Some suggestions to fight spambots

[TheTrueHinoarashi]

First, maybe we should remove the "60 second" restriction in reporting. I know 1 minute is short, but I think that would work a bit.

Second, there must be CAPCHA in login. Because a human can bypass the CAPCHA while creating an account, then he/she will command a bot after. If this doesn't work, maybe, a software to determine if a user is a human or bot?

Third, we must have reviewers to look at the new posts before making them live, and if it is repeated, the reviewer can report to a moderator to block the spambot.

All of these are temporary. If the spambots are gone for two months, then these suggestions can be removed again.

 

[TylerM]

We could do what the Trevor Project does, and have each user submit a picture with a string of numbers(generated by an RNG) written down, with their face visible.

 

[Fig]

Third, we must have reviewers to look at the new posts before making them live, and if it is repeated, the reviewer can report to a moderator to block the spambot.

Considering the volume of new posts we get, that wouldn't be a very practical solution.

 

[Snowy]

a software to determine if a user is a human or bot?
.

I think that's a good idea. [GlowHost] Spam-O-Matic - Spam Firewall stops forum spam - vBulletin.org Forum

I don't know what addons BMGf already has but this is the one I used when I used to admin a vBulletin forum a couple of years ago. What does it do?

This data responsible for blocking user registrations comes from the stopforumspam.com (SFS) spammer database. After the user who is trying to register passes the built-in vBulletin registration checks which you have configured in your vBulletin settings, SOM then checks the SFS database to see if the IP, username, or email address that the user is trying to register with has been recently tagged as a known spam source on other forums around the Internet. Also can be configured to check the Akismet service for known comment spam.

Other Notable Stuff
It also does a ton of other cool stuff like moderating posts automatically if the post is found in the Akismet database, or if it contains words on your "Bad Words" keyword list which can be configured within the mod itself.

 

[TheTrueHinoarashi]

No CAPCHA also do that thing also, but it is only available in Sign-up.

a software to determine if a user is a human or bot?
.

I think that's a good idea. [GlowHost] Spam-O-Matic - Spam Firewall stops forum spam - vBulletin.org Forum

I don't know what addons BMGf already has but this is the one I used when I used to admin a vBulletin forum a couple of years ago. What does it do?

This data responsible for blocking user registrations comes from the stopforumspam.com (SFS) spammer database. After the user who is trying to register passes the built-in vBulletin registration checks which you have configured in your vBulletin settings, SOM then checks the SFS database to see if the IP, username, or email address that the user is trying to register with has been recently tagged as a known spam source on other forums around the Internet. Also can be configured to check the Akismet service for known comment spam.

Other Notable Stuff
It also does a ton of other cool stuff like moderating posts automatically if the post is found in the Akismet database, or if it contains words on your "Bad Words" keyword list which can be configured within the mod itself.

The only problem is, bots can use proxies.

 

[Snowy]

The only problem is, bots can use proxies.

They can, but that'll just get the proxy flagged too.

No system is ever perfect, but I do think the system I suggested works quite well... I ran a forum for over a year with this addon and it worked just fine.

But as I said, I have no idea if BMGf is already running an anti-spam addon similar to this one.

 

[TheTrueHinoarashi]

You can PM Archaic, the webmaster about it.

 

[Snowy]

You can PM Archaic, the webmaster about it.

I'm sure Archaic has already seen this post

 

[Almonds]

How about auto-Post Moderation? I don't know if this still happens, but sometimes some of the comments on blogs don't show up ('gets moderated') even on blogs that have the default setting. Iirc, it is due to including links or certain words. (I think that was the cause) Maybe introducing a similar program that auto-moderates too many links or gibberish could at least slow down the spambots.

Idk if this is a possible thing or not, but maybe something similar can help?

 

[henrymidfields]

We could do what the Trevor Project does, and have each user submit a picture with a string of numbers(generated by an RNG) written down, with their face visible.

I think TV Tropes do that too. And another blog that I frequent does that as well. Worth a try I think.

 

[Fig]

I'm not entirely familiar with how they do it, but wouldn't that essentially require us to manually check every registration?

In addition, we have a lot of younger users who may not have the means to take the picture without asking their parents (not that they should), and whose parents might not want them posting their pictures to forum...

 

[Qing'e]

I'm not entirely familiar with how they do it, but wouldn't that essentially require us to manually check every registration?

In addition, we have a lot of younger users who may not have the means to take the picture without asking their parents (not that they should), and whose parents might not want them posting their pictures to forum...

Not necessarily, software exists that can recognize details like human faces and numbers/letters, like the keycode generated as part of the signup process.

Also, it doesn't mean the photo is being put into public view, it just has to be uploaded to the site server to be checked by the aforementioned software, and doesn't even need to be stored afterwards.

 

[Snowy]

Also, it doesn't mean the photo is being put into public view, it just has to be uploaded to the site server to be checked by the aforementioned software, and doesn't even need to be stored afterwards.

I don't think that'd convince a lot of people. I probably would refuse to do that myself, even if only a computer is seeing it. Not unless I can use my Pikachu plushie instead of my own face. *shrug* I don't know why I feel that way, so don't ask.

Plus that won't stop a human from doing the sign up (Or using compromised accounts).

As I said, I don't know what addons BMGf already has but I think the best process is automoderated posts. That is, an addon that if it sees certain word sequences (As checked against anti-spam websites), it places the post into a moderation queue.

That will allow the moderation team to hit the bots before we normal users get to see them.

Another thought is a spam-squad. That is a large group of bulbapedia normal users that have no moderation powers, but have the ability to flag a user as a spammer, which would hide all that user's posts and refer them to a moderator or section head for review.

 

[Stratelier]

Another possibility is to block/limit/moderate any new topics posted by new user accounts (e.g. fewer than ## post count or days registered).

 

[TylerM]

Another possibility is to block/limit/moderate any new topics posted by new user accounts (e.g. fewer than ## post count or days registered).

Moderation of new topics is a good idea.

edit: or we could make introduction threads obligatory, so all new users have to make an introduction thread before they are allowed to post anywhere else on the forum.

 

[Snowy]

edit: or we could make introduction threads obligatory, so all new users have to make an introduction thread before they are allowed to post anywhere else on the forum.

Unfortunately, giving the spam bot access to only one forum still gives them a means to spam their rubbish.

Also, how would they be granted access to the rest of the forum? Would it be automatic after posting the intro thread, or would an admin have to do it? I foresee problems with both.

 

[Fig]

I don't see many of those solutions as realistic. Ultimately, they all seem to prefer the comfort of current users over letting new users use the forum. I can't say I'm okay with that.

A severe restriction on how new users - the real ones, putting aside spambot for a second - can use the forum so that the rest of us don't have to deal with the inconvenience (and that's all it is, an annoyance) of spambots is *not* what I'd call a good move.

 

[jayrachi]

Honestly, I would suggest simply adding a simple verification question to the registration form (i.e. What's 2+5?). This could go a long way to preventing bots from signing up, since reCAPTCHA seems to always have problems with people bypassing it.

 

[Krash]

Another possibility is to block/limit/moderate any new topics posted by new user accounts (e.g. fewer than ## post count or days registered).

This was the idea that I was going to propose. Seeing as the bots only post new threads and have yet (to my knowledge) to start posting within already created threads, it would be safe to summarize that a 15-post requirement for the creation of new threads, with The Garden Grotto being the exception, would surely limit the amount of spambot activity. It's a fix that's easily implemented, and can be removed after an appropriate amount of time. Users could create their intro thread, and still post in other boards, but they would be required to post 15 or so times before the option to create a thread becomes available to them.

 

[Fig]

As I already said :

I don't see many of those solutions as realistic. Ultimately, they all seem to prefer the comfort of current users over letting new users use the forum. I can't say I'm okay with that.

A severe restriction on how new users - the real ones, putting aside spambot for a second - can use the forum so that the rest of us don't have to deal with the inconvenience (and that's all it is, an annoyance) of spambots is *not* what I'd call a good move.

While spambots have proved to be a bit more than an annoyance, the answer to that suggestion is still a flat-out no. The last thing we need is to make the forum less accessible to new users.