
Posted 19 January 2013 - 06:28 PM
http://puu.sh/1PyfJ
And this is how they get around most of what you guys just said……
True… but we would see a large decrease until the bots figured out to do that… :P/>
Cranium #110
Posted 19 January 2013 - 06:33 PM
True… but we would see a large decrease until the bots figured out to do that… :P/>
I doubt it. I still think preventing the account creation is more effective than blocking keywords or posts, or links.
BigSHinyToys #111
Posted 19 January 2013 - 07:19 PM
I doubt it. I still think preventing the account creation is more effective than blocking keywords or posts, or links.
In a prefect world it would be great to stop them before they make an account the problem is that computers are as smart as humans is some areas and some humans have trouble solving what a computer could do easily. by increasing the difficulty of making an account you are dis discouraging users from computer craft and that is a big side affect. the best we can do is look for patterns in behavior and work from that. combining multiple aspects that all amount to a spam post.

the funniest part is one day the spam will be so sophisticated it will actually be a useful member of the community ;)/> we can only hope.

It would be nice to know why this is going on at least. If you are the person doing this please stop. I am appealing to your sense of reason and ask that you stop this campaign. You have had your fun and proven you can now please stop. If there is something we did to annoy you please tell us. We the community are not bad people we just enjoy computer craft and want to communicate with other users please stop. You can even join the community and engage in intellectual destruction.
RunasSudo-AWOLindefinitely #112
Posted 19 January 2013 - 08:16 PM
In a prefect world it would be great to stop them before they make an account
In a perfect world, they wouldn't exist.
Keep dreamin', pal.
Leo Verto #113
Posted 20 January 2013 - 03:25 AM
One way that I've seen done before is to block newly registered users from posting links. If somebody with less than 5 posts tries to post a link (Maybe we can allow links to certain whitelisted websites like Pastebin so new users can post their programs still), they are prevented from making the post (otherwise the spam would still go through, just sans link)
Yes, I've said that a few times before but actual ideas how to prevent spam seem to be ignored.

I would just suggest denying posts containing links (other than pastebin) for the user group clueless.
Dlcruz129 #114
Posted 20 January 2013 - 04:08 AM
I think moderators should have to approve a user's first few posts.
TheOddByte #115
Posted 20 January 2013 - 09:46 AM
Maybe keyword blocking may come in handy too… for example I dont ever see any point to someone on this forum posting the word "viagra" so that could go on the list of words, then thats about 30% of the spam stopped…
uggboot would remove another 30%
More like 50%
Yeah and also Prada handbags since I doubt it has anything to do with this forum… Or has it? :P/>
And I don't think you should be able to put Links like

www.primarylouisvuittonsale.comkh55
www.bestfeelingmulberry.co.ukgb11
www.varioustypesuggs.co.ukyl11

On the forum.
And all the spam is always getting posted in General,
I mean seriously everytime I look there it's always new spam!
theoriginalbit #116
Posted 20 January 2013 - 10:33 AM
And all the spam is always getting posted in General,
I mean seriously everytime I look there it's always new spam!
General, Programs, Bugs, Suggestions, and recently started up, Ask a Pro… But yes, mainly General…
ardera #117
Posted 20 January 2013 - 08:52 PM
What about questions about CC at registering? I don't think that these spammers know what CC is. They could google it, but I don't think that they would find out so much…
TheOddByte #118
Posted 20 January 2013 - 09:18 PM
What about questions about CC at registering? I don't think that these spammers know what CC is. They could google it, but I don't think that they would find out so much…
If they don't watch some of it on youtube or something…
RunasSudo-AWOLindefinitely #119
Posted 20 January 2013 - 09:44 PM
How about we just add a

User-agent: *
Disallow: /
to the robots.txt and hope for the best? </joke>

I think moderators should have to approve a user's first few posts.
While that would definitely work, it would probably clog up the system with new user posts. Not to mention the "I want a solution and I want it now!!!!" mentality of new user Ask a Pro posts. I've just had to register an account and jump through all those hoops, and now I have to get my post approved?!
Dlcruz129 #120
Posted 21 January 2013 - 05:18 AM
How about we just add a

User-agent: *
Disallow: /
to the robots.txt and hope for the best? </joke>

I think moderators should have to approve a user's first few posts.
While that would definitely work, it would probably clog up the system with new user posts. Not to mention the "I want a solution and I want it now!!!!" mentality of new user Ask a Pro posts. I've just had to register an account and jump through all those hoops, and now I have to get my post approved?!

I've seen a lot of forums do it, and it isn't really that annoying.
sjkeegs #121
Posted 22 January 2013 - 02:53 AM
What about questions about CC at registering? I don't think that these spammers know what CC is. They could google it, but I don't think that they would find out so much…
The questions would have to be really basic. We don't want to turn away people who are coming here to learn about CC.
PixelToast #122
Posted 22 January 2013 - 03:37 AM
How about we just add a

User-agent: *
Disallow: /
to the robots.txt and hope for the best? </joke>
oh god, that would block google :P/>
theoriginalbit #123
Posted 23 January 2013 - 12:33 PM
So updates have been rolled out that prevent a new user from posting a topic? whats the requirements for them to be able to? Coz I've already got ppl asking me why they cant start a new topic in Ask a Pro… why they are asking me, who knows………….
KaoS #124
Posted 23 January 2013 - 02:49 PM
So updates have been rolled out that prevent a new user from posting a topic? whats the requirements for them to be able to?

Dan200 appeared on IRC earlier this evening, he was notifying us that he has corrected a security flaw and has added additional security that puts new users in a group of their own, they will be unable to create a topic for a total of 3 days and if their issue is particularly urgent they can approach people on the IRC

he was also immediately waylaid by various users including myself for information :D/> gotta feel sorry for the guy sometimes. recognition is great but it may get a bit much from what I can see :)/>
Edited on 23 January 2013 - 01:50 PM
theoriginalbit #125
Posted 23 January 2013 - 02:55 PM
So updates have been rolled out that prevent a new user from posting a topic? whats the requirements for them to be able to?

Dan200 appeared on IRC earlier this evening, he was notifying us that he has corrected a security flaw and has added additional security that puts new users in a group of their own, they will be unable to create a topic for a total of 3 days and if their issue is particularly urgent they can approach people on the IRC

he was also immediately waylaid by various users including myself for information :D/> gotta feel sorry for the guy sometimes. recognition is great but it may get a bit much from what I can see :)/>
ok cool thanx for the info…
KaoS #126
Posted 24 January 2013 - 08:19 AM
well I must say the spam seems to have vanished…. perhaps I just have great timing but it seems good so far. thanks guys
NeverCast #127
Posted 24 January 2013 - 09:00 AM
Now we shall see if the bots were totally autonomous or have some user managing them. If the latter, we shall see floods of spam again soon..
Leo Verto #128
Posted 24 January 2013 - 09:55 AM
Yup, them spamming existing threads would be really a pain.
Tiin57 #129
Posted 25 January 2013 - 10:21 AM
Yup, them spamming existing threads would be really a pain.
That seems to have stopped, and (knock on wood) the spam threat has been defeated!
Cranium #130
Posted 25 January 2013 - 10:23 AM
Not so much. I am still cleaning up spam every now and then. It seems that the majority of attacks were to create a new topic. Since new users can't create topics until after a few approved posts, it seems to work well. We are still working hard to prevent spam.
Luanub #131
Posted 25 January 2013 - 11:33 AM
I've noticed a drastic decrease in the spam. Good job guys!
NeverCast #132
Posted 25 January 2013 - 12:09 PM
Same here, had some nasty ones the other night. Nothing more than bringing back some dead posts really. As for new topics, that seems to have stopped.
Well done!
Cranium #133
Posted 25 January 2013 - 12:12 PM
Yup. I try to be on here most of the day, and do some stealth moderating, but if you see something that I might have missed, feel free to hit that report button!
D3matt #134
Posted 25 January 2013 - 03:21 PM
Clearly something broke again, because a 1-post user just made a spam post.
Luanub #135
Posted 25 January 2013 - 04:02 PM
The account is a few days old and already in the member group. Might see a few from older accounts until they all get flushed out.
shiphorns #136
Posted 30 January 2013 - 07:29 PM
I manage a lot of forums, and I've had the best luck keeping out spambots by baiting them with CAPTCHA but requiring real people to put something else into the field. For example, my forums display a CAPTCHA code with a text entry box next to it, but there are bold instructions to ignore the code and just type "hello" in the box instead, or the answer to a simple trivia question. The spam bots get hung up trying to parse the captcha code, and obviously it takes a real person to read the instructions that tell you to ignore the code.
Tiin57 #137
Posted 31 January 2013 - 03:19 AM
I manage a lot of forums, and I've had the best luck keeping out spambots by baiting them with CAPTCHA but requiring real people to put something else into the field. For example, my forums display a CAPTCHA code with a text entry box next to it, but there are bold instructions to ignore the code and just type "hello" in the box instead, or the answer to a simple trivia question. The spam bots get hung up trying to parse the captcha code, and obviously it takes a real person to read the instructions that tell you to ignore the code.
That's an excellent idea.
Dlcruz129 #138
Posted 31 January 2013 - 04:09 AM
I manage a lot of forums, and I've had the best luck keeping out spambots by baiting them with CAPTCHA but requiring real people to put something else into the field. For example, my forums display a CAPTCHA code with a text entry box next to it, but there are bold instructions to ignore the code and just type "hello" in the box instead, or the answer to a simple trivia question. The spam bots get hung up trying to parse the captcha code, and obviously it takes a real person to read the instructions that tell you to ignore the code.
That's an excellent idea.
Indeed it is.
Skullblade #139
Posted 01 February 2013 - 01:48 PM
I like that idea but if this is a individual intentional attack then it will only be a little until the "attacker" realizes the new restriction and always types "hello"
GoldTrousers #140
Posted 05 February 2013 - 03:04 PM
So are new accounts now allowed to post threads? I signed up to ask a question on the 'ask a pro' but it says I "cant start a new topic" Sorry if this is a strange place to post this question, but all I can do is make comments on threads.
theoriginalbit #141
Posted 05 February 2013 - 03:06 PM
So are new accounts now allowed to post threads? I signed up to ask a question on the 'ask a pro' but it says I "cant start a new topic" Sorry if this is a strange place to post this question, but all I can do is make comments on threads.
Good to see that people read forum stickies, especially when they are in the section that you want to post in, here is one sticky (http://www.computercraft.info/forums2/index.php?/forum-14/announcement-1-forum-guidelines/) read the bold bit. Then here is a second sticky (http://www.computercraft.info/forums2/index.php?/topic/9919-new-members-needing-to-ask-questions-please-read/) which is also helpful for you. Both of these stickies are in the very section you wanted to post.
GoldTrousers #142
Posted 05 February 2013 - 03:12 PM
Good to see that people read forum stickies, especially when they are in the section that you want to post in, here is one sticky (http://www.computerc...rum-guidelines/) read the bold bit. Then here is a second sticky (http://www.computerc...ns-please-read/) which is also helpful for you. Both of these stickies are in the very section you wanted to post.
I must be blind. I don't know how I missed those. I scanned through the stickies and I must have missed it. Thanks.
ArmchairArmada #143
Posted 19 February 2013 - 05:59 PM
Warning: The following will be entirely off-topic.

I cannot start any new topics anywhere on the forum and I don't know why (hence, why I didn't start a topic to get help with this.) Every forum category says, "You cannot start a new topic" at the top. If it helps, I reset my password about a week ago then noticed this problem. I thought maybe I had to just wait it out, but I guess not.
Cranium #144
Posted 20 February 2013 - 03:42 AM
Warning: The following will be entirely off-topic.

I cannot start any new topics anywhere on the forum and I don't know why (hence, why I didn't start a topic to get help with this.) Every forum category says, "You cannot start a new topic" at the top. If it helps, I reset my password about a week ago then noticed this problem. I thought maybe I had to just wait it out, but I guess not.
Did you not read the several posts above yours? They are the exact same question.
Skullblade #145
Posted 20 February 2013 - 05:20 AM
Warning: The following will be entirely off-topic.

I cannot start any new topics anywhere on the forum and I don't know why (hence, why I didn't start a topic to get help with this.) Every forum category says, "You cannot start a new topic" at the top. If it helps, I reset my password about a week ago then noticed this problem. I thought maybe I had to just wait it out, but I guess not.
Did you not read the several posts above yours? They are the exact same question.
Cranium he has 8 posts though…he should be able to
Lyqyd #146
Posted 20 February 2013 - 06:13 AM
Warning: The following will be entirely off-topic.

I cannot start any new topics anywhere on the forum and I don't know why (hence, why I didn't start a topic to get help with this.) Every forum category says, "You cannot start a new topic" at the top. If it helps, I reset my password about a week ago then noticed this problem. I thought maybe I had to just wait it out, but I guess not.

You appear to be in the correct group. Try clearing your cache. If you are still unable to post new topics, please let us know so that an administrator can review your account.
ArmchairArmada #147
Posted 20 February 2013 - 10:02 AM
Warning: The following will be entirely off-topic.

I cannot start any new topics anywhere on the forum and I don't know why (hence, why I didn't start a topic to get help with this.) Every forum category says, "You cannot start a new topic" at the top. If it helps, I reset my password about a week ago then noticed this problem. I thought maybe I had to just wait it out, but I guess not.
Did you not read the several posts above yours? They are the exact same question.

Ha! No, actually. I was so frustrated by not being able to figure this out that I just selected the first topic I saw and posted my problem. The thing is, I was able to start a few new threads when I first signed up, so I didn't know why I couldn't any more.

I now see that the Start New Topic button is available. Thanks, whoever might have corrected this.
shiphorns #148
Posted 14 March 2013 - 10:23 AM
I like that idea but if this is a individual intentional attack then it will only be a little until the "attacker" realizes the new restriction and always types "hello"

As I noted in another thread here, on my most heavily-trafficked forum, I still use the CAPTCHA as spambot bait in the way I described above, but the instructions to humans aren't as simple as typing "hello" or the answer to "2+2=?", but rather I ask a trivia question that is themed to the site. The criteria for the trivia question are simple: it has to be easy for someone to answer if they have real interest in the topic that the forum discusses, but difficult to answer (even with Googling) for someone unfamiliar with the topic of the site. For example, on this site, you might ask "You craft a monitor from stone and a:" where you accept "glass pane" as the answer. Easy for anyone here to answer, but time consuming for some spammer from a foreign country who knows nothing about minecraft or computercraft to answer.

But… human forum spammers are rare and infrequent enough to be dealt with just like any other problem member. Spambots are responsible for most of the high volume of spam attacks to sites running popular forum and blog software.
ben132 #149
Posted 22 March 2013 - 07:48 AM
–Fail– Glanced Up Ignore
theoriginalbit #150
Posted 22 March 2013 - 07:49 AM
I am really sorry to post here. But I cannot start any topics in an of the sub-forums
P.S. I know this is in the wrong place but there is nothing that I can do.
Good to see that people read forum stickies, especially when they are in the section that you want to post in, here is one sticky (http://www.computerc...rum-guidelines/) read the bold bit. Then here is a second sticky (http://www.computerc...ns-please-read/) which is also helpful for you. Both of these stickies are in the very section you wanted to post.
Cranium #151
Posted 22 March 2013 - 07:55 AM
I am really sorry to post here. But I cannot start any topics in an of the sub-forums
P.S. I know this is in the wrong place but there is nothing that I can do.
Did you not read the Forum Guidelines, where there is a HUGE BOLD ANNOUNCEMENT? Regardless, this marks your fourth post, so you are able to make topics now.