Ideas to prevent spammers, make their work harder
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Widelands Website |
Won't Fix
|
Low
|
kaputtnik |
Bug Description
Also with the new captcha solution we got several spammers from India (it seems). I guess these are real human since some people do work for a few pennies. We could do nothing to prevent registering such accounts, but maybe we could make their work harder.
Some ideas:
- Allow only new topics if a specific time has left. So if a user creates a new topic, it is not allowed for him to create another new topic for about (f.e.) 1 hour. Maybe this would cause other implications because the spammer has time to find other places where he could write his spam (f.e. wiki)
- Creating a "phrases blacklist": If a post/topic contain one of theses phrases prevent saving/posting. Examples for phrases from the latest spam floods: "baba ji", "Baba ji", "Tantrik" or just a regex catching (telefone) numbers like "+919829791419". The admins should then be informed when this happens.
Other ideas welcome :-)
Related branches
- SirVer: Approve
- GunChleoc: Approve
-
Diff: 360 lines (+151/-25)11 files modifiedpybb/admin.py (+2/-2)
pybb/forms.py (+0/-1)
pybb/migrations/0002_auto_20161001_2046.py (+19/-0)
pybb/models.py (+24/-0)
pybb/urls.py (+2/-1)
pybb/views.py (+32/-5)
templates/pybb/forum.html (+35/-4)
templates/pybb/inlines/display_category.html (+16/-7)
templates/pybb/last_posts.html (+7/-5)
templates/pybb/pybb_moderate_info.html (+12/-0)
templates/pybb/topic.html (+2/-0)
- SirVer: Approve
- kaputtnik (community): Needs Resubmitting
-
Diff: 84 lines (+11/-7)4 files modifiedlocal_settings.py.sample (+5/-0)
pybb/feeds.py (+5/-4)
pybb/templatetags/pybb_extras.py (+1/-1)
templates/pybb/last_posts.html (+0/-2)
- SirVer: Approve
-
Diff: 229 lines (+83/-34)5 files modifiedmainpage/views.py (+0/-1)
pybb/admin.py (+22/-4)
pybb/forms.py (+42/-7)
pybb/models.py (+14/-0)
pybb/views.py (+5/-22)
- SirVer: Approve
-
Diff: 316 lines (+49/-95)9 files modifiedpybb/forms.py (+4/-13)
pybb/management/commands/send_hidden_post_mail.py (+22/-0)
pybb/models.py (+6/-21)
pybb/templatetags/pybb_extras.py (+1/-1)
pybb/views.py (+3/-4)
settings.py (+2/-3)
templates/pybb/forum.html (+3/-34)
templates/pybb/inlines/display_category.html (+7/-16)
templates/pybb/topic.html (+1/-3)
- Widelands Developers: Pending requested
-
Diff: 13 lines (+7/-0)1 file modifiedlocal_settings.py.sample (+7/-0)
- GunChleoc: Approve
-
Diff: 42 lines (+13/-1)2 files modifiedlocal_settings.py.sample (+1/-0)
pybb/views.py (+12/-1)
- SirVer: Approve
-
Diff: 434 lines (+207/-64)14 files modifiedcheck_input/__init__.py (+1/-0)
check_input/admin.py (+18/-0)
check_input/apps.py (+5/-0)
check_input/management/commands/send_suspicious_mail.py (+15/-13)
check_input/migrations/0001_initial.py (+30/-0)
check_input/models.py (+50/-0)
check_input/urls.py (+6/-0)
check_input/views.py (+36/-0)
local_settings.py.sample (+1/-2)
pybb/forms.py (+1/-30)
pybb/views.py (+34/-16)
settings.py (+1/-0)
templates/check_input/moderate_info.html (+8/-3)
urls.py (+1/-0)
Changed in widelands-website: | |
assignee: | nobody → kaputtnik (franku) |
status: | New → Confirmed |
importance: | Undecided → High |
status: | Confirmed → In Progress |
Changed in widelands-website: | |
importance: | High → Medium |
I am convinced that the spammers in the forums are humans - we also had several attempts at spamming in the wiki which we always reverted. I think addressing these besides deleting their posts in a timely fashion is very hard....
My stance on this is that whatever is done to make life hard for spammers, it should not make life hard for regulars in the forum. It is a net loss if we fight spammers, but also alienate posters.
> Allow only new topics if a specific time has left.
this is something that I find would also affect regular posters. I do not like it for this reasons.
> Creating a "phrases blacklist"
This is fragile and easily circumvented. Spammers will just misspell words or leave out certain characters - they do it for spam in mails already. Also a SPAM classifier could be used on the backend - but they do have false positives and it is very annoying for regulars if you are flagged as SPAM without actually being spam.
A combination of this could be used: something like: "Your post was received, but our classifier is 85% certain that it contains SPAM. A admin will review your post in a timely manner and allow or reject it." And if the classifier does not complain, it will just go through.
Revelant SO question. I like the approach: basically it uses the akismet web service. So each comment would get send to akismet (if it is reachable) and if akismet says SPAM, we hold it back for publishing until review. If akismet greenlights it, we let it go through.
http:// stackoverflow. com/questions/ 3641042/ automatic- spam-filtering- or-flagging- for-django- or-python