Author Topic: Spambot Rampage  (Read 8808 times)

Vee

  • Elite Boss
  • *****
  • Posts: 2,341
Re: Spambot Rampage
« Reply #20 on: March 08, 2016, 11:21:54 PM »
If only there were some way to rig Mids into a captcha.

eabrace

  • Titan Moderator
  • Elite Boss
  • *****
  • Posts: 4,230
Re: Spambot Rampage
« Reply #21 on: March 09, 2016, 12:13:24 AM »
If only there were some way to rig Mids into a captcha.
"Which Archetype icon do you see displayed to the right?"
Titan Twitter broadcasting at 5.000 mWh and growing.
Titan Facebook

Paragon Wiki admin
I was once being interviewed by Barbara Walters...In between two of the segments she asked me..."But what would you do if the doctor gave you only six months to live?" I said, "Type faster." - Isaac Asimov

Blondeshell

  • Elite Boss
  • *****
  • Posts: 791
Re: Spambot Rampage
« Reply #22 on: March 09, 2016, 03:57:01 AM »
Ooh, that'd be perfect!

Sekoia

  • Titan Network Admin
  • Elite Boss
  • *****
  • Posts: 1,828
Re: Spambot Rampage
« Reply #23 on: March 10, 2016, 09:45:28 PM »
I just force logged out everybody. Sorry if I hit anyone in the middle of anything. We got hit by another spammer whose account was created on 2/23 and whose password was blanked out, so I'm assuming they had already created a session before we cleared their password.

Aggelakis

  • Elite Boss
  • *****
  • Posts: 3,001
Re: Spambot Rampage
« Reply #24 on: March 14, 2016, 06:07:48 PM »
Had another few spams made. Deleted & blocked spammer. Hmm.
Bob Dole!! Bob Dole. Bob Dole! Bob Dole. Bob Dole. Bob Dole... Bob Dole... Bob... Dole...... Bob...


ParagonWiki
OuroPortal

Manga

  • Elite Boss
  • *****
  • Posts: 334
  • Official Manga™ - Accept No Substitutes!
Re: Spambot Rampage
« Reply #25 on: March 14, 2016, 08:30:14 PM »
You're probably going to have to set new accounts to manual approval for 7 days so the bots will give up trying.

EDIT:  I'll also PM you with one of two tricks I use at another site that really did bring spammers to a complete halt.
« Last Edit: March 14, 2016, 08:37:58 PM by Manga »

Sekoia

  • Titan Network Admin
  • Elite Boss
  • *****
  • Posts: 1,828
Re: Spambot Rampage
« Reply #26 on: March 14, 2016, 10:50:25 PM »
Looks like the latest spammer registered on 3/11 and spammed on 3/14, so I guess the 24 hour delay is insufficient. I just bumped it up to a week.

Mediawiki has some anti-spam extensions that would probably help. One of them is a URL blacklist (which is actively maintained), and I suspect that would probably do the trick for us. But it didn't work when I tried to install it, I think it's incompatible with DPL somehow. So I'll have to tinker with that at some point to figure out what the problem is.

Please do send me a PM if you have some tricks you think may help. Certainly can't hurt to have more options on the table. :)

Manga

  • Elite Boss
  • *****
  • Posts: 334
  • Official Manga™ - Accept No Substitutes!
Re: Spambot Rampage
« Reply #27 on: March 15, 2016, 03:44:42 AM »

Sent!  Implement that, and the spammers will have some serious difficulty registering accounts.

Sekoia

  • Titan Network Admin
  • Elite Boss
  • *****
  • Posts: 1,828
Re: Spambot Rampage
« Reply #28 on: March 16, 2016, 04:57:45 AM »
Okay, I just updated registration. It now forbids throw-away email accounts and it also now uses Manga's suggestion (thanks for the tip!). Hopefully that'll help cut back further on spam account registrations.

JoshexProxy

  • [citation needed]²
  • Boss
  • ****
  • Posts: 157
Re: Spambot Rampage
« Reply #29 on: March 18, 2016, 03:41:29 PM »
if you have trouble with spammers again, I have another anti-spammer thing that I was saving for if things got rough with bots in project bane. it guarantees the a human must perform the captcha.

or you could do mids captcha on stats "if you slot 4 of [set] what bonus will you get?"

Sekoia

  • Titan Network Admin
  • Elite Boss
  • *****
  • Posts: 1,828
Re: Spambot Rampage
« Reply #30 on: March 18, 2016, 08:05:49 PM »
A captcha is supposed to be hard for computers but relatively easy for humans.

"What archetype's icon is this?" is easy for anyone who's played the game. For someone who's new to the community, it may be difficult. I don't want to assume that everybody who registers is already familiar with the game. It's entirely possible people might recruit friends to play on Paragon Chat who never had played the game. If they can't answer the captcha, they might decide it's not worth the effort.

"What bonus do you get from slotting <whatever>?" is going to be hard for just about everybody to answer. Few people have set bonuses memorized. Even among people who played the game actively, there are going to be plenty of people who won't know where to find the answer to that on their own. For people who have never played the game, they might not even know what the question means, much less where to find the answer.

So while I appreciate those suggestions, I'm afraid I probably won't be using them. And I'd advise against using them on your own sites as well, unless you're very certain that everybody registering can easily answer the question--or unless you don't care if you deter real people from registering.

Codewalker

  • Hero of the City
  • Titan Network Admin
  • Elite Boss
  • *****
  • Posts: 2,740
  • Moar Dots!
Re: Spambot Rampage
« Reply #31 on: March 18, 2016, 08:39:10 PM »
Plus I'm pretty sure that the last round were not bot registrations, but rather human registered accounts that were then handed over to a bot. So a better captcha wouldn't really help much if it's something that could be googled.

The upside of that is that it was relatively few accounts involved that could then be banned, instead of hundreds.

JoshexProxy

  • [citation needed]²
  • Boss
  • ****
  • Posts: 157
Re: Spambot Rampage
« Reply #32 on: March 19, 2016, 04:56:44 AM »
Plus I'm pretty sure that the last round were not bot registrations, but rather human registered accounts that were then handed over to a bot. So a better captcha wouldn't really help much if it's something that could be googled.

The upside of that is that it was relatively few accounts involved that could then be banned, instead of hundreds.

the obvious fix for that is not allowing direct edits, force them all to go through mod approval.

Manga

  • Elite Boss
  • *****
  • Posts: 334
  • Official Manga™ - Accept No Substitutes!
Re: Spambot Rampage
« Reply #33 on: March 19, 2016, 06:04:20 AM »
the obvious fix for that is not allowing direct edits, force them all to go through mod approval.

The point might be moot if the upgrade I suggested works like it should.  It won't stop manually made spam accounts completely, but it will make it incredibly obnoxious to create a lot of them.

I still have an additional stage of protection that will make the posting bots suffer, but I have a feeling it won't be necessary.


JoshexProxy

  • [citation needed]²
  • Boss
  • ****
  • Posts: 157
Re: Spambot Rampage
« Reply #34 on: March 19, 2016, 06:50:28 AM »
The point might be moot if the upgrade I suggested works like it should.  It won't stop manually made spam accounts completely, but it will make it incredibly obnoxious to create a lot of them.

I still have an additional stage of protection that will make the posting bots suffer, but I have a feeling it won't be necessary.

post submit captcha I presume. nice.

Manga

  • Elite Boss
  • *****
  • Posts: 334
  • Official Manga™ - Accept No Substitutes!
Re: Spambot Rampage
« Reply #35 on: March 19, 2016, 01:52:29 PM »
post submit captcha I presume. nice.

Nope.  Way more evil than that.