There's some spammer/bot that keeps making new accounts under different IP addresses, spamming new threads to the forum. tchan001 and I have been aggressively banning and removing the posts, but the aggressor seems to be posting under new ip addresses.

For the time being, I've disabled new account registration, until we have a better plan.

_________________
be immersed

Thanks for mitigating the problem quickly.

Thanks, Kirby.

I've deleted 38 spammer accounts today, and dozens of spam posts.

_________________
Help make L19 more organized. Make an index: https://lifein19x19.com/viewtopic.php?f=14&t=5207

Bravo, guys!

_________________
The Adkins Principle:
At some point, doesn't thinking have to go on?
— Winona Adkins

Visualize whirled peas.

Everything with love. Stay safe.

So going forward, we have a few options:
1.) Just re-enable registration- the spammer may be bored by now.
2.) Change the captcha for registration to be more difficult.
3.) Restrict permissions on new users in some way until they've made some number of posts - for example, first X posts could require admin or moderator approval for all new users.
4.) Research phpBB mods that may have additional spam detection or functionality.

Thoughts?

_________________
be immersed

Option 1 seems optimistic, and leaves the board open to a similar attack later.

Option 3 seems like it might raise an unnecessary barrier to entry in a community that already gains new members slowly.

Options 2 and 4 seem like decent technical solutions. Which is better depends on the time investment involve for the success rate, which I don't know how to evaluate right off the bat. If you need help, let me know. I think it would be good to spread the time investment as much as possible.

In my opinion, the occasional spammers are not the problem. They are easily handled by mods.
It's the serial spammers like the one we just had recently which are the real problems. Even if you make the captcha code harder during registration, it is easy for the spam originator to make new accounts manually. Therefore it is more important to make it harder for bots to spam posts quickly. Perhaps we need to think about making a captcha code for each new post or some type of delay timer between posts to keep the amount of spam mre manageable and to make banning serial spammers less demanding on mods.

_________________
http://tchan001.wordpress.com
A blog on Asian go books, go sightings, and interesting tidbits
Go is such a beautiful game.

First of all, you guys did a great job handling this attack. The whole first page of new posts was spam, and more were flying in faster than I could report them. I see that at least three mods/admins were involved in the clean up, but I do wonder whether any further measures are indeed necessary. While this attack seemed alarming, this type of attack is rather infrequent, and as far as I can tell, shutting it down involved banning the user's ip and deleting the posts, which is basically the same work as with any other spammer. I like Kirby's idea #1 best as it avoids impeding the forum users. If it turns out that robot spam attacks are a frequent problem, then by all means we should look for a technical solution that doesn't place more burden on the mods, but if it's a once-in-a-blue-moon kind of thing, then why bother?

_________________
Patience, grasshopper.

Thanks to the mods handling it!

Having an extra captcha for the first post of a user might be enough to throw bots off. Another idea is to block temporarily posts from accounts when (repeated) posts are posted within seconds or some spam-filter detects something.

_________________
If something sank it might be a treasure. And 2kyu advice is not necessarily Dan repertoire..

My solution is a combination of several ideas proposed in this thread.

The one bottleneck that every potential spammer has to go through is registration. We have to catch them there. Trying to catch them afterwards can only be done after they have damaged the forum.

We could put all new members on appproval ( meaning that their posts are held waiting for approval by a mod )

But any attempt to slow down spammers at registration is likely to impose a rather irritating burden on legitimate new members - and does so at a time when the interest is very tentative. An established member may tolerate the irritation of being put on approval for he knows the benefits well, but a new member may give up and go away.

My solution is this: allow new members to post unimpeded, but modify the reporting code so that if anyone reports a new user's post, the new user's account converts to approval and the new post disappears from view.

_________________
Help make L19 more organized. Make an index: https://lifein19x19.com/viewtopic.php?f=14&t=5207

Does timing matter? Perhaps if a user tries to make two posts in less than 15 sec., they are assumed to be a spammer?

I have noticed several sites that use the presence of links in a note to send it to moderation. Users here often post links, usually to other go sites. Perhaps we could try that approach, and some sites to link to could be white-listed.

_________________
The Adkins Principle:
At some point, doesn't thinking have to go on?
— Winona Adkins

Visualize whirled peas.

Everything with love. Stay safe.

5) Tell that guys he is targeting the wrong place... seriously, he is spending so much time going through registration and captcha, to spam a site where very few person will be able to read his message

Is is possible to impose a captcha to the 10 first messages of every new members? then the captcha disappears after the first 10 message.

_________________
I am the author of GoReviewPartner, a small software aimed at assisting reviewing a game of Go. Give it a try!

A large part of the point of message board spam is just to plant more links to the spammer's site so the site will rise in the rankings of search engines such as Google, which use number of incoming links as a component in their measure of quality. So it doesn't matter a ton whether people read the message or not.

There are a number of ways to prevent this sort of problems:

- For computer spam bots, they will complete whatever forms very quickly unlike human-beings. So write some script to prevent forms from being submitted too quickly.
- Implement 'honey pot' - that is some fields in the registration form with some attractive names such as 'homepage', 'url', etc. Use CSS to hide such fields so they will not be seen by normal users. But computer bots are normally silly enough to fill something in these fields so such registration can be blocked easily.
- I don't remember if we need an email address in the registration process. If yes, certain domains can be easily blocked, such as .xyz (no normal people would use such domains for email).
- In all of the above cases, IP addresses are recorded and banned automatically, but only for a number of hours (just in case some legitimate users are using these IPs).
- Use some professional services to filter all traffic before they are acted upon.

That would inhibit bots, but the latest spammers did new accounts at a rate of approximately one every two minutes, which suggests that they had a human in the loop.

_________________
Help make L19 more organized. Make an index: https://lifein19x19.com/viewtopic.php?f=14&t=5207

Can one include noindex and nofollow tags in the posts of new forum members? When the member has been established we could stop adding the tags. This would frustrate the spammers attempts to increase Google rank.

Will spammers even check? I assume they just target anything that looks like PHPBB, with no manual intervention. Even if they don't get google juice, having posts from them appear on here is an annoyance.

_________________
Occupy Babel!