Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 11 of 11
  1. #1
    Regular Coder medigerati's Avatar
    Join Date
    Jul 2005
    Location
    San Antonio, Tx
    Posts
    163
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Automated Spam Poster

    I've been having a problem recently with a spammer posting replies all over my website. I have the feeling it's all automated because the posts are usually the same and repeated throughout. I'm wondering if y'all have any ideas on how to prevent such problems. I've seen the verification images, so that's an idea but I'm wondering if anyone else has dealt with this issue? I thought about mandatory registration to post but I really want to make it easy for people to reply.
    Thanks,
    Kevin
    If you need a little more help, I'm available as a Website designer in San Antonio
    ----------
    If I've helped, please check out my friend's nature photography and let me know if you like anything.

  • #2
    Senior Coder
    Join Date
    Dec 2004
    Location
    Essex, UK
    Posts
    2,636
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Image verification is probably the best method to deter spammers.

    I'd guess they use a program or something to automate it. If the message is posted in the url it would also be very easy to spam (ie. post.php?name=spammer&email=spammer@spam.com) because they could just keep refreshing that page. Hard to know the best method without knowing how they do it but I'd say go for image verification.

  • #3
    Rockstar Coder
    Join Date
    Jun 2002
    Location
    USA
    Posts
    9,074
    Thanks
    1
    Thanked 328 Times in 324 Posts
    You should also consider making your website log the IP address of people replying, that way you could see if this spam keeps coming from the same IP, you could make your script not accept responses from that IP address and send them to some sort of error page saying their IP address has been blacklisted.
    OracleGuy

  • #4
    Senior Coder
    Join Date
    Jun 2002
    Location
    near Oswestry
    Posts
    4,508
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by mark87
    Image verification is probably the best method to deter spammers.
    Image verification is counter-accessibility - what if you can't see the image? Or you can see it but can't make out what the letters are?

    I reckon you'd be better off with IP blocking and such tactics. I admit it's not perfect, and honestly I'd like to be able to recommend something as high-strength as image verification (though it can still be broken with letter-recognition software), but I just don't know of anything that can be done which doesn't also impact on a proportion of legitimate users.

    Remember that validation is in every sense "your problem", rather than "your users' problem", so anything that undermines or significantly obfusctates the process for legitimate users, in the name of security, is a kind of buck-passing of the problem from you to your users.
    "Why bother with accessibility? ... Because deep down you know that the web is attractive to people who aren't exactly like you." - Joe Clark

  • #5
    New to the CF scene
    Join Date
    Aug 2005
    Location
    I forget
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Try having members check their e-mail and verify who they are before they can log in or post. Also make sure guests can't post and ban the IP adress. Thats all I have in mind. Never heard of Image Verification.

  • #6
    Regular Coder medigerati's Avatar
    Join Date
    Jul 2005
    Location
    San Antonio, Tx
    Posts
    163
    Thanks
    0
    Thanked 7 Times in 7 Posts
    I'm struggling between image verification and some other unused method only my site would use. I highly doubt spammers would go through the extra trouble of figuring out a code that is used for only one site. IP blocking is definitely something I'm going to implement.
    Thanks for the help,
    Kevin
    If you need a little more help, I'm available as a Website designer in San Antonio
    ----------
    If I've helped, please check out my friend's nature photography and let me know if you like anything.

  • #7
    Senior Coder
    Join Date
    Nov 2003
    Location
    Minneapolis, MN
    Posts
    2,879
    Thanks
    2
    Thanked 65 Times in 56 Posts
    What about a "forced preview," sort of how Textpattern does by default? It forces the user to preview the comment before submitting... seems like it would work and still be accessible.

  • #8
    Regular Coder
    Join Date
    May 2004
    Location
    Berkeley, California Age: 15
    Posts
    398
    Thanks
    0
    Thanked 0 Times in 0 Posts
    There is a fantastic spam blocking code that I use called Bad Behavior. It blocks spammers by looking at all the headers they send. They'll often have typos in the user-agent that can differentiate spam bots from real browsers. The great thing is, with over 200 users with Bad Behavior, there has yet to be a single false-positive.

    Check it out at http://www.ioerror.us/software/bad-behavior/

    It comes in plugin form for various software tools, but it also runs 'generic' mode that can be included in any site. Good luck!
    Jalenack.com .:. YWDA Founder .:. Rounded Corners Maker 1.1! .:. My Blog
    The hardest thing about teaching is not knowing the right answers, but knowing the right questions - Elisabeth Klein
    Pretty buttons does not a great website make.

  • #9
    Regular Coder
    Join Date
    Jul 2005
    Location
    Halifax, Nova Scotia, Canada
    Posts
    392
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Interesting... if this problem got out of hand on my site though I'd probably do up a custom image verification set.
    Once I thought I was wrong but I was mistaken.

  • #10
    New to the CF scene
    Join Date
    Jul 2006
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Visually Impaired Users, Image Verification Codes

    Hi all, I'm a totally blind user and I use a text-to-speech screenreader to browse the Internet. I understand the whole concept of image varification, and I do agree it's a good way of preventing automated spam. But at the same time, I totally agree 100% with the user who pointed out "what if the person can't see the image or can't make it out?" In the case of blind and visually impaired users, text-to-speech screenreaders are unable to read the image verification codes, which puts users at a disadvantage. Sites such as hi5, myspace, savefile.com and dot.tk to name a few, all have these features, and a lot of site developers don't seem to be too aware of this disadvantage and/or are not willing to include features that would accommodate the blind/visually impaired user. However i do like Hotmail's image verification system, they have an audio feature which, when you click on it, allows you to hear the characters in the image and type the characters that you hear. My question is: How can i independently get through the image varification codes without having to bug people all the time to tell me what the codes are? I mean, it's ok to ask for help every once in a while and all, it's just that I feel that as a visually impaired user who is quite confident with technology, I should be able to do things more independently with the necessary accommodations. So, to get back to my point, I've always used IP blocking, and that seems to work out perfectly for me. Hey, I should check out that Bad Behaviour spam-blocking software.

  • #11
    Senior Coder
    Join Date
    Jun 2002
    Location
    The Netherlands, Baarn, Ut.
    Posts
    4,252
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Spam filter

    Sofar, I have had very positive results from the Akismet spam filter. Although it is primarily offered as a plug-in for WordPress installations (which I have), the API is open for other uses, which they seem to encourage. You could take a look under "Development" to see if this could be adapted for your use; a number of libraries are already made available.
    Regards,
    Ronald.
    ronaldvanderwijden.com


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •