Spambots

Nerixel

New Member
Jul 29, 2019
1,239
0
0
I still don't like it.

...and who am I kidding? I'd love to be an admin here. Get rid of spammers left and right, help solve issues with a slightly larger amount of clout with my advice, get to have moderator text... What more could I want to do around here?

As a side benefit, apparently Admins get to have a custom title, which is all kinds of cool.
All staff got the chance to request that when the forums switched from the title system to the banner system :p
I don't think it's a normal thing for all staff to get though, but I believe moderators can change at least their own title at will.
 

b0bst3r

New Member
Jul 29, 2019
2,195
0
1
Your attempts didn't work the Introductions forum is spammed by bots this morning (already reported).
 

YX33A

New Member
Jul 29, 2019
3,764
1
0
Your attempts didn't work the Introductions forum is spammed by bots this morning (already reported).
Then it looks like the only way to beat this is gonna be using a non-standard limiter on who can make posts where/make threads.
Much like how Data Realms does theirs. You have to post in a specific thread that is the only one you can access(and can't make threads) and say a "keyword phrase". This isn't even a automatic way of doing this, if I understand correctly, as each post there still has to be checked by an Admin eventually to get access to the actual forums.
 

Yusunoha

New Member
Jul 29, 2019
6,440
-4
0
just throwing out and idea I just had... though it's not exactly user friendly, but is it possible if a new user signs up, that user will have to wait a week before he/she can make a topic, and after that week they have to do some sort of security question they need to answer or complete before they're allowed to start making topics. this ofcourse is a very annoying thing for new users who signs up to get support, so new users should still be able to make a new topic in the support category, but they're limited to 1 topic a day, and they should need to enter certain information before that topic is allowed to be posted. information could be tags concerning the problem they're having. you could allow them to enter tags manually, or have them choose from pre-set tags.

though this probably will requite alot of editing as I doubt xenforo has these kind of things already coded... and seeing as the forum might switch from forum software when it gets moved to the curse forums I don't really think doing so much coding for such a short time will be worth it...
 

Captainnana

New Member
Jul 29, 2019
596
0
0
I'll have to wait for a report from our forum team on accounts that were used to spam but I would guess they signed up during the period where there was an issue
 

Yusunoha

New Member
Jul 29, 2019
6,440
-4
0
bringing this back up, seeing as spambots still come roaming around here from time to time
I think it's best to not allow new accounts to post links unless it's from pastebin, until they've reached a minimum of 5 posts

that should stop pretty much most of the spambots that come through seeing as they're all new members with no posts including a link in their first post
 

Vauthil

New Member
Jul 29, 2019
1,491
-14
1
bringing this back up, seeing as spambots still come roaming around here from time to time
I think it's best to not allow new accounts to post links unless it's from pastebin, until they've reached a minimum of 5 posts
Forums don't work like that out of the box, and if you wrote in the necessary stuff to do just this (bar minus whitelist) on the URL tag it would significantly increase the overhead of queries made each time a post is displayed (the actual parser runs when a post is displayed, not when it's input; doing it the other way presents other... complications, let's leave it at that. It's possible to write a filter at post time, but what it could break would be... interesting). The average URL density on threads like the Modded Minecraft News thread would really take the parser for a spin each time somebody opened the page. I personally don't like seeing the Cloudflare offline screen that much, but this week has been pretty choppy in general since I've been forced into using Twit Warble for my internet so I'm just grumpy on that count in general.

Now, barring the URL bbcode entirely until X post count? Much less overhead, but no doubt somebody just registering and going straight to Bug Reports would have a flip-out or some other edge case would irritate somebody. A great deal of folks don't register an account here until they have an issue to report. I actually happen to use this solution on other forums I administrate (although I peg the number at 15 posts), but they don't have the same requirements for providing URL links.
that should stop pretty much most of the spambots that come through seeing as they're all new members with no posts including a link in their first post
If the bots were rational human actors you'd have a point. They aren't. Other than the occasional really really weird witch doctor voodoo-type ads (which were some actual true spam bots and within 3 minutes would be slamming away at providing URLs if the above solution were applied), these bots are posting a single advertisement and not logging in ever again anyway. The people writing and running these bots know they're expendable and don't really care and don't even check (for example, look at how many of them include HTML code, which the forum never allows to be parsed). Their strategy isn't just hitting poor little ol' FTB, it's to blanket every forum en masse that they can manage to get a registration ping on (and FTB, being a site with a very significant younger audience, tends to have straighter human verification to navigate for them to do so).

Now, what I am tired of seeing is waking up to having had one or two such posts and seeing people replying to the damn things who didn't hit the Report button (a couple I've even seen just posting "I've reported you!" and they didn't actually hit send on the Report. The bot isn't reading and quaking in it's boots so why bother replying with anything?!). You're going to lose your internet points for snark the moment we spamhammer the original poster, so why are you people bothering? Report and move on, it'll get clicked when a human being can get to it.

TL;DR: The only solution on the planet that's 100% effective vs. spambots is to not have a site at all. Report and move on.
 

Yusunoha

New Member
Jul 29, 2019
6,440
-4
0
I don't really know anything about coding and I've never really been in the control panel of a xenforo forum, so I didn't really think of how much it'd be to realize this.
I always report a spambot whenever I see one, as they're usually easy to spot as they often don't know how to use pharagraphs and have a link at the end of the post, but sometimes people do post in those topics

another idea I had was to have some sort of spambot button in the report window, and if for example 3 different people clicked that button, the topic will be hidden until a moderator can check it.
to prevent abuse the people reporting a false spambot may end up getting timed out themselves

but as you mentioned, the coding for doing this would probably do more bad then good