Wyvyrias

Regarding The Spambot

Recommended Posts

Let's start by saying "thanks" for reporting it's posts (and just one of it so the report list is not getting spammed, too), so I (or another moderator/ a developer) can notice it right away!

Furthermore we're looking into what can be done against this kind of thing. We already got a new (and solid) captcha, but seemingly that doesn't seem to help, so it's probably someone doing it manually, which means a captcha simply can't help. Which would mean we'd have to impose restrictions upon very new users in order to prevent this spammer to appear at all. I am already talking about that with Adam (and he's already talking with IPS about what else can be done).

Feel free to suggest ways to prevent such spam attacks without limiting actual new users too much. A pretty solid idea that I got from @Lithium was simply restricting the amount of threads that can be created within a certain time. Granted, actually we should have that in general. Or does anyone feel the urge to create more than one thread each 10 to 60min? :P

Thanks for being an awesome community!

Share this post


Link to post
Share on other sites
51 minutes ago, Wyvyrias said:

[...]restricting the amount of threads that can be created within a certain time[...]

I think this is one of the easiest solutions. Any other way will produce a lot of work, like moderating the first post of a new user.

For me it would be absolutely ok. :)

Share this post


Link to post
Share on other sites
1 час назад, сказал Wyvyrias:

Давайте начнем, говоря "спасибо" за отчетный посты там (и только один из так списке отчетов не слишком заспамили), и я (или другой модератор/ Разработчик) может заметите это сразу!

Кроме того, мы ищем, что можно сделать против такого рода вещи. У нас уже новый есть (и твердых) капчу, но вроде бы это не кажется, чтобы помочь, это так, наверное, кто-то делает это вручную, что означает, что капчу не могу вам помочь. Что подразумевает, что мы должны наложить ограничения на очень новых пользователей для того, чтобы предотвратить этот спамер вообще появляться. Я уже говорил об этом с Адамом (и он уже говорил с ИПС о том, что еще можно сделать).

Не стесняйтесь предлагать способы предотвращения подобных спам-атак не ограничивая слишком много реальных новых пользователей. Довольно хорошая идея, что я получила от @лития было просто ограничить количество потоков, которые могут быть созданы в течение определенного времени. Согласен, на самом деле мы должны иметь, что в целом. Или кто-нибудь почувствуете желание создавать более одного потока от 10 до 60мин? :P

Спасибо за то удивительное сообщество!

я вам благодарен за письмо,вот только не пойму к чему оно...дело в том,что я живу в России и общаюсь на русском.компьютерный автоперевод с английского на русский вашего письма оставляет желать лучшего,ибо весь смысл,нить,так сказать-теряется.ну и обратное-уверен,что и вы меня не совсем точно понимаете)))

Share this post


Link to post
Share on other sites
54 minutes ago, астра said:

я вам благодарен за письмо,вот только не пойму к чему оно...дело в том,что я живу в России и общаюсь на русском.компьютерный автоперевод с английского на русский вашего письма оставляет желать лучшего,ибо весь смысл,нить,так сказать-теряется.ну и обратное-уверен,что и вы меня не совсем точно понимаете)))

Не заморачивайся, тебя лично это не касается, тут просто обсуждают что делать, чтобы новые пользователи не спамили создавая кучу новых тем.

Тут какие-то китайцы спамили на днях, замучали вконец.

Share this post


Link to post
Share on other sites
2 hours ago, Wyvyrias said:

Feel free to suggest ways to prevent such spam attacks without limiting actual new users too much. A pretty solid idea that I got from @Lithium was simply restricting the amount of threads that can be created within a certain time. Granted, actually we should have that in general. Or does anyone feel the urge to create more than one thread each 10 to 60min? :P

I saw it many times on other forums - new users are restricted to create new thread for about hour or 3, or 5.
This will prevent immedate thread spam and also will give real new users time to adapt, read useful information here, use search and maybe solve their problem without creating new threads.

Share this post


Link to post
Share on other sites
3 minutes ago, MAcroS.40k said:

I saw it many times on other forums - new users are restricted to create new thread for about hour or 3, or 5.
This will prevent immedate thread spam and also will give real new users time to adapt, read useful information here, use search and maybe solve their problem without creating new threads.

The problem with raw time restrictions until you can even post is that it's just that, a short time before you can post. The bots are being created -> they wait a few hours -> they start the spam. That doesn't really solve anything, though I agree that real users still get some time to adapt to the forums then. They can't just register and start creating threads. That may cut down the amount of duplicates, too.

Share this post


Link to post
Share on other sites
Just now, Wyvyrias said:

The bots are being created -> they wait a few hours -> they start the spam. 

Then yeah - one of the proper ways will be to limit the amount of threads user can create per day, or per hours.

There is no reason one user should create more than 3 threads per day anyway!  ))

Share this post


Link to post
Share on other sites

Creating threads, yeah. However I've seen after doing that, the bots resort to just spamming on the end of every thread it can find. Which are replies, not new threads :(

Share this post


Link to post
Share on other sites
4 hours ago, Frigidman said:

Creating threads, yeah. However I've seen after doing that, the bots resort to just spamming on the end of every thread it can find. Which are replies, not new threads :(

You know how we say in Russia - "On each hard accessed asshole there is a dick with diamond drill" (На каждую хитрую жопу найдётся хуй с винтом), in other words: we invent locks - they invent key or lockpicks. It's constant battle ))

Share this post


Link to post
Share on other sites

Have you tried Akismet it's a spam comment blocker it's owned the the same people that make Wordpress, it blocks known spammers. I have it running on my website. I not sure if IPS have a plug-in but there might be one made by a 3rd party developer or IPS might do something similar.

Edited by Flubtastic
Spelling error

Share this post


Link to post
Share on other sites

если беспокоит спам,то сделайте то же что и на других игровых форумах-введите систему жалоб(типа-пожаловаться на спам,на не спортивное поведение,не активность и прочее)обычно 3-5 челов отправили жалобу на спам на кого-то и ВСЁ! на пару часов,ну иль на сутки))система на автомате кстати... 

Share this post


Link to post
Share on other sites
2 hours ago, астра said:

если беспокоит спам,то сделайте то же что и на других игровых форумах-введите систему жалоб(типа-пожаловаться на спам,на не спортивное поведение,не активность и прочее)обычно 3-5 челов отправили жалобу на спам на кого-то и ВСЁ! на пару часов,ну иль на сутки))система на автомате кстати... 

Google Translate:

Quote

if worried about spam, then do the same as on other gaming forums, enter the complaints system (type-report spam for not sporting behavior, not the activity etc.) is usually 3-5 chelov sent a complaint against spam and all kogo-to ! a couple of hours, a day well il)) system on the machine by the way.

There's already a report system. Or do you mean an automatic spam detection one?

Share this post


Link to post
Share on other sites

Righto..

No need for someone to make more than 3 threads per day.. Ok.  Well, then, lets strip out the bug reporting forum then.  Since devs usually prefer individual bug reports, which are one thread each.  Thus if we were limited to a preset number of threads.. we could only post a limited number of bugs.  This would also limit input for suggestions, general discussion and asking for help.   This is a bad idea.

Limited timing between posts.   This is probably the best way to go, say a 60 second delay between replies/threads.

Most botters won't spam on such a delay as getting caught and traced is very much increased.. people will spam.. that's just something forums have to live with, but anyone can spam, use bots etc.. and will.   Anyone who wants to spam, will.  So... how to deal with it? Well it's simple actually.

Auto block ANY post that repeats the same string.  Problem solved.  All bot spams fire out the same sequence of garbage, so all you need to do to curtail it is to block strings that are identical.   Strings can be limited to 4-5 words which are the same.  Noone posts new threads or replies on a normal basis with the same 5 words.. but bots do.  This method would block all botters from spamming and ignore all legit users.   At worst, you'd see 1 single bot spammed post per day.. or at least force spammers to have to interchange their bots continually with spitting out different messages.  Given most of these spams contain a website address, this address repeats throughout most spams.  So blocking strings of identical words in the same order would auto block websites and anyone posting.  More than once of the same string.

There is an issue with this.. people wouldn't be able to post multiple screenshots.. as screenshots all start with an identical string in them.. but that's no biggy.  imho.

Another way might be to only place a limit on someone who's made less than 50 posts/replies only.

Edited by Martin

Share this post


Link to post
Share on other sites

Quite draconian, but then it's a shame it come to this.

Its the same the internet over, spamming everywhere. That and other forms of attack...

 

I just hope all these "rules and regulations" don't actually impede the free speech here, as many would find discussing bugs/glitchs and other exploits, here on these forums for free as their not paid to do so, with many rules and regulations to observe a waste of their time. Perhaps you should just employee a competent web master and/or a competent forum mod. Either way, if the forums become an abject failure, just accept it, as it happens everywhere now, and just hope that the game succeeds....

 

 

Share this post


Link to post
Share on other sites
33 minutes ago, Richard Sebire said:

I just hope all these "rules and regulations" don't actually impede the free speech here, as many would find discussing bugs/glitchs and other exploits, here on these forums for free as their not paid to do so, with many rules and regulations to observe a waste of their time.

No one is going to restrict anyone's free speech here. That's not how you counter spam bots. We're just thinking about what can be done to lot get those bots have a chance at all without limiting any legit users.

36 minutes ago, Richard Sebire said:

Perhaps you should just employee a competent web master and/or a competent forum mod. Either way, if the forums become an abject failure, just accept it, as it happens everywhere now, and just hope that the game succeeds....

But I am a forum moderator here (thought not an employee since I am not paid). :ph34r:
Also I don't know why you would say anyone should just accept that their forums "fail". It takes way more than a few pesky spam bots to make a forum "fail". :P
Not to mention the forum of a game is pretty important because it also reflects it's community. Anyway, don't worry, those bots are not a big deal and through improvements they already became rather rare. I made this announcement just for the sake of keeping you guys informed (and to avoid threads where people wonder about what is happening).

Share this post


Link to post
Share on other sites
On 2/9/2017 at 6:07 AM, Wyvyrias said:

Or does anyone feel the urge to create more than one thread each 10 to 60min? :P

Though this would be a way to restrict spam, I believe this could limit the bugs posted to the forums. For example, I had 3 bugs that I reported at one time on different threads. If threads are restricted, it may result in less bugs being reported.

Share this post


Link to post
Share on other sites
On 27.2.2017 at 8:25 PM, Frigidman said:

Seems to be going well, whatever was done.

I sacrificed 3 lambs to please the spam gods. :ph34r:

Jokes aside, I guess the captcha works better now and IPS probably did some improvements, too. That or the spammers gave up after getting purged a few dozen times.

Share this post


Link to post
Share on other sites

Another trick you can pull is mac address logging. Basically once a person gets flagged as spam you block traffic with that mac address. Doing it by ip can can be exploited in bad ways. You can in theory make the block temporary and then block by ip which is cheaper, but then people/bots on ipv4 subnets (AOL) can still get inadvertently blocked while the temp ban is in place.

Share this post


Link to post
Share on other sites
On 2/18/2017 at 4:44 PM, Martin said:

Righto..

No need for someone to make more than 3 threads per day.. Ok.  Well, then, lets strip out the bug reporting forum then.  Since devs usually prefer individual bug reports, which are one thread each.  Thus if we were limited to a preset number of threads.. we could only post a limited number of bugs.  This would also limit input for suggestions, general discussion and asking for help.   This is a bad idea.

Limited timing between posts.   This is probably the best way to go, say a 60 second delay between replies/threads.

Most botters won't spam on such a delay as getting caught and traced is very much increased.. people will spam.. that's just something forums have to live with, but anyone can spam, use bots etc.. and will.   Anyone who wants to spam, will.  So... how to deal with it? Well it's simple actually.

Auto block ANY post that repeats the same string.  Problem solved.  All bot spams fire out the same sequence of garbage, so all you need to do to curtail it is to block strings that are identical.   Strings can be limited to 4-5 words which are the same.  Noone posts new threads or replies on a normal basis with the same 5 words.. but bots do.  This method would block all botters from spamming and ignore all legit users.   At worst, you'd see 1 single bot spammed post per day.. or at least force spammers to have to interchange their bots continually with spitting out different messages.  Given most of these spams contain a website address, this address repeats throughout most spams.  So blocking strings of identical words in the same order would auto block websites and anyone posting.  More than once of the same string.

There is an issue with this.. people wouldn't be able to post multiple screenshots.. as screenshots all start with an identical string in them.. but that's no biggy.  imho.

Another way might be to only place a limit on someone who's made less than 50 posts/replies only.

Blocking duplicate content is an option but it doesn't take much for a quasi competent botter to break their content up into an array and automate randomly putting it back together or tossing a salt hash on the end of it. The really advanced ones will run their content through a heat map algorithm and then take a thesaurus dump on each of the most relevant words and randomly auto sub those words in. I used to work on an SEO service that would spin up entire farms of content on mulitple dynamically purchased domains.. It took google months to catch my algorithms and on several sites i had live people responding to conversations.. 

Share this post


Link to post
Share on other sites

Any spammer worth their salt is not going to be using an application that can allow easy grabbing of a MAC address. Especially as they are spoofing their IP's, reverse checking isn't viable. Coupled with this is a base php forum package on a generic server, spending the time to do back end scripts to check every users connection in this manner is just a huge waste of time.

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.