Isn't it possible to limit the number of threads a new member can start - say if you've been a member for less than a week, than no more than two new topics per day, or something like that?

maybe same person is doing this like in fmdev.filemaker.com

Hi thong127, 

 

maybe same person is doing this like in fmdev.filemaker.com

Why would you say this?

 

FYI, Ocean West started looking into this yesterday. It seems that the bad guys have found a way around our current practices.

 

In the meantime, please report any suspicious threads or post using the Report button. 

 

Lee

I have increased the levels in the anti-spam system to hopefully curtail this, as Lee suggested please report any spam and it will be handled. When someone is identified their IP/Email/Usernames are added to a honeypot for this site and others that use the same system to assist in combating forums spam. -  

 

I have not turned on auto moderation for every new member as trying to approve every new post can get tedious. 

Is it possible to ban them by IP Address? I know it's not a perfect way either, but that would be another layer to help curtail some of it.

Josh, I suspect anyone running a bot has the expertise to spoof ad infinitum. I doubt any of these attacks originate from the same ip address. That would be too easy. The next time this happens, and it's likely to happen tomorrow morning, I'm going to copy the user name and do a google search to see if the user name shows up on countless other sites. If this isn't the case I'll begin to suspect this jerk has an axe to grind with this forum (and TechNet as well I hear).

Well, some spammers are actually hired by companies to post links. The more click-thrus and/or posts they make, the more they get paid. So it is likely a bot of some kind. But there is a also a chance it is not.

 

We have one technique that is very effective to prevent spammers. Not sure how easy it would be to implement here. But it has effectively halted spam being submitted on some of the public company forms, from bots.

Here is one of them. unfortunately, I didn’t keep the two from Rick sent me after I banned them and deleted their posts. I think there is a way that Ocean West can look back and see their names?

 

jjpankaj

[email protected]

 

sultanjiali

[email protected]

 

babaji056

[email protected]

 

laxmijyotish

[email protected]

 

babauk

[email protected]

 

laxmijyotish

[email protected]

 

gofurali12

[email protected]

Lee, I might be able to find the posts and send them. I can't imagine whatever I said was that important though.

Hi Rick,

 

I got them and amended my previous posts.

 

Lee

when a user registers they are asked a basic challenge question  (i plan to add more questions)  and requires a KeyCapcha  that requires a human to actually solve a puzzle - then it requires a valid email address that they must be able to click a validation link in that email to activate the account. 

 

During signup also they are tested against the honeypot to prevent known spammers. 

 

when we flag a spammer and ultimately ban them the account remains in the database so we have a record to compare against to deny future access or registration.

Hi OW, 

 

How did the 4 above check out?

babauk keeps posting answers to "love problem" every minute in the Filemaker 13 General Discussion forum.

Here is the latest one. I have deeped sixed him and his spam.

 

babauk

[email protected]

i plan to add more questions

 

I just hope this is not going to make it too difficult or off-putting for "real" folks to join. It only takes one jerk to spoil it for everybody (and I suspect the jerk will eventually figure it out anyway).

 

I wonder how expensive can it be to hire a hitman in India?

Bots can be pretty sophisticated. I've seen them get past a lot of Captcha implementations.  OW, I'll send you in a PM how we handled the bot thing. It may help with both the account sign-up and posting.

copy your PM to me too.

Done. I added you to the convo.

wouldn't it be an alternative to manually confirm new registrations? and/or the first posts until the account is confirmed?

i do this with all my websites and have very few attempts.

wouldn't it be an alternative to manually confirm new registrations? and/or the first posts until the account is confirmed?

i do this with all my websites and have very few attempts.

 

 

I have not turned on auto moderation for every new member as trying to approve every new post can get tedious. 

For now i have black listed India as that where all the spammers were coming from.

i have black listed India

 

This India? The one with 1.2 billion people?

I think you underestimate the number of users we get here.

 

wouldn't it be an alternative to manually confirm new registrations? and/or the first posts until the account is confirmed?

i do this with all my websites and have very few attempts.

I think you underestimate the number of users we get here.

you mean there are more than 10 NEW users/registrants each day?

48 in the past 7 days. Overall, not an unmanageable number.  However, how would you feel if you needed fast help from one of the quality developers on the site, but had to wait for one of the moderators to "approve" your post.  All that for the occasional spammer or 2 we actually get.

 

What if each new user posted an average of 5 posts in a week. You are now talking about us approving 48 * 5 posts ( 240 posts ). Now we are spending more time approving posts, and less time helping answer questions. The unintended consequences of such a thing can not be understated.

 

Additionally, would a human looking at a new user have anyway to know if someone is actually a spammer until they actually post. As with your recommendation, bots CAN verify their account. And us looking at a registration, it's almost impossible to know if someone is legit or a spammer. Comment's recommendation would be more user friendly and more effective. Just limit the number of posts initially. So even if there was a spammer he couldn't post more than 5? posts per day until a certain time. That would help. Though, I am in favor of a measure that combines Comment's suggestion, and the one I PM'd to the administrator. It would virtually eliminate all spammer's access via a bot. And for those nefarious humans getting through, would limit their reach.

 

you mean there are more than 10 NEW users/registrants each day?

So, once again. Is there no cure for this?

Don't all of the topics begin with garbage?  Is there a way of using patterncount and if more than 5 non-word characters at the beginning, don't let them post.  Just a thought.  Probably dumb.

Edited May 18, 201510 yr by Charity

I notice that FileMaker Forums is also getting slammed.

Hey Charity, good thinking!

I am not sure if there is enough consistency in their inconsistency to determine a pattern but it would be a fun thing to study.  :-)

thanks for your patience and perseverance - more bits were flipped and settings changed both in this software and on the server end, hoping this resolves this.

 

 

I wonder if this will help the speed of the site improve. It's not as peppy as it used to be.

I agree, Tom, until now!  It seems it might have been tweaked ... just today in last few hours, things have gotten very snappy unlike prior when I counted 15 seconds to switch to Forums tab.  Thank you, Stephen!

Well, here we go again. Five pages of it.

Edited May 22, 201510 yr by BruceR

thanks for your patience and perseverance - more bits were flipped and settings changed both in this software and on the server end, hoping this resolves this.

​Apparently not. This is getting to be a big problem.

India has been blocked from our firewall at the ISP level.

Apparently that didn't buy much, either.

Doug, we just flipped the switch this morning. (after the latest round).