/* Bot Spam and IP Bans */

Discuss general Uzebox topics here: features, wish list. nice to have, etc.
User avatar
D3thAdd3r
Posts: 3221
Joined: Wed Apr 29, 2009 10:00 am
Location: Minneapolis, United States

Re: Bot Spam and IP Bans

Post by D3thAdd3r »

It is a good thought. I read up on it a bit as I never saw anything for that. I can lock and anything else for individual threads, but what I read states locking the whole "off topic" forum or any modifications on that high a level, can only be done from Administrator Control Panel where I just have moderator. It was only ever intended to cover over vacations, etc. should spam happen, but barely able to keep up with this.

Getting a bit worried on this, I have to admit. Should something on the webserver break and not be fixed...well I don't think it would look good and we can't afford to lose any members. I feel we would lose members if the forums were down for a month or something. I am feeling a tad paranoid of that lately, as over the years there were several times the webserver needed fixes and the forums went down.
User avatar
nicksen782
Posts: 714
Joined: Wed Feb 01, 2012 8:23 pm
Location: Detroit, United States
Contact:

Re: Bot Spam and IP Bans

Post by nicksen782 »

Down for a day perhaps. Followed quickly with some sort of message about a resolution.

I am concerned too.
User avatar
D3thAdd3r
Posts: 3221
Joined: Wed Apr 29, 2009 10:00 am
Location: Minneapolis, United States

Re: Bot Spam and IP Bans

Post by D3thAdd3r »

Has anyone ever cloned a phpBB before? I am not positive to what extent it can be done, but as a safety measure(if the sever went down and stayed down for a month..I think we lose most everyone's interest) I am going to try it. Right now there is nothing any of us can do if it goes down.

If the worst should happen, in that case something will be up ASAP at http://uzebox.net

this is a VPS we can access and make trusted members full blown administrators to try and fix any thing broken. I suspect any clone would need a lot of fixing, which would suck. This would basically be protection against the whole thing ending, err it is worth saying this is not proposing mutiny, just a safety measure! :lol: Personally so long as even one or two people are interested, so am I. I am still confident this will get fixed soon, but I always prepare for the worst while hoping for the best.
User avatar
D3thAdd3r
Posts: 3221
Joined: Wed Apr 29, 2009 10:00 am
Location: Minneapolis, United States

Re: Bot Spam and IP Bans

Post by D3thAdd3r »

Thinking too, to make a simple bot that grabs the first link on active topics and follows it. Then if it encounters the words "viagra", "cialis", or "canadian pharmacy", which 95% of the spam contains, it follows the last delete link, then repeats until the first link in actice topics does not contain that. Then restarts 15 minutes later. Not much into web programming, but I think this could work safely.
User avatar
nicksen782
Posts: 714
Joined: Wed Feb 01, 2012 8:23 pm
Location: Detroit, United States
Contact:

Re: Bot Spam and IP Bans

Post by nicksen782 »

I'm game. Might as well confirm the age of the accounts too. All these accounts are brand new, right? Create, use it, burn it, repeat?

This would be a web app only? Basically automating what a human would manually do? Could the forums be put into an iframe and driven from a parent window? Then maybe on an interval it could do you just suggested. The account used would need privileges though so it would likely be YOU running it.

Are we serious about this? I want the forums back and minus all the pharmaceutical BS. The spam thickness is getting bad. I can tell when you haven't logged in for a couple hours. Can you give rights to users?
User avatar
D3thAdd3r
Posts: 3221
Joined: Wed Apr 29, 2009 10:00 am
Location: Minneapolis, United States

Re: Bot Spam and IP Bans

Post by D3thAdd3r »

I can't give any rights though there are several people that I trust entirely if I could. Sharing my credentials with those people if nothing else works is not off the table either, as it might seem easy, but it is a constant task during the day that grows very demoralizing.

I am quite serious and I don't have any qualms whether webapp, native build...hell, a 68k Macintosh program, I will throw it on a serial tunnel to the internet to fix this!! Webapp makes most sense, but my initial thought was just a Windows C++ program since I am used to that. I've done something simpler but similar in the past, but yeah every bit as nasty string twiddling as might be expected and really not the right tool. Manually handling the HTTP header stuff and all that.

Maybe confirming account age would be nice as extra safety, or even I could make a whitelist of users manually for who I know is active. But it seems unlikely any of us will need to discuss "viagra" in any Uzebox discussion! Partially also I do not know bandwidth limits per month for the server(which who knows how many Captchas the bots pull before they succeed, and do they focus more on a site they can get into) and a solution that follows as few links as possible could be ideal I guess? I don't know the web stuff like you do, so if you see a way that works I am sold on it. "Uzebox Hero" status, at least!
User avatar
Jubatian
Posts: 1561
Joined: Thu Oct 01, 2015 9:44 pm
Location: Hungary
Contact:

Re: Bot Spam and IP Bans

Post by Jubatian »

Isn't it possible to add a Q&A captcha barrier? (see here and here)

The point would be dropping the default Q&A list from it if any, and add some questions specific to us, easily obtained from the front page or wiki. Such as "what's the microcontroller Uzebox is built upon", '"how many kilobytes of Flash does the ATMega644 have?" and similar. You could make tons of such questions which could be answered easily by anyone geniuely interested, and spambots will be unable to get through this, since nobody would create a Q&A solver for this board.
User avatar
D3thAdd3r
Posts: 3221
Joined: Wed Apr 29, 2009 10:00 am
Location: Minneapolis, United States

Re: Bot Spam and IP Bans

Post by D3thAdd3r »

Yes something like that will be a perfect solution when Alec gets back. I do not have user rights to do anything like that or I definitely would immediately.

The bot is some in between solution, where it is unknown when Alec will return but do not want the boards to look so broken/abandoned that we lose all our members interest in the meantime(at least my interest has been seriously tested!). The spam comes in so fast that I can't keep the boards clean, and I check and delete probably 10 times a day, every day, before I sleep and when I wake up (I sleep few hours per night, and wake up to nearly 2 pages of it usually), and all times in between as frequently as work permits. My max possible efforts are simply not enough to keep the boards maintained with the limited moderator rights I have.
User avatar
D3thAdd3r
Posts: 3221
Joined: Wed Apr 29, 2009 10:00 am
Location: Minneapolis, United States

Re: Bot Spam and IP Bans

Post by D3thAdd3r »

Just wanted to make a quick note to other moderators, please *DO NOT* delete the spam that pops up in the next couple of days. nicksen782 will be running some tests with his new tool and will need some data to complete this. Everyone else, just a heads up that any spam left over the weekend is on purpose and is not just neglect. It will be cleaned up in short order as it becomes unneeded for this purpose.
User avatar
nicksen782
Posts: 714
Joined: Wed Feb 01, 2012 8:23 pm
Location: Detroit, United States
Contact:

Re: /*************************************Bot Spam and IP Bans*/

Post by nicksen782 »

Real demo: https://youtu.be/JGvf2NXrvfI

Lee (and other members with moderator status) we should discuss how you can use the program. Also, I'm open to suggestions.

It is okay to resume deleting spam posts now.
Post Reply