Nasty case of spam you've got there...

No_Ta_DoctorNo_Ta_Doctor Posts: 9,430
Is there a doctor in the house?
“Road racing was over and the UCI had banned my riding positions on the track, so it was like ‘Jings, crivvens, help ma Boab, what do I do now? I know, I’ll go away and be depressed for 10 years’.”

@DrHeadgear

The Vikings are coming!
«1

Posts

  • marcusjbmarcusjb Posts: 2,412
    Whatever they have done with the forum update does appear to not work with stopping them, we've had the dodgy passports ones growing over the past few weeks and now this!

    Looks like a busy weekend for someone because the forum is unusable like this.
  • Thought it was just me for a while. Looks like database has been subjected to sql injection attack. Why not restoring from back up though?
  • Jeff JonesJeff Jones Posts: 1,865 Editor
    It's being addressed. The spam protection wasn't up to date after we moved the forum.
    Jeff Jones

    Product manager, Sports
  • bobmcstuffbobmcstuff Posts: 7,873
    I assume this covers all the junk that's just turned up in Pro Race (on top of the usual junk from the regulars ;) )
  • Dorset_BoyDorset_Boy Posts: 2,423
    Jeff Jones wrote:
    It's being addressed. The spam protection wasn't up to date after we moved the forum.

    Some someone screwed up then!

    Any idea when we might get the forums back?
  • TheBigBeanTheBigBean Posts: 8,672
    They're back! Can't you empower one of the regular mods to thread delete and ban?
  • Jeff Jones wrote:
    It's being addressed. The spam protection wasn't up to date after we moved the forum.

    Thanks, thought I might have to get an actual life there for a moment ;-)
    “Road racing was over and the UCI had banned my riding positions on the track, so it was like ‘Jings, crivvens, help ma Boab, what do I do now? I know, I’ll go away and be depressed for 10 years’.”

    @DrHeadgear

    The Vikings are coming!
  • itboffinitboffin Posts: 19,540
    Back again and really bad this time
    Rule #5 // Harden The censored Up.
    Rule #9 // If you are out riding in bad weather, it means you are a badass. Period.
    Rule #12 // The correct number of bikes to own is n+1.
    Rule #42 // A bike race shall never be preceded with a swim and/or followed by a run.
  • andy9964andy9964 Posts: 930
    At least 11 pages in most Road sections I've looked at.
    One spammer has 771 posts in 4 hours :shock:
  • NeXXusNeXXus Posts: 854
    Jeff Jones wrote:
    It's being addressed. The spam protection wasn't up to date after we moved the forum.
    Two weeks? a month? How long shall it be on the "to do" list this time? :(
    And the people bowed and prayed, to the neon god they made.
  • oxomanoxoman Posts: 6,983
    Come on team, not going to let some dodgy lowlife spammers beat you I hope. Remember the six P,s. Prior planning prevents etc.
    Too many bikes according to Mrs O.
  • DrLexDrLex Posts: 2,142
    20 pages in commuter chat, 40+ in road buying advice. Remove Chinese glyph posting ability?
    Location: ciderspace
  • robbo2011robbo2011 Posts: 1,017
    could you as a temporary measure put a time delay of say 5 minutes between postings to slow them down a bit until a proper solution is found?

    I'm sure the members will put up with it for a while.
  • I confess I don't know hot this works, but, put in moderator approved registrations for a bit?
    My blog: http://www.roubaixcycling.cc (kit reviews and other musings)
    https://twitter.com/roubaixcc
    Facebook? No. Just say no.
  • samgeorgeuksamgeorgeuk Posts: 58 Lead Developer
    Hi

    we put anti-spam measures in yesterday, before that we got hit hard we had approx 500 new registrations - the spam filters will protect new posts but not any 'existing' registrations, I tried to retrospectivly find spam registrations but ran out of time on Friday.

    The stats on the filter are reporting it caught well over 1000 posts this morning, so I tink the few bits getting through now are just irritating but not a serious issue.

    please report all spam to aid the mods locating it and adding it to our filters.

    thank you for understanding.

    Sam
  • imposter2.0imposter2.0 Posts: 10,736
    Put all 'new member' posts under embargo for mod/admin approval. Job done.
  • apreadingapreading Posts: 4,534
    andy9964 wrote:
    One spammer has 771 posts in 4 hours :shock:

    Thats less than BenderTheRobot does in 4 hours normally...! :mrgreen:
  • Road Buying Advice is full of spam, and they are still spamming.
    Almost couldn't find my post.
  • PetePete Posts: 9 Designer/Developer
    Imposter wrote:
    Put all 'new member' posts under embargo for mod/admin approval. Job done.

    Unfortunately that feature doesn't exist in the forum software (I wish it did!), so to get that "job done" would take some time to implement. Apologies for the onslaught of spam, and we're trying to combat it ad-hoc for the moment.
  • imposter2.0imposter2.0 Posts: 10,736
    Take a look at Xenforo...
  • PetePete Posts: 9 Designer/Developer
    Migrating the entire forum to a completely new platform would be a pretty drastic "solution", I'm afraid. Months of testing, development and migration, with no guarantee the situation would improve, and asking the forum community to adjust to a totally different user experience.
  • NeXXusNeXXus Posts: 854
    Pete wrote:
    Imposter wrote:
    Put all 'new member' posts under embargo for mod/admin approval. Job done.

    Unfortunately that feature doesn't exist in the forum software (I wish it did!), so to get that "job done" would take some time to implement. Apologies for the onslaught of spam, and we're trying to combat it ad-hoc for the moment.
    No?

    azBDNd9.png

    BsTHc5k.png
    And the people bowed and prayed, to the neon god they made.
  • PetePete Posts: 9 Designer/Developer
    NeXXus wrote:
    No?
    No. I'd be interested to know which version of phpBB that screenshot is from, because the Misc permissions tab I'm looking at currently does not have the same settings list.
  • NeXXusNeXXus Posts: 854
    Pete wrote:
    NeXXus wrote:
    No?
    No. I'd be interested to know which version of phpBB that screenshot is from, because the Misc permissions tab I'm looking at currently does not have the same settings list.
    Honestly don't know, I found it and don't currently have my wee quiet slice of webspace running phpBB. What is the current flood limit set to? Changing it to something realistic like 60 seconds and disallowing the Newly Registered group from ignoring it may be a cheap fix for now.

    Obviously the other user groups (Registered) would be better off allowed to ignore flood limiting

    Enable "By Admin" in User Registration settings/ Account Activation ?


    End of the day no matter what you do. Being Proactive in preventing spam is easier to do than being reactive to spam. Less time consuming to not approve an account registration that is clearly going to spam, than it is to allow it and end up deleting 60 posts.
    And the people bowed and prayed, to the neon god they made.
  • PetePete Posts: 9 Designer/Developer
    Jeff's increased the flood limit again today, and Newly Registered Users are already unable to ignore it.

    Ultimately please rest assured that we're being both reactive and proactive - obviously the stuff that's getting through is visible, and frustrating, but there's a lot that's never making it to the forum because of the proactive measures we have in place. Unfortunately we are being hammered quite hard at the moment, and some spam will inevitably slip through.
  • Jeff JonesJeff Jones Posts: 1,865 Editor
    NeXXus wrote:
    Pete wrote:
    NeXXus wrote:
    No?
    No. I'd be interested to know which version of phpBB that screenshot is from, because the Misc permissions tab I'm looking at currently does not have the same settings list.
    Honestly don't know, I found it and don't currently have my wee quiet slice of webspace running phpBB. What is the current flood limit set to? Changing it to something realistic like 60 seconds and disallowing the Newly Registered group from ignoring it may be a cheap fix for now.

    Obviously the other user groups (Registered) would be better off allowed to ignore flood limiting

    Enable "By Admin" in User Registration settings/ Account Activation ?


    End of the day no matter what you do. Being Proactive in preventing spam is easier to do than being reactive to spam. Less time consuming to not approve an account registration that is clearly going to spam, than it is to allow it and end up deleting 60 posts.
    I set the flood limit to 2mins - it needs to be for registered users as well in case a spammer gets to that point in future. It would be very bad if they could ignore the flood limit.

    It doesn't help in cleanup though as the bot just moves to a new username (deleting n posts from one user is easy) but it probably helps keep the forum cleaner.

    We're trying to track the source of the registrations in order to block from registering in the first place. It's not that easy as each account posts from a different IP so we have to trace things back to as common a source as we can.
    Jeff Jones

    Product manager, Sports
  • NeXXusNeXXus Posts: 854
    Why not also turn on Admin activation of new accounts? Spam accounts are generally easy to spot, delete it before it can complete the process and register to spam / get round flood limits.
    And the people bowed and prayed, to the neon god they made.
  • Jeff JonesJeff Jones Posts: 1,865 Editor
    NeXXus wrote:
    Why not also turn on Admin activation of new accounts? Spam accounts are generally easy to spot, delete it before it can complete the process and register to spam / get round flood limits.
    Not all of them are necessarily easy to spot (I nearly deleted a few normal users this morning) unfortunately.

    We've put some more measures in place for both registering and posting. We'll monitor and see if that stops the problem.
    Jeff Jones

    Product manager, Sports
  • NeXXusNeXXus Posts: 854
    There's always collateral ;)
    And the people bowed and prayed, to the neon god they made.
  • PetePete Posts: 9 Designer/Developer
    A lot of the spam accounts that have been created recently have been using legitimate looking usernames and email addresses (Hotmail, Gmail, etc). Though it's true they can sometimes be easy to spot, the unfortunate truth is that many are passable as genuine, and we'd have to err on the side of caution to avoid deleting accounts of legitimate users. It's a tricky balance to strike, and in my experience you often end up accidentally penalising a few legitimate signups while seemingly innocent spam accounts still make it through.

    The issue is that often the collateral is a high cost for an intangible and unreliable impact on the spam.
Sign In or Register to comment.