Jump to content

Suggested anti bot measures


Gorth

Recommended Posts

Since they are getting more and more annoying, Obsidian could make them do something useful...

 

Like modifying the forum software to automatically replace anything remotely ressembling a url by posters with a postcount of less than 5 with a url that points to www.obsidianent.com, www.savethedodo.org, whatever.

 

If you can't prevent them from joining, I'm pretty sure you can prevent them from linking to whatever it is they want to sell :aiee:

“He who joyfully marches to music in rank and file has already earned my contempt. He has been given a large brain by mistake, since for him the spinal cord would surely suffice.” - Albert Einstein
 

Link to comment
Share on other sites

Also maybe implement a rule for new posters where they can't post in the main part of the boards (the entirety of the boards as they exist now) until they make a few posts in a specific part of the forum for new members - an introductory area.

 

While it doesn't stop the bots from getting in, it does restrict them to a specific part thus making for easy identification and removal.

 

EDIT: I don't think admin approved accounts is a feasible idea for a public forum. It creates extra work - I'd imagine volume of signing up to be quiet high around the launch of a game. Also how do you tell if a bot really is a bot at that stage?

 

EDIT 2: Also ban certain words in user names. "Viagra" and "Cialis" are two that come to mind.

Edited by Surreptishus
Link to comment
Share on other sites

A lot of bots seem to have random letters and numbers in their names (ie KyleA236, etc.) so a word ban would only be partially effective. And what about those legitimate Viagra_Cowboys that want in on our fine forum?

 

Perhaps, instead of requiring admin approval (I've seen it done without complaint on forums with +4 active administrators) they could implement one of those confirmation letter scrambles, where a sequence of letters and numbers is displayed on an irregular background to confuse bots and entering the sequence into a box is required to legitimize the registration. That seems to work a lot of times.

 

Or you could disable the ability to create threads when a poster has 0 posts, but this runs into the same problem that the previously mentioned url-privelege runs into (aside from that solution's ineffectiveness in preventing clutter by the creation of threads, which seems to be the priority issue, as I have not yet seen a bot that has posted in an existing thread) in that this is a game forum, and obviously if a n00b turns to the community here for help, they would be largely prevented from getting the assistance they need (few n00bs seem to read or regard forum rules regarding new threads, as it is)

Link to comment
Share on other sites

At the present moment we are hoping to upgrade the board software next week. I am REALLY sorry for both the frustration this likely causes the community and the extra load it puts on the Mod Squad. In a twisted way I am grateful for them ... as I get to see the membership publicly and PM let me know their concern and extend their care. So thanks! Hopefully not too long now ...

 

Respectfully,

 

Fionavar

The universe is change;
your life is what our thoughts make it
- Marcus Aurelius (161)

:dragon:

Link to comment
Share on other sites

Preban any name that starts with 'money' or 'casino' or 'bets'.

kirottu said:
I was raised by polar bears. I had to fight against blood thirsty wolves and rabid penguins to get my food. Those who were too weak to survive were sent to Sweden.

 

It has made me the man I am today. A man who craves furry hentai.

So let us go and embrace the rustling smells of unseen worlds

Link to comment
Share on other sites

Perhaps, instead of requiring admin approval (I've seen it done without complaint on forums with +4 active administrators) they could implement one of those confirmation letter scrambles, where a sequence of letters and numbers is displayed on an irregular background to confuse bots and entering the sequence into a box is required to legitimize the registration. That seems to work a lot of times.

CAPTCHA

 

This board already has one (registration).

 

 

 

There is an alternative method that involves randomizing form field names and placing hidden html form elements that are attractive to bots.

E.g.:

 

Before:

title field: "title"

post field: "post"

 

After:

bogus hidden field: "post"

title field: "f0Wno6t10"

bogus hidden field: "title"

post field: "qp5ew46A2"

 

EDIT:

Also, the reason that the bots keep picking ":shifty:" smilie is because it is the first in the list. Add one more hidden element (say, id=0) in front of the list, the bots will pick it, the humans won't. The board can just swallow the post with no error and the bot will think that it has posted, but no actual post would be made.

Edited by Diamond
Link to comment
Share on other sites

I have an IPB forum as well.

 

I've also banned all .ru and .info email addresses (among others), HOWEVER, my forum is for a spanish community (english speakers post there occasionally as well). But Obsidian being entirely international has to be able to accommodate russian people too, don't you think? :)

 

Also, having an admin just to validate accounts sounds to me like a waste of time.... not to mention modifying the forum software to change urls from people with less than 5 posts (if that had been done I wouldn't have had the opportunity to share the Interview to Obsidian with you ahem).

 

Oddly enough, the other day a spambot posted the url to a spambot software in my forums. After reading the info of what the program can do, I was pretty much appalled :o as everything seems to be 100% automated. They can decipher the image code, they can use the email verification, etc. I'm currently hoping the IPB people think of something for their 2.2 version, which already has a RC 3, but still nothing final.

 

...and even so, I am 100% sure that when version 2.2 gets released, the spambot makers will find a way to make their bots bypass all the filters for that version too.

 

Admins/GMs/Mods, I think we're doomed to delete and ban posts and spambots. :)

 

Regards,

Edited by Immortality

Spanish translator.

http://www.clandlan.net

Link to comment
Share on other sites

Bots can't circumvent CAPTCHA; that would prevent the automation of account creation as part of the spam, which would prevent most of the spam, because manually creating an account to spam with would invalidate the advantages of automating the message.

OBSCVRVM PER OBSCVRIVS ET IGNOTVM PER IGNOTIVS

ingsoc.gif

OPVS ARTIFICEM PROBAT

Link to comment
Share on other sites

A lot of bots seem to have random letters and numbers in their names (ie KyleA236, etc.) so a word ban would only be partially effective. And what about those legitimate Viagra_Cowboys that want in on our fine forum?

You're right, let's just do the wordban thing. I don't know if I want a legitimate "Viagra_Cowboy" around.

Link to comment
Share on other sites

A lot of bots seem to have random letters and numbers in their names (ie KyleA236, etc.) so a word ban would only be partially effective. And what about those legitimate Viagra_Cowboys that want in on our fine forum?

You're right, let's just do the wordban thing. I don't know if I want a legitimate "Viagra_Cowboy" around.

 

Agreed. I'm not sure that I want one of those around either.

 

 

Hopefully the spambots will be gone soon. Kinda like an early Chirstmas present.

Link to comment
Share on other sites

Alternatively, and this is something I have seen other threads do, is to not let new users start new threads until they hit a nominal post count like 50 or so.

 

At least as a stop gap. Some may seem it's a bit draconian, but I think any legit user will not have that much of a hard time getting to 50 posts, especially if they're active enough to be starting new threads.

 

Heck, you could probably make it 5 posts. Or even 1.

Edited by alanschu
Link to comment
Share on other sites

At the present moment we are hoping to upgrade the board software next week. I am REALLY sorry for both the frustration this likely causes the community and the extra load it puts on the Mod Squad. In a twisted way I am grateful for them ... as I get to see the membership publicly and PM let me know their concern and extend their care. So thanks! Hopefully not too long now ...

 

Respectfully,

 

Fionavar

 

When you say upgrade...Do you mean the forum will have better graphics?

Link to comment
Share on other sites

Is there anyway to use the Picture Code Verification up to a certain user level?

 

So that Level 0 requires CAPTCHA varification everytime the user wants to post, but level 1 and Up Does not require CAPTCHA varification?

 

This way it gets around the Bot accounts but does not stand to bug reguler users?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...