Recent

Author Topic: Kick this spammer out of our forum  (Read 6851 times)

wp

  • Hero Member
  • *****
  • Posts: 7533
Kick this spammer out of our forum
« on: July 16, 2014, 11:02:45 am »
Isn't there a way to kick this spammer out of our forum?

http://forum.lazarus.freepascal.org/index.php/topic,25203.msg152689/topicseen.html#new
and 5 more at this moment ...

I know he's changing his user name, but his postings always look the same: a single line header which matches the title of the posting, then one screen page densely written text with a few paragraphs.

What about a rule that the first line of a posting must be different from the title?
Mainly Lazarus trunk / fpc 3.2.0 / all 32-bit on Win-10, but many more...

jc99

  • Hero Member
  • *****
  • Posts: 544
    • My private Site
Re: Kick this spammer out of our forum
« Reply #1 on: July 12, 2015, 10:39:40 am »
I know, it's not a good thing to revive an old topic, but since
centraldocs did just an attack on some boards.
http://forum.lazarus.freepascal.org/index.php/topic,29033.msg182653/topicseen.html
[Edit]
I know he's changing his user name, but his postings always look the same: a single line header which matches the title of the posting, then one screen page densely written text with a few paragraphs.

What about a rule that the first line of a posting must be different from the title?
He did it Again !!!
[Edit] The rule is one thing, but combined with another rule: 3+ Equal posts in a short time. should be something.
+
I found something, that makes automatic spamming a little more difficult:
[Edit] http://www.ghisler.ch/board/viewtopic.php?t=20502
It's a honeypot right at the start, with automatic banning.

« Last Edit: July 12, 2015, 10:50:55 am by jc99 »
OS: Win XP x64, Win 7, Win 7 x64, Win 10, Win 10 x64, Suse Linux 13.2
Laz: 1.4 - 1.8.4, 2.0
https://github.com/joecare99/public
'~|    /''
,_|oe \_,are
If you want to do something for the environment: Twitter: #reduceCO2 or
https://www.betterplace.me/klimawandel-stoppen-co-ueber-preis-reduzieren

jacobb

  • New Member
  • *
  • Posts: 20
Re: Kick this spammer out of our forum
« Reply #2 on: July 12, 2015, 11:53:28 am »
I would personally go for something like zbblock which blocks based on a whole list of rules. I haven't used it that much yet but so far my experience is good.

Although with a forum with visitors from a lot of countries you may need to have a close look at first to make sure some of the rules are not blocking legitimate users.

jc99

  • Hero Member
  • *****
  • Posts: 544
    • My private Site
Re: Kick this spammer out of our forum
« Reply #3 on: July 12, 2015, 01:13:01 pm »
I would personally go for something like zbblock which blocks based on a whole list of rules. I haven't used it that much yet but so far my experience is good.

Although with a forum with visitors from a lot of countries you may need to have a close look at first to make sure some of the rules are not blocking legitimate users.
Huh, with zblock you are getting the big guns ...
OS: Win XP x64, Win 7, Win 7 x64, Win 10, Win 10 x64, Suse Linux 13.2
Laz: 1.4 - 1.8.4, 2.0
https://github.com/joecare99/public
'~|    /''
,_|oe \_,are
If you want to do something for the environment: Twitter: #reduceCO2 or
https://www.betterplace.me/klimawandel-stoppen-co-ueber-preis-reduzieren

marcov

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 8725
  • FPC developer.
Re: Kick this spammer out of our forum
« Reply #4 on: July 12, 2015, 02:39:04 pm »
Usually the best way is to simply delete the user quickly and then block the IPs that they use. After a few times they get tired or their IP's run out for little gain.

The number is fairly small, so that is doable.  Adding software always has hidden cost (users that can't connect, limitations on new users, extra burden with forum version updates).

Please report the spam immediately, and interact as little with the spammer as possible, and leave the moderators to do the work.

Handoko

  • Hero Member
  • *****
  • Posts: 3759
  • My goal: build my own game engine using Lazarus
Re: Kick this spammer out of our forum
« Reply #5 on: July 12, 2015, 03:18:50 pm »
They won't give up easily, those are bots not human. I'm a freelance web designer using WordPress. I know for sure, they will keep coming back even their IPs have been blocked for months. Once I unblocked their IPs they still come back with the same IPs.

One of a good addon I suggest is Bad Behavior, it works on WordPress, Drupal and many other software. Here is the link:
http://bad-behavior.ioerror.us/support/installation/

Unfortunately using Bad Behavior alone isn't able to prevent all the spams. I also use other honey pot plugin together with Bad Behavior, the result is more than 99% spams being detected and deleted automatically. I saw it on the report.
« Last Edit: July 12, 2015, 03:20:23 pm by Handoko »

jc99

  • Hero Member
  • *****
  • Posts: 544
    • My private Site
Re: Kick this spammer out of our forum
« Reply #6 on: July 12, 2015, 03:42:59 pm »
[...]
Please report the spam immediately, and interact as little with the spammer as possible, and leave the moderators to do the work.
I did, but it took about 6 hours ....
So my suggestion would be a honey-pot right on the front, above General, to catch the bots.
I know there is no 100% safety. but these sound promising together with some simple rules.
 
OS: Win XP x64, Win 7, Win 7 x64, Win 10, Win 10 x64, Suse Linux 13.2
Laz: 1.4 - 1.8.4, 2.0
https://github.com/joecare99/public
'~|    /''
,_|oe \_,are
If you want to do something for the environment: Twitter: #reduceCO2 or
https://www.betterplace.me/klimawandel-stoppen-co-ueber-preis-reduzieren

BitBangerUSA

  • Full Member
  • ***
  • Posts: 183
Re: Kick this spammer out of our forum
« Reply #7 on: July 12, 2015, 05:00:44 pm »
'I did, but it took about 6 hours ....'

i also reported - a different spammer - and it took only a few minutes for a mod to clean up.

just depends on circumstances/timing... software may or may not help - humans still have the superior decision making tool.
Lazarus Ver 1.4.0 FPC Ver 2.6.4 SVN 48774 32-bit
Windows 7 U 64-bit

jc99

  • Hero Member
  • *****
  • Posts: 544
    • My private Site
Re: Kick this spammer out of our forum
« Reply #8 on: July 12, 2015, 05:52:22 pm »
[...]
just depends on circumstances/timing... software may or may not help - humans still have the superior decision making tool.
;) I'say: Software should help humans to make superior decisions ... ;D
OS: Win XP x64, Win 7, Win 7 x64, Win 10, Win 10 x64, Suse Linux 13.2
Laz: 1.4 - 1.8.4, 2.0
https://github.com/joecare99/public
'~|    /''
,_|oe \_,are
If you want to do something for the environment: Twitter: #reduceCO2 or
https://www.betterplace.me/klimawandel-stoppen-co-ueber-preis-reduzieren

Handoko

  • Hero Member
  • *****
  • Posts: 3759
  • My goal: build my own game engine using Lazarus
Re: Kick this spammer out of our forum
« Reply #9 on: July 12, 2015, 07:16:05 pm »
Before I use Bad Behavior + honey pot plugin, I got spams almost everyday. Now I only get 0 to 2 spams per year.

Bad Behavior works by comparing the visitor IP with its database and by analyzing the visitor delivery method as well. If I visit my sites using a fake IP (free proxy), I can't access my site's content, I'll only get a warning message. Bad Behavior isn't very effective to prevent spams unless it is used along with other spam plugin. But Bad Behavior is good for blocking hacking bots and hackers using free proxy visiting your site.

Honey pot plugins work by adding a hidden field that human can't see but spam bots will tried to fill all the fields. If the field is being filled, then the comment will be discarded. Honey pots aren't effective to prevent human spammers. But as I said, most the spams are delivered by bots not human. Spammers are lazy,  they use automatic spam tools, one of the famous tool is:
https://en.wikipedia.org/wiki/XRumer

Using rules also sound promising. One of the rule I know is duration to submit a comment. Spammers including bots usually will copy/paste the spam and submit it quickly. If the duration is to short (for example 5 seconds), most likely it is a spam.

typo

  • Hero Member
  • *****
  • Posts: 3051
Re: Kick this spammer out of our forum
« Reply #10 on: July 12, 2015, 07:31:12 pm »
@Handoko

Do you think reCaptcha is good to prevent bots?

Have you any experience with it?

Handoko

  • Hero Member
  • *****
  • Posts: 3759
  • My goal: build my own game engine using Lazarus
Re: Kick this spammer out of our forum
« Reply #11 on: July 12, 2015, 08:02:19 pm »
No, it's the worst if you ask me.

First, human hate Captcha/reCapcha. I usually need to take several attempts to pass the image. Perhaps I'm stupid  :'(. But I heard a lot people dislike Captcha too.

Second, it's not effective. There are lots of uncaptcha tools available. They know most of the images are not dynamically generated. Lots of cheap freelance tasks for freelancers to answer Captcha images. I remember, they're willing to pay $1 for answering 1000 captcha images. They use the answer to build their database to create the uncaptcha tools.

I personally never tried Captcha/reCaptcha techniques. I done many online researches before choosing my spam preventing methods. I've found the good method so never bother to try the others.
« Last Edit: July 12, 2015, 08:13:20 pm by Handoko »

jc99

  • Hero Member
  • *****
  • Posts: 544
    • My private Site
Re: Kick this spammer out of our forum
« Reply #12 on: July 12, 2015, 09:05:35 pm »
In my opinion it's still the best, to track these by their behavior.

They usually create a new account, then try to post as many message as possible. and then go on.
This behavior has to be distinguished from a real newbie, he normally comes to the forum because he has a question,
suggestion or something else that bothers him. He searches for something, and then creates a login to spill out
his problem. Maybe he realizes that he's in the wrong area, and posts his problem again.

I think these two behaviors are clearly distinguishable by the time a user takes to do things, and what he does before login.

I could think of something like this:
When a new user tries to login without being active on the forum for some time, the first capcha goes wrong everytime.
after that a message is displayed with a link to the forum-rules or FAQ saying something like: "Sorry, but you should read our rules first."
a Human especially a newbie would do that, and be thankful for the help. with the second try a real capcha is presented ...

a bot, being unsuccessful would either goon,
  or do a quick-visit on that page,
  or would directly try it again.
A bot would never take the time to read the FAQ, because he's a bot, he doesn't have time, only tasks.

Something else is to let the attacker think, he's succesful, and then after a short time reverse his action, so it's more difficult for him to see, what went wrong.

Third: when a real user is banned, he complains about it. If that is done in a human way, then the account can be unbanned with a warning to follow the rules.
OS: Win XP x64, Win 7, Win 7 x64, Win 10, Win 10 x64, Suse Linux 13.2
Laz: 1.4 - 1.8.4, 2.0
https://github.com/joecare99/public
'~|    /''
,_|oe \_,are
If you want to do something for the environment: Twitter: #reduceCO2 or
https://www.betterplace.me/klimawandel-stoppen-co-ueber-preis-reduzieren

Handoko

  • Hero Member
  • *****
  • Posts: 3759
  • My goal: build my own game engine using Lazarus
Re: Kick this spammer out of our forum
« Reply #13 on: July 13, 2015, 04:32:08 am »
I believe the best anti spam method is a combination of several techniques. So far, here are the techniques we know:

1. Manual human inspection (suggested by marcov)
User can report spams and moderator has ability to delete the posts and ban users.

2. Using honeypot (suggested by jc99)
It may not 100%, but I believe it is the most effective. Advantage: no human interaction.

3. Using  zbblock (suggested by jacobb)

4. Using Bad Behavior plugin
Not very effective but it can block hacking/login bots, save bandwidth. Disadvatage: this plugin may not compatible with this forum software.

5. Using Akismet Service
It's used by wordpress.com. Disadvantage: it's not free for large traffic website.

6. Using http:BL data (projecthoneypot.org)
As far as I know it is free. They have a list of banned IPs. They decide the threat level by analyze the IP frequency, last visit, etc. Bad Behavior plugin also use http:BL data.
More info:
http://www.projecthoneypot.org/services_overview.php

7. Using Captcha/reCaptcha (suggested by typo)
As far as I know, it's now not effective.

8. Using math captcha
User will have to answer simple math question, like: "8 x 3 = ... ". The questions are generated dynamically, but in fact it is worse than image captcha. As you can guess, it won't be hard to write code to solve the question if you're a experienced programmer.

9. Doing simple task
User will be ask to perform a simple task, like dragging an object from location A to location B. Never tried, but it sound better than image/math captchas.

10. Using post submit duration rule
If the comment being submit to quickly, than it probably a spam.

11. Using more advanced rules (suggested by jc99)
By analyzing the visitor behavior, we may able to detect spam bots.

Eugene Loza

  • Hero Member
  • *****
  • Posts: 570
    • My "almost daily" development blog
Re: Kick this spammer out of our forum
« Reply #14 on: July 13, 2015, 09:14:59 am »
There are a few anti-spam plugins for the Simple Machines Forum, ready and integrated. I've tested "Stop Spammer" and "No Spam by Guests!" plus "NoFollow All Links" - they've done their work fine for my SMF installation (SMF 1.1.13).
Lazarus 1.9 + FPC 3.1.1 Debian Jessie 64 bit.

My Free and Open Source games in Lazarus/FreePascal/CastleGameEngine:
https://decoherence.itch.io/
(and some ancient games in Turbo Pascal too)
Sources are here: https://github.com/eugeneloza?tab=repositories

 

TinyPortal © 2005-2018