kudzurunner
1798 posts
Aug 26, 2010
7:38 PM
|
Since we have a spam filter, I've decided to see if an open, automatic, all-comers registration policy will work.
Moderators, please forgive me. Lets see if the spam filter alone can protect us from spambots. I'm writing this at 9:38 PM CST. I'll check in around 6:30 AM tomorrow morning. If I see any thread marked "spam alert," I'll know that we need to revert to the old, cruel, time-consuming manual approval method.
|
nacoran
2630 posts
Aug 27, 2010
6:45 AM
|
I have a couple ideas on how we can secure things in a less intrusive way. I was going to run them past an HTML using friend of mine to see what it would take to implement them. There may be a way to use a Captcha without really using a Captcha. Someone also suggested that there might be an easy way to automate deleting spam so once a spammer is caught all their posts could be deleted with fewer clicks. No spam so far though.
----------
Nate
Facebook
Thread Organizer
|
MrVerylongusername
1200 posts
Aug 27, 2010
7:50 AM
|
I'm really glad you are getting to grips with the spam issue, you guys have done a great job of keeping the spambots out without changing the 'quirky' simplicity of the forum (which I personally love).
My only concern is that we must not exclude those with visual impairments from using the site. Wouldn't it be great if Stevie Wonder popped by to post?.. oh wait no... scuppered by a visual only captcha.
So I'm a fan of the honeypot captcha idea, as long as the field was labelled for users of screen reader software. I understand some screen readers, may ignore display:none styles and may announce the field to the user, but you can label it with some instruction to leave it blank.
I guess eventually the spambots might be rewritten to ignore fields with an ID of "honeypot", or maybe even where the label is "leave blank". Probably a good idea to be a little more deceptive in the former case and more verbose in the latter.
Last Edited by on Aug 27, 2010 11:45 AM
|
GermanHarpist
1737 posts
Aug 27, 2010
1:07 PM
|
yeah, MrVery, that definiteyl sounds good. I'm not quite sure what the people from macwebsitebuilder can do... ? Let's see what nacoran comes up with.
----------
Don't engage in negativity!
|
MrVerylongusername
1202 posts
Aug 27, 2010
1:12 PM
|
Nacoran's already mentioned honeypot captchas elsewhere, so fingers crossed!
|
Hobostubs Ashlock
984 posts
Aug 27, 2010
1:19 PM
|
yea i understand why we have em but those spam prevention things are hard for me to read,Im aware of people with sight problems that use the computer,my Dad is leagaly blind as was my granpa,he does alot of messing around on computers even though he has trouble seeing has a reader program on his,I can see but my eyes are bad from welding alot in the past and cant afford glasses,so its hard sometimes,I can usually do them but every once in awhile i cant read the right code and has to change the code untill i can find a easy one to read they look weird as it is:-) but it changes everytime i enter the wrong one:-) but its worth it to keep spam down
Last Edited by on Aug 27, 2010 1:21 PM
|
magerlab
2 posts
Aug 27, 2010
1:39 PM
|
That's really great. I just send a letter to adam a few days ago about registration here! Thank you
----------
My diminished harmonica experience
http://diminishedharmonica.blogspot.com/
|
BeardHarmonica
1 post
Aug 27, 2010
2:17 PM
|
thank you, ive been waiting for this, i tryed to contact you to make the my account but it didnt work
|
kudzurunner
1801 posts
Aug 27, 2010
2:41 PM
|
I'll be honest: although I'm the webmaster here--the guy who created this website with the help of Macwebsitebuilder and pays for it every month--I had nothing to do with the introduction of the captcha thingie. Either my moderators did that or, more likely, Macwebsitebuilder proactively installed it as a result of complaints by other major domos. I really don't know. But the issue about sight-impaired participants is a good one.
|
arzajac
325 posts
Aug 27, 2010
4:22 PM
|
The Captcha I use on my sites has an audio challenge for just that sort of thing.
Example:
Registration page example
----------
|
Andrew
1152 posts
Aug 28, 2010
2:20 AM
|
I know I shouldn't laugh!
----------
Andrew,
gentleman of leisure,
noodler extraordinaire.
|
Ev630
714 posts
Aug 28, 2010
2:23 AM
|
There's your answer.
|
N.O.D.
134 posts
Aug 28, 2010
2:31 AM
|
It's not working
----------
|
MrVerylongusername
1203 posts
Aug 28, 2010
2:36 AM
|
Question is - how did they beat the captcha?
Looking at the times between posts and the low number overall, it makes me wonder if this one wasn't a bot, but a human.
|
nacoran
2633 posts
Aug 28, 2010
10:21 AM
|
MVLUN, there are lots of ways to beat a Captcha. Some bot programs can read them. Sometimes they just take a picture of the Captcha and feed it to someone in a third world country and pay them for solving lots of 1000. Sometimes they just hit the submission button. Cracking a Captcha may be a violation of the DMCA, so they may have committed an actual crime this time, for what it's worth.
There is a sample of the code for a honeypot here:
http://haacked.com/archive/2007/09/11/honeypot-captcha.aspx
I don't have permissions to change the code, and I'm not sure where to insert it anyway. We might have to pass them off to the macsite builders.
Other sites that might help:
http://en.wikipedia.org/wiki/Forum_spam
http://www.spamcop.net/
http://www.spamhaus.org/faq/answers.lasso?section=Generic%20Questions
How many posts got through the Captcha? I only found 2 left when I logged on today. How many did other mods delete, roughly? (How effective was the Captcha? Where we still deleting a couple 100 posts?)
----------
Nate
Facebook
Thread Organizer
|
jonlaing
78 posts
Aug 28, 2010
10:31 AM
|
That honey pot idea is a good one. We could even go as far as to hide the field through CSS so that human users can't see it, but computers can. If the hidden field gets filled in then it could immediately notify a mod, and that user could be deleted.
|
MrVerylongusername
1207 posts
Aug 28, 2010
12:01 PM
|
I think there were about 30 posts that got through, presumably cracking the Captcha slowed things down.
|
nacoran
2640 posts
Aug 28, 2010
11:07 PM
|
30 is much better. The one night I saw a post number as high as 250 something. It would be nice if there was a way for us to suspend someone temporarily until Adam can remove them, either us mods doing it or a system where if enough people flag a comment it blocks the user. The one night the spammer was still posting while I was deleting. All I could do is wait.
----------
Nate
Facebook
Thread Organizer
|
