Screaming Metal
Active Member
Just wanna say Mike, that you are, indeed, appreciated! Thanks a million! My privacy software often says I'm either from Germany, Switzerland, or England....
Forum Spam
- Thread starter Mike
- Start date
S
spamtest
Guest
Testing account privileges
Mike
Well-Known Member
OK, we're taking things to the next level. As spam registrations continue to climb through the roof, I'm adding more utilities to help prevent them from getting through.
Since it takes a human being a wee bit of time to read the registration page and fill in all the blanks, I've added a timer to the page. If a registration is submitted in a very few seconds of the page being served, the user attempting to register is going to be re-directed to an off-site page. In other words, if a robotic script submits a registration attempt much faster than a human being could do it, then the bot will be stopped in its tracks.
As you can see above, there is no way a human could enter a username, an e-mail address, a password, a confirmed password, date of birth, gender, time zone and agree to the forum rules in just 7 seconds. That was clearly a robot that ended up visiting a remote site, after the registration failed.
I've also updated the tool that checks new registration attempts against some spam registration databases.
To be sure there still is a chance for a human to register, I went through the registration with the above spamtest account. I sailed right through with no problems, at all. So everything is working, according to plan.
I also updated the Donation Manager, this morning. It was causing some database errors, until I managed to get the .xml file uploaded and the update script ran. Apologies for that issue, but it didn't last terribly long.
Since it takes a human being a wee bit of time to read the registration page and fill in all the blanks, I've added a timer to the page. If a registration is submitted in a very few seconds of the page being served, the user attempting to register is going to be re-directed to an off-site page. In other words, if a robotic script submits a registration attempt much faster than a human being could do it, then the bot will be stopped in its tracks.
As you can see above, there is no way a human could enter a username, an e-mail address, a password, a confirmed password, date of birth, gender, time zone and agree to the forum rules in just 7 seconds. That was clearly a robot that ended up visiting a remote site, after the registration failed.
I've also updated the tool that checks new registration attempts against some spam registration databases.
- If a registration page is submitted too quickly (which has already happened six time in the last 24 minutes), the registration will be blocked.
- If a user attempts to register from an IP address that is already in one of three spam databases, the registration will be blocked.
- If a user attempts to register with an e-mail that is already in one of three spam databases, the registration will be blocked.
- If a user attempts to register with a username that is already in one of three spam databases, the registration will be blocked.
To be sure there still is a chance for a human to register, I went through the registration with the above spamtest account. I sailed right through with no problems, at all.
So everything is working, according to plan.I also updated the Donation Manager, this morning. It was causing some database errors, until I managed to get the .xml file uploaded and the update script ran. Apologies for that issue, but it didn't last terribly long.
Mike
Well-Known Member
Gee, if I were to actually upgrade that script without a problem, it would be a flippin' miracle.
The Donate link in the NavBar is still functional, for the time being. I've contacted the script developer and it seems this is not a unique problem. I'll get it fixed as soon as I can.
The Donate link in the NavBar is still functional, for the time being. I've contacted the script developer and it seems this is not a unique problem.
I'll get it fixed as soon as I can.
Mike
Well-Known Member
Still trying to get the Donation Manager working properly. It's been over 24 hours since I last heard from the developer, which isn't necessarily endearing him to me, but it is what it is.
The new scheme at blocking spam registrations is working very well. Instead of getting 300 attempts a day, we're down to less than half that amount. If a robot tries registering and completes the form too quickly, I am redirecting them to a third-party site, which gets them clear away from here. And in the last 48 hours, we've blocked just 240 robotic attempts. In the same time period, there have only been 24 other attempts made by human spammers. From 300 a day down to 264 in two days is huge for me.
The new scheme at blocking spam registrations is working very well. Instead of getting 300 attempts a day, we're down to less than half that amount. If a robot tries registering and completes the form too quickly, I am redirecting them to a third-party site, which gets them clear away from here. And in the last 48 hours, we've blocked just 240 robotic attempts. In the same time period, there have only been 24 other attempts made by human spammers. From 300 a day down to 264 in two days is huge for me.
I haven't ever tried to keep track of how many legitimate posts are made here every day, but if you let all the spam come through I would imagine that it would make up more than 75% of the traffic. I'm sure that would drive away even the most faithful in a hurry. Good job Mike.
Mike
Well-Known Member
No question that would be the case. When there are that many attempts to register and with those individuals getting paid per link, you know they would all be posting heavily. And using the average posting numbers from the last 30 days, your guesstimate is pretty accurate.
