pwm Posted January 6, 2018 Share Posted January 6, 2018 The forum should have some form of function where x people could make a blocking vote to pause an account from making new posts until moderator or site owner has reviewed the situation. That would better allow spam attacks to be mitigated during off hours where the normal staff isn't available. With a rule that an account must have existed for 12+ months and be in good reputation, it would be hard for an attacker to use the feature for a denial-of-service attack. 2 Quote Link to comment
digitalfixer Posted January 6, 2018 Share Posted January 6, 2018 Even simpler would be that all new members posts are moderated for the first few messages. That way the spam message would not be seen by the majority of members and a moderator or owner could just mass delete the offenders. 1 1 Quote Link to comment
JorgeB Posted January 6, 2018 Share Posted January 6, 2018 Something need to be done for sure, wasn't this forum software supposed to be much better blocking spam? Quote Link to comment
bonienl Posted January 6, 2018 Share Posted January 6, 2018 I would say we need more moderators (maybe only for spam protection) in different time zones to cover a 24 over 24 basis. 1 Quote Link to comment
orlando500 Posted January 6, 2018 Share Posted January 6, 2018 True... was/is a lot of spam this morning Quote Link to comment
SSD Posted January 6, 2018 Share Posted January 6, 2018 I have been actively marking these accounts as spammers, but looks like some sort of automated attack. I have informed Lime tech. Have to go so hopefully another mod can keep moderating. 2 Quote Link to comment
BRiT Posted January 6, 2018 Share Posted January 6, 2018 Shame that this forum software doesnt seem to have as good of antispam protections as XF with their StopForumSpam integreation. Its that or this forum doesnt have their settings set properly enough. Quote Link to comment
jonp Posted January 6, 2018 Share Posted January 6, 2018 Just a public update on this. We are actively looking into this issue. IPS does have forum spam prevention, so we're not sure why the sudden rush of spam bots (spam prevention has been working just fine for some time now). We'll update everyone again once we have some more news. For now we just have to play a bit of whackamole. Quote Link to comment
jonp Posted January 6, 2018 Share Posted January 6, 2018 Ok, we believe we have identified the issue causing the spamming and have implemented fixes. Part of these fixes includes changing to recaptcha 2 for human validation during account sign up and adding some manual question / answer work for the user to do. These two things alone should heavily combat the spam issue, but we'll be monitoring closely to ensure all is working as intended. 1 1 Quote Link to comment
david279 Posted January 7, 2018 Share Posted January 7, 2018 spammer is back.... Quote Link to comment
saarg Posted January 7, 2018 Share Posted January 7, 2018 This is getting mighty annoying! It doesn't work to ignore the user either in the unread posts list. It still shows up. Maybe you could have someone in the European timezone that can at least remove the posts? @jonp As far as I know it's only American moderators on this forum. 1 Quote Link to comment
dalben Posted January 7, 2018 Share Posted January 7, 2018 The earlier suggestion of a new user needing a mod to allow the first 2 or 3 posts is effective but it’s more work and not a great user experience. Or yes, give some users in other timezones the ability to mute spambots. I think IPS is that granular. Quote Link to comment
pwm Posted January 7, 2018 Author Share Posted January 7, 2018 Yes, there is quite a number of hours with lots of spam before any of the moderators wakes up and takes care of the issue. By the way - it tends to not work too well with moderation of first posts. There are multiple spam bots that has significant natural language support, and can auto-generate answers to existing threads that seem normal enough to not get caught by a moderator. And some spam bots also understands how to start new threads by duplicating questions from very old threads. So moderation of the first posts after account generation has failed for other forums. Quote Link to comment
BRiT Posted January 7, 2018 Share Posted January 7, 2018 Who knew this place would turn into a haven to solve all your astrological or gem and gold medalist needs? How about simply preventing new users from posting external links or auto-moderating posts from new users with external links? That single setting seems to deter enough of the spambots to make it a win-win on the forums I admin. 2 1 Quote Link to comment
pwm Posted January 7, 2018 Author Share Posted January 7, 2018 Moderation of external links for the first 10 posts and first 30 days could have a chance to work. 2 Quote Link to comment
SSD Posted January 7, 2018 Share Posted January 7, 2018 I also noted very slow forum performance during the spamming periods. Not sure if a symptom of the spamming or a symptom of IPS handling my marking users as spammers. Given to very moderate volume in the great scheme of things, I was surprised that bringing up unread lists was taking 30 seconds or more. Was thinking you could implement some common sense protections against too many posts in a short period of time triggering auto-marking of users as spammers. 1 Quote Link to comment
tdallen Posted January 7, 2018 Share Posted January 7, 2018 3 minutes ago, SSD said: I also noted very slow forum performance during the spamming periods. I noticed the same thing. Quote Link to comment
pwm Posted January 7, 2018 Author Share Posted January 7, 2018 14 minutes ago, SSD said: Was thinking you could implement some common sense protections against too many posts in a short period of time triggering auto-marking of users as spammers. But that could affect a number of legitimate posters on the forum. It would be interesting to know what percentage of the spam that gets accepted - the slowness could be because the forum receives many more requests that gets blocked. But a problem with the spam robots is that they break the caching logic for the server so every page load requires the page to be built before being served. Quote Link to comment
SSD Posted January 7, 2018 Share Posted January 7, 2018 51 minutes ago, pwm said: But that could affect a number of legitimate posters on the forum. I think a method could be devised that does not impact legitimate use. It may not catch all spammers, but could catch the kind of egregious spamming we saw over the past couple days. Quote Link to comment
pwm Posted January 7, 2018 Author Share Posted January 7, 2018 20 minutes ago, SSD said: I think a method could be devised that does not impact legitimate use. It may not catch all spammers, but could catch the kind of egregious spamming we saw over the past couple days. I don't think I have ever seen so aggressive spamming - it looked more like a load test than normal spamming. Quote Link to comment
BRiT Posted January 7, 2018 Share Posted January 7, 2018 3 hours ago, pwm said: I don't think I have ever seen so aggressive spamming - it looked more like a load test than normal spamming. Oh, then you hadn't seen the old forums when there was THOUSANDS if not Tens of THOUSDANDS of Spam Posts in the span of an hour. That was obscene. Quote Link to comment
pwm Posted January 7, 2018 Author Share Posted January 7, 2018 11 minutes ago, BRiT said: Oh, then you hadn't seen the old forums when there was THOUSANDS if not Tens of THOUSDANDS of Spam Posts in the span of an hour. That was obscene. The bad thing with spammers is that once they find a working way in, the forum server gets marked as a "good" server, so the amount of attacks will increase. Quote Link to comment
1812 Posted January 8, 2018 Share Posted January 8, 2018 LT could hand out a few more ban sticks to older members and let them help patrol the board until they get it under wraps. Quote Link to comment
dalben Posted January 8, 2018 Share Posted January 8, 2018 14 hours ago, pwm said: By the way - it tends to not work too well with moderation of first posts. There are multiple spam bots that has significant natural language support, and can auto-generate answers to existing threads that seem normal enough to not get caught by a moderator. And some spam bots also understands how to start new threads by duplicating questions from very old threads. So moderation of the first posts after account generation has failed for other forums. Yeah, which is why I said 15 hours ago, dalben said: needing a mod to allow the first 2 or 3 posts Quote Link to comment
pwm Posted January 8, 2018 Author Share Posted January 8, 2018 But if I write: 15 hours ago, pwm said: So moderation of the first posts after account generation has failed for other forums. So how do you then think the following will work? 39 minutes ago, dalben said: needing a mod to allow the first 2 or 3 posts It's just that some more complex spam bots can perform more than 2-3 posts that looks legitimate, by reusing text from older posts or by creating posts that looks like real answers to threads written by other users. The spam bots can do this specifically just to survive manual moderation for x initial posts, before the spam bots then switches over to starting to mass-spam. Some spam bots can even use Google - so they pick up text from posts and insert into Google and then select text from the Google hits into thread responses. All just to make it seem that the account is owned by a real human. Some spam bots follows up with that tactic even after a while - just that initially they don't post any links. After a while they post Google-located answers together with one or two semi-camouflaged sentences with the payload links. All just to trick a human moderator - you basically need to check the post history to notice the pattern. That it isn't just a real user that is a tiny bit weak on English from having English as second or third language and a bit weak skills about the specific subject. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.