Author Topic: SMF bot detection mod  (Read 4478 times)

0 Members and 1 Guest are viewing this topic.

Offline Netham45

  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2103
  • Rating: +213/-4
  • *explodes*
    • View Profile
SMF bot detection mod
« on: November 09, 2011, 05:20:11 am »
I've been thinking of ways to counteract the spambots and I believe I've came up with something.

Basically, what I'm thinking of would be a 'Mark as Spam' link on the posts that would set a ban on the bots and flag them somewhere in the admin CP, and after 2 flags per post count of the user the user is automatically banned.

I haven't actually started coding it yet, but what I'm looking at adding is essentially another column on the member table that counts how many posts have been marked as spam, along with one function to pull the value of the table, check if it is greater than the post count * 2, and if so add an automatic ban against the username.

Another feature I was considering was a minimum post count to mark as spam, along with a button on the users profile for administrators to reset/change the spam count.

Also, since I haven't ran this past the admins yet, there's no guarantee it'll be used here, but I do intend on at least making it and posting it on SMFs mod site.
Omnimaga Admin

Offline Eeems

  • Mr. Dictator
  • Administrator
  • LV13 Extreme Addict (Next: 9001)
  • *************
  • Posts: 6266
  • Rating: +318/-36
  • little oof
    • View Profile
    • Eeems
Re: SMF bot detection mod
« Reply #1 on: November 09, 2011, 10:24:18 am »
Sounds like a good idea to me
/e

Offline Juju

  • Incredibly sexy mare
  • Coder Of Tomorrow
  • LV13 Extreme Addict (Next: 9001)
  • *************
  • Posts: 5730
  • Rating: +500/-19
  • Weird programmer
    • View Profile
    • juju2143's shed
Re: SMF bot detection mod
« Reply #2 on: November 09, 2011, 04:47:20 pm »
Yeah, sounds nice. Or why not just banning the IPs that got through the Stop Forum Spam thing?

Remember the day the walrus started to fly...

I finally cleared my sig after 4 years you're happy now?
THEGAME
This signature is ridiculously large you've been warned.

The cute mare that used to be in my avatar is Yuki Kagayaki, you can follow her on Facebook and Tumblr.

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: SMF bot detection mod
« Reply #3 on: November 09, 2011, 10:55:33 pm »
I've been thinking of ways to counteract the spambots and I believe I've came up with something.

Basically, what I'm thinking of would be a 'Mark as Spam' link on the posts that would set a ban on the bots and flag them somewhere in the admin CP, and after 2 flags per post count of the user the user is automatically banned.

I haven't actually started coding it yet, but what I'm looking at adding is essentially another column on the member table that counts how many posts have been marked as spam, along with one function to pull the value of the table, check if it is greater than the post count * 2, and if so add an automatic ban against the username.

Another feature I was considering was a minimum post count to mark as spam, along with a button on the users profile for administrators to reset/change the spam count.

Also, since I haven't ran this past the admins yet, there's no guarantee it'll be used here, but I do intend on at least making it and posting it on SMFs mod site.
Sounds good. It definitively need a minimum post count, though. I say maybe 3 spam votes and the user is banned from posting and post marked as spam, in case someone registers to ban Juju, for example.

Also the questions when someone registers on the site should be changed to some that are more complex but still easy to answer by newbies. An example suggested on SMF site is stuff related to our site, like calcs, but it could maybe be something like "Type 'agaminmo' backwards | Écrivez 'agaminmo' à l'envers (Anti-spam)" followed by a question asking "What is our site name?" then "Type 5c4a3l2c without including the digits". I believe this could block more bots than if we just ask them to type Omnimaga in the field or to answer 2+2.

in any case, do NOT enable e-mail activation. You have no clue how much trouble I had to sign up on certain sites like United-TI and Ticalc.org that had it, because I never got the activation e-mail. Plus most bots are programmed for activation and in some cases, enabling it makes the situation even worse, spam-wise.

Offline Eeems

  • Mr. Dictator
  • Administrator
  • LV13 Extreme Addict (Next: 9001)
  • *************
  • Posts: 6266
  • Rating: +318/-36
  • little oof
    • View Profile
    • Eeems
Re: SMF bot detection mod
« Reply #4 on: November 09, 2011, 11:11:44 pm »
I've also been wondering if we should turn on captcha. Some people have issues with captcha that makes it an issue to use though.
/e

Offline Juju

  • Incredibly sexy mare
  • Coder Of Tomorrow
  • LV13 Extreme Addict (Next: 9001)
  • *************
  • Posts: 5730
  • Rating: +500/-19
  • Weird programmer
    • View Profile
    • juju2143's shed
Re: SMF bot detection mod
« Reply #5 on: November 09, 2011, 11:12:53 pm »
It doesn't work, apparently.

And the question is now set to write OMNIMAGA in lowercase.

Remember the day the walrus started to fly...

I finally cleared my sig after 4 years you're happy now?
THEGAME
This signature is ridiculously large you've been warned.

The cute mare that used to be in my avatar is Yuki Kagayaki, you can follow her on Facebook and Tumblr.

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: SMF bot detection mod
« Reply #6 on: November 09, 2011, 11:18:39 pm »
Nah, turning it ON/OFF made no difference, because the SMF one has been bot-friendly for over 8 years. And no RECAPTCHA, because when RECAPTCHA server was down, nobody could register. (I tried the mod before)

In the worst case scenario, we could simply resort to what we used on the old Omnimaga website (and the old TI-Freakware board): An extra board is created that only people with 0 or 1 posts can access. When you register, you are locked down from the rest of the forums and you must post in that special board topic twice (can be anything random). On the old board this blocked every bot because the 10 seconds flood control killed them and most couldn't get to the special board. Once the person posted two times, he gets access to the entire site once again. It would be best to have to avoid this, though, because this and activation deters new members who are in a hurry and this can make it a major PITA to register for those on mobile devices.