Forums spam bombing - suggestion

412 views
Skip to first unread message

Martimiz

unread,
Dec 1, 2013, 4:46:06 AM12/1/13
to silverst...@googlegroups.com
Hi guys,

Yesterday I removed 91 spams from the SilverStripe forums. This morning, after breakfast, another 32. i know that other moderators are battling alongside. This time it's basically the same person, creating an account, posting 20 to 30 messages, come back sometime later and start again.

In cases like this, where it is obvious this person doesn't post anything serious, we could really use a link in the account settings where we could mark all this users' posts as spam in one go...

I'm not at all familiar with the forum module, would this be acceptable/doable?

Martine

Olli Tyynelä

unread,
Dec 1, 2013, 5:34:43 AM12/1/13
to silverst...@googlegroups.com
That doesnt help in the log run.

IMHO the only way to combat spam bots is add caphca, honeypot fields or require confirmation Upon registration.

You could add the chckbox or remove user permissions but that still requires moderation and whit a bot spamming you are the only losing time ;)..

:o

Lähetetty iPadista
> Martine
>
> --
> You received this message because you are subscribed to the Google Groups "SilverStripe Core Development" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to silverstripe-d...@googlegroups.com.
> To post to this group, send email to silverst...@googlegroups.com.
> Visit this group at http://groups.google.com/group/silverstripe-dev.
> For more options, visit https://groups.google.com/groups/opt_out.

Ingo Schommer

unread,
Dec 1, 2013, 7:14:55 AM12/1/13
to silverst...@googlegroups.com
Hey guys, 

we do both captchas and honeypots already.
Does anybody have experiences how well email confirmations
work to combat spam? In my mind it shouldn’t be a big problem to overcome for spammers either.
Does anybody have recent research on the effectiveness of Recaptcha?
I can’t decide if its just people signing up manually (~30/day would be possible),
or if they’re actually cracking the captcha and we should look for a better alternative.

I think a batch-marking of spam for a specific account would be a great
feature for the forum module, and I’ll happily deploy that onto ss.org.
Anybody keen to write a pull request? Keep in mind it needs to be 2.4 compatible,
since we haven’t upgraded ss.org to 3.x yet - shoemakers own shoes…:D.

Ingo

P.S.: I’ve been talking about this issue with our community manager Cam as well yesterday.

Martine Bloem

unread,
Dec 1, 2013, 11:32:56 AM12/1/13
to silverst...@googlegroups.com
I'm not sure if this really is a bot. A new batch came in over a period of about 30 mins, that were minutes apart, so either a slowbot or some individual. in the latter case email confirmatin/honeypot won't really work... Recaptcha might, just because it is sooo annoying :)

 That button shouldn't be so very hard to accomplish - basically a copy of the one in the forum post, with an extra bit of query added...

Martine

Ralph Slooten

unread,
Dec 1, 2013, 11:54:38 AM12/1/13
to silverst...@googlegroups.com


On 2/12/2013 1:15 am, "Ingo Schommer" <in...@silverstripe.com> wrote:
> I can’t decide if its just people signing up manually (~30/day would be possible),
> or if they’re actually cracking the captcha and we should look for a better alternative.

Generally a fairly reliable way to tell would be to look in the web server's log files. Look for things like the time between actions. If a "person" is signing up and submitting all within seconds then it's probably automated. Another telltale is repeated fast form submissions where captcha fields are present (fail &  retries). Another telltale is changing ips in a spamming session and/or the use of the Tor network.

I also find it hard to believe their ip isn't registered on the httpbl database (they are pretty good),  but you could also integrate with the stopforumspam database too (simple api) for things like sign up page. It may first pay though to do a manual check of the ip (or ips) of this spammer first.

Cheers,
Ralph

Cameron Spiers

unread,
Dec 1, 2013, 5:46:07 PM12/1/13
to silverst...@googlegroups.com
I'm wondering what the text based content within the posts looks like? How obvious is it that it is spam?

I have been working on a classifier written in PHP for some time, and I have recently deployed it to combat spam in a SilverStripe site with good success.

Classification works by putting existing content into categories, (e.g. spam, ham) and using that content to train the classifier. The trained classifier can then be used to classify new content into a category. It is the same type of approach that most email providers use to combat spam. 

Whether or not this particular library is the right approach, I recommend having a look into using classification to deal with spam. It is less intrusive to the user (e.g. no captcha) and offers flexibility with how you use it.

Cam




--

Cameron Spiers Senior Developer
Ph. 04 831 5130   heyday.co.nz

Heyday is a digital agency based in Wellington, New Zealand. It employs 35 staff and drives the online presence of brands through insight, ideas, design, delivery and improvement. Clients include Weta, Meridian Energy, GIB, Ecoya, ANZ, Trilogy, Gallagher Group and Z Energy. Please visit our website for further information.





--

swaiba

unread,
Dec 2, 2013, 4:34:18 AM12/2/13
to silverst...@googlegroups.com
Hi Cam,

It is so obvious it is spam it is ridiculous... but as I messaged Ingo the worst part is that it is *no longer* restricting their account after I mark them as a spammer.
That drains my motivation to mark them as spam as I just see the user I've just marked as a spammer continue to spam.

Fix that please before adding anything fancy.

schellmax

unread,
Dec 2, 2013, 5:19:23 AM12/2/13
to silverst...@googlegroups.com
slightly off topic, but at this point i'd just like to repost my suggestion on moving Q&A topics over to stackoverflow.com (instead of struggling with forum issues?). it's so much easier to get an overview of relevant information (say, accepted/upvoted answers/comments...)

Martimiz

unread,
Dec 2, 2013, 5:39:06 AM12/2/13
to silverst...@googlegroups.com
Hi Cam,
as Swbaiba says: it is really really really obvious, see description bjelow. Confirmed: accounts are no longer suspended!!!!! (also on 'mark as spam' the page no longer redirects, maybe the bug stems from there). You guys really need to help us out here,, because this is definitely tno lunger funny :(

- one account, 16 to 32 posts
- title plus long story about non silverstripe issue
- a jpg download
- some sort of e-mailaddres
- no links

We used to have others before, like kitchenguy:
- one account, one post (zillion times)
- one (or two) links

Or others:
- one account, 1 post
- zillion links

Or answers to old posts (not so often)

Martinep

swaiba

unread,
Dec 2, 2013, 7:14:55 AM12/2/13
to silverst...@googlegroups.com
>>You guys really need to help us out here,, because this is definitely tno lunger funny :(

Seconded - it is indeed NOT funny to see the spammers adding more and more messages from the same accounts that I've just marked50+ posts as spam :( :(

swaiba

unread,
Dec 2, 2013, 9:22:52 AM12/2/13
to silverst...@googlegroups.com
Does anybody have experiences how well email confirmations
work to combat spam?

Ingo Schommer

unread,
Dec 2, 2013, 12:19:24 PM12/2/13
to silverst...@googlegroups.com
Hey guys, 

had a bit of a look in the ss.org logs and DB:
In the last 48h, there were 935 registration form submissions
resulting in 6 signups, two of which were identified by stopforumspam.org
and subsequently blocked.

Most of these submissions will be bots, and a few
of them have dozens of requests coming from the same IP.
None of those excessive repeated signup attempts did actually 
make it through though, judging from the IPs tracked for registration. 

So my hunch is that we’re dealing with manual spammer signups here,
which won’t be defeated by honeypots or captcha. To confirm that
would require a larger sample set than 48h, but I don’t have time for that. Maybe Cam F. does?

I doubt that email verification will hinder spammers either,
or has anybody had good success with that measure?

Content classification sounds interesting, but we’d need
somebody in the community to own getting this working
and fine tuning the training. Cam S., how much processing
time does it use? Unfortunately we don’t have good spam
training data since we delete spammy posts rather than just flag them.
That’d be a first step I guess: Implement post flagging + filtering in 
the forum module (or store the spam content somewhere before deletion).

@Martimiz: Member suspension by clicking “Mark as spam” on a page
still works for me, do you have a specific example where it didn’t work for you?
Can you send me a link to your member profile on ss.org so I can check your permissions?

Ingo

Martimiz

unread,
Dec 2, 2013, 12:49:59 PM12/2/13
to silverst...@googlegroups.com
@ingo:
it hasn't been working for me the last 200+ times or so, first noticed it the day before yesterday. It used to, but doesn't anymore. Same goes for swaiba.

Link to my profile: http://www.silverstripe.org/ForumMemberProfile/show/3377

as I said before, this is most likely a manual spammer, judging by the time intervals at least.

Simon Welsh

unread,
Dec 2, 2013, 11:22:55 PM12/2/13
to Martimiz, silverst...@googlegroups.com
I’m also seeing that the accounts aren’t being suspended and the page isn’t redirecting. I’m getting a 500 when marking something as spam (URL: http://www.silverstripe.org/upgrading-silverstripe/markasspam/326232). My ID’s 480.
>--
>You received this message because you are subscribed to the Google Groups "SilverStripe Core Development" group.
>To unsubscribe from this group and stop receiving emails from it, send an email to silverstripe-d...@googlegroups.com.
>To post to this group, send email to silverst...@googlegroups.com.
>Visit this group at http://groups.google.com/group/silverstripe-dev.
>For more options, visit https://groups.google.com/groups/opt_out.
>

---
Simon Welsh
Admin of http://simon.geek.nz/

Ingo Schommer

unread,
Dec 3, 2013, 6:18:43 AM12/3/13
to silverst...@googlegroups.com
Alright, think I’ve tracked this down. We’ve installed a module to track
errors through raygun.io on the 20th of November, and the error reporting
had a bug (how meta…). I’ve signed up with a test spam and test moderator
account, and confirmed I can mark users posts as spam and actually suspend them.
Once you hit more spam, would be cool if you can quickly respond here if that
fixes it for you as well. Sorry for the inconvenience here, I think this calls
for some Behat tests ;) But first we’d need to upgrade ss.org to 3.x...

Martine Bloem

unread,
Dec 3, 2013, 7:19:31 AM12/3/13
to silverst...@googlegroups.com
That's great! Will do.

Btw: there is one thing I have absolutely never seen, and that's a user that poses a serious question or two, and then starts spamming like this. So i personally think there would be nothing against removing all messages from the thread (be it temporary) for users that are marked as spam. 

For users that do spam a bit by accident, you could just delete the offending message. 

Questions: 

- why can moderators delete entire messages, but not edit them to maybe remove an offending bit, but leave the good bit of a post intact?

- When this spamming situation comes up, lots of people respond by saying we should abandon the forums for StackOverflow. What are your thoughts on this matter?

Martine

Martimiz

unread,
Dec 3, 2013, 8:24:38 AM12/3/13
to silverst...@googlegroups.com
@ingo: yep, it is working again :) thanks!

Martimiz

unread,
Dec 3, 2013, 8:24:39 AM12/3/13
to silverst...@googlegroups.com

c...@silverstripe.com

unread,
Dec 3, 2013, 3:28:53 PM12/3/13
to silverst...@googlegroups.com
@ingo, thanks for sorting this. Finally have had time to chime in on this (still finding my feet in this new role, lots going on!).

Please keep any spam related stuff on my radar so I can look to advocate for more resource on ss.org improvements (as well as looking at ways we can work on it more as a community :) ).

Agree... we need to make a move to 3.x as a move towards greater ss.org improvements.

Behat tests... I approve :)

c...@silverstripe.com

unread,
Dec 3, 2013, 3:44:58 PM12/3/13
to silverst...@googlegroups.com
@Martimiz, 

Here are my thoughts on your questions:

- why can moderators delete entire messages, but not edit them to maybe remove an offending bit, but leave the good bit of a post intact?

Suspect that we just simply don't have this functionality in the forum module, raises a bigger question of where could we take future versions of the forum module.
I wonder if it is possible to allow edit access in a certain security group in the backend? something to find out about, Ingo any ideas?


- When this spamming situation comes up, lots of people respond by saying we should abandon the forums for StackOverflow. What are your thoughts on this matter?
I am in two minds on this and actually can see merits of both. Dropping the forum module on ss.org also means we are not 'eating our own dog food' so to speak. It is also nice to have a clear place to go for new people coming into the community, we welcome them in rather than telling them to go elsewhere to talk to people about their silverstripe cms related issues.

I think there is place for both, however I would like to see a few things for the forum module such as being able to mark the version number of SS that the post refers to, marking posts as an accepted answer and an improved advanced search/filtering (I have been receiving feedback to this effect from a few community members via the comm...@silverstripe.org email). 

Strategically though I think we need to get to 3.x version of stable code first to make working on improvements more inline with where SS CMS is now and valuable to the community in terms of any resulting code contributions. 

I grew up on a diet of 2.3/2.4 but would really like to have a taste of 3.x on our community site.

Just a few thoughts there anyway, nothing set in stone as I would like to start a dialog and work with the community and SilverStripe internally to get a workable set of steps forward in the new year.


Thanks mods that got onto the spam recently too... I know how much of a pain it is (I jumped in and cleaned a bunch too) and I really appreciate it :)

I'm checking a number of channels at the moment which can get a bit info overload so if there is anything you think should really be on my radar please tweet, private message, email me to keep me aware.


Love your work ++100

'Community' Cam Findlay

Martimiz

unread,
Dec 4, 2013, 4:13:30 AM12/4/13
to silverst...@googlegroups.com
I get what you're saying, and I kind of hover in that direction too. Still - this morning again 107 spams removed during breakfast, one account had 57 spamming posts, so that option to remove all at once would have really made a difference.

One other detail: the rss feed is still caching yesterdays removals, so that's no longer usable to track spams

Martine

Ingo Schommer

unread,
Dec 4, 2013, 7:07:45 AM12/4/13
to silverst...@googlegroups.com
The relevant “markasspam” feature is here: https://github.com/silverstripe/silverstripe-forum/blob/0.4/code/Forum.php#L574
The phpdoc is actually inaccurate, but deleting all posts seems to have been the original intention of the feature.

I think for that to happen we need one of the two additions to the forum module:
- A confirmation screen with a list of all posts about to be deleted (eaiser = my preference)
- “Soft deletes” of forum posts where we just set Deleted=1 and filter them out everywhere.
Otherwise its just too easy to mistakenly click “mark as spam” on a valid user,
e.g. in Will’s case that’d delete his entire 5500 posts, which will be very hard to restore.

As usual, its mostly a matter of somebody actually sending a pull request for it (with tests).
Waiting until a shift to 3.x is putting unnecessary blockers in the way, that’s not going
to happen soon since we need to migrate a lot of custom code on ss.org,
and any upgrade work will likely be tied to our long-planned ss.org restructuring.

RSS caching is set up to 1h (see ForumHolder_Controller->rss()). 
Do you see it being cached for longer than that?
Cam, could you find out if Nginx is doing some caching on top of that?

Ingo 

Martine Bloem

unread,
Dec 4, 2013, 8:26:16 AM12/4/13
to silverst...@googlegroups.com
@ingo
Oh yes :( Maybe a remove-all isn't such a good idea after all. It's real easy to push that link, happens to me on ipad by just accidentally moving my thumb - at that point your'd be one click away from disaster. A slight panic, and aaaargh... You'd have to trust your moderators an awful lot :)

Maybe astrologer-guy will give in at some time. We've neve before had a moron like this...

The cache has been refreshed. Maybe it's just my problem with new zealand time again, where your yesterday isn't mine. Since all 'yesterday' posts were deleted, I assumed...

Martine

swaiba

unread,
Dec 4, 2013, 10:25:07 AM12/4/13
to silverst...@googlegroups.com
Hi,

thanks for fixing the mark spam issue Ingo! :)

regarding the mass deletion - I was under the impression that the post never actually gets deleted - as martine pointed out previously with kitchen - but now you coudl see with http://www.silverstripe.org/search/?q=baba 
it being the case that they are not deleted the confirmation page could be more of an "undo" page - just reporting on what you have just done (e.g. posts where markedas spam and DATE(lasteditted) = DATE(NOW()) or something a bit tighter)

I'll have a go if there is exact information on the code to use and I'd obviously prefer to do it for SS3 only

Simon Welsh

unread,
Dec 4, 2013, 12:52:27 PM12/4/13
to silverst...@googlegroups.com
They're deleted. The search is a google custom search, so you need to wait for google to purge them from its index before they stop showing up. 

Sent from my phone

Martimiz

unread,
Dec 13, 2013, 4:21:14 AM12/13/13
to silverst...@googlegroups.com
Just to let you know: this is still going on, day by day. Just removed another 90. Is there really nothing that can be done in this special case? Filter on some words maybe? Just call the guy and shout at him? it's really getting stale :(

Martine

Daniel Hensby

unread,
Dec 13, 2013, 4:22:53 AM12/13/13
to silverst...@googlegroups.com

Sorry to join this party late, but maybe mollom would help as it actually analyses the content of the submissions and then shows the captcha if it's ambiguous or straight rejects certain spam.

Dan

On 13 Dec 2013 09:21, "Martimiz" <mart...@gmail.com> wrote:
Just to let you know: this is still going on, day by day. Just removed another 90. Is there really nothing that can be done in this special case? Filter on some words maybe? Just call the guy and shout at him?  it's really getting stale :(

Martine

Daniel Hensby

unread,
Dec 13, 2013, 4:23:37 AM12/13/13
to silverst...@googlegroups.com

Also, perhaps this guy's account has been compromised, why not force a password change?

Dan

Ingo Schommer

unread,
Dec 13, 2013, 4:36:06 AM12/13/13
to silverst...@googlegroups.com

Which guy are we talking about here? (forum profile URL)
I suppose you marked some of his posts as spam already,
so they should have a SuspendedUntil date set in the database
and no longer be allowed to post.

In general, when you suspect bugs in the forum operation,
can you please try to reproduce them on a clean install
with the forum module and see if you can patch anything?
In this case on a 2.4 install with forum 0.4.

I'm hesitant to put an external service dependency like Mollom
onto every forum post submission. We had pretty mixed experience with its
availability, its a free service after all. And its free offering of 50 legitimate posts
per day would artificially limit our throughput on the forums.
We could limit it to first posts only, but given the spammers can
already get around the pretty sophisticated Recaptcha I don't think that'll detract them.

Thanks
Ingo

Daniel Hensby

unread,
Dec 13, 2013, 6:07:41 AM12/13/13
to silverst...@googlegroups.com
Mollom is only free if you choose the free option.

Any effective anti-spam system that uses crowd sourced machine learning to identify spam(mers) is going to come with a price.

swaiba

unread,
Dec 13, 2013, 10:09:43 AM12/13/13
to silverst...@googlegroups.com
Which guy are we talking about here? (forum profile URL)

multiple, now they are creating profiles and posting ~30 messages at a time about "baba magic love skills" or whatever - if you look at the forum roughly every 3/4 hours you will see them

>>Just removed another 90

 
I've also removed around that number today

>>In this case on a 2.4 install with forum 0.4.

great so if I make any patch for this you'll review - as previously said I cannot/will not do phpunit sorry

I think that something to limit you to x posts would be step one, but something better like Cam was suggesting "classifying" posts would work in combo with this
e.g. if nothing flags then let them post
but if they mention a certain web address, email or telephone number (as all the serious spammers seem to) then this along with x posts per day on signup would get rid of this really annoying cases


Dan Rye

unread,
Dec 13, 2013, 10:14:44 AM12/13/13
to silverstripe-dev
What about new account posts have to be approved by a moderator?  I don't know the volume of new accounts, but 1/new account seems better then 30/new account.

Dan



Opticblaze

unread,
Dec 13, 2013, 5:25:30 PM12/13/13
to silverst...@googlegroups.com
Hi Guys,

I was wondering if normal forum members cant help with the spam issue. What about creating a voting button that every forum user can click if he thinks a post is a spam. We then set a threshold lets say if a post registers 10 spam votes for example, then the system generates a list which i think will be easier to manage. It will still rely on moderators but because more of us are able to help notify the admins/moderators i think it might make your work a bit easier. I suppose we could even run a fancier query that check if the same account has been flagged in multiple posts for spam by multiple users. If you really want to pimp the system out you give normal forum members with a certain amount of good posts under their belt the ability to have a weighted vote. So forum members who have completed their profile and posted at least 30 posts gets 2 votes, forum members with more than 100 posts get 3 votes and so on. The more active you are in the community the more responsibility you will be given.... just an idea






On Sunday, December 1, 2013 11:46:06 AM UTC+2, Martimiz wrote:
Hi guys,

Yesterday I removed 91 spams from the SilverStripe forums. This morning, after breakfast, another 32. i know that other moderators are battling alongside. This time it's basically the same person, creating an account, posting 20 to 30 messages, come back sometime later and start again.

In cases like this, where it is obvious this person doesn't post anything serious, we could really use a link in the account settings where we could mark all this users' posts as spam in one go...

I'm not at all familiar with the forum module, would this be acceptable/doable?

Martine

Opticblaze

unread,
Dec 14, 2013, 3:08:21 AM12/14/13
to silverst...@googlegroups.com
Adding to my previous post..... if normal members could vote it  would be easy to target a guy like this: http://www.silverstripe.org/ForumMemberProfile/show/38278

We could just vote the whole profile as a spam profile and then delete all his posts in one shot instead of one by one

Ingo Schommer

unread,
Dec 15, 2013, 4:48:58 PM12/15/13
to silverst...@googlegroups.com
Voting would be a great addition to the forum, but it strikes me as an afterthought for this situation. If a spammer has gotten dozens posts on the forum already, the damage is done in terms of cluttering the user experience for legitimate users. We'll need a reasonable amount of votes (3-10 depending on status) before blocking a user, I think by the time we have those votes a moderator could've already sorted things out.

Approval by moderator sounds really annoying from a user perspective: You sign up because you have a question, and you want that question seen and ideally answered right now. Even waiting for 30min approval is a significant dent in this experience IMHO. And we're a small community, so any more busywork added for the few moderators mean they have less bandwidth to deal with other things like sending pull requests, answering forum posts, etc.

Flood control (limiting number of posts by new users) sounds like the best straightforward idea to me. Most users will start out with a single post after registration.
Anything beyond 3-5 posts is an anomaly that we could catch by asking users to contact moderators directly. Anybody keen to write this feature?

@swabia: Thanks for patching! Are there any specific blockers in terms of getting started with PHPUnit that I can help with?
We'd really prefer stuff to be tested, but given the situation any code is a good starting point.

Thanks
Ingo

Opticblaze

unread,
Dec 16, 2013, 1:39:42 AM12/16/13
to silverst...@googlegroups.com
@Ingo,

Ok makes sense....
1) What about at least giving forum members the ability to flag in-appropriate posts, that should help moderators target these guys quicker?
2) Flood control sounds like an excellent idea


Simon Welsh

unread,
Dec 16, 2013, 1:47:59 AM12/16/13
to silverst...@googlegroups.com
From my point of view, the problem isn't discovery (which is what a flagging system's for) but removing a large amount of posts from a single user. Rate limiting or a "delete all posts" button on a profile would be much more useful. 

Sent from my phone

Will Rossiter

unread,
Dec 16, 2013, 10:47:58 PM12/16/13
to SilverStripe Development
Ingo / Cam with access to the live database might be able to answer this but how many posts per week are from new users (i.e first posts). If it's 3-5 then I think your first post could be moderated. If your first post has not been moderated yet then you cannot post another message. Mod's would just need to approve that users first post to have it appear on the site which I'm sure is a small list. Also allows the mods a chance to review common issues that are first coming in.

Dan Rye

unread,
Dec 16, 2013, 10:51:32 PM12/16/13
to silverstripe-dev
Will, that is what I was suggesting, though your description is a bit more clear.  I do like Ingo's idea of rate limiting, perhaps you can only post one new post within 24 hours of creating a new account.  I'd imagine this will just increate the number of bad accounts being created.

Dan

Martimiz

unread,
Dec 17, 2013, 9:17:30 AM12/17/13
to silverst...@googlegroups.com
From my moddy experience, the overall amount of spam on the forums has typically been small and not hard to manage (which says nothing about the future I know). I hope with available (third party) tools they can be filtered out even further. It's just that this last guy is such a pain...

We've two types of multi-spammers: multiple-accounts-one-message-each, like kitchenguy a while ago, and multiple-accounts-multiple-messages, like the current Indian astrologer. In both cases though, the messages have always been really similar, so if they come through, once spotted, they could easily be filtered out for the future using some list (that a mod could maybe add to).

Then to remove what has been posted. In the situation of multiple posts per account, we would be helped with that button to remove all remaining spam for an account. To prevent erasing all Will's 5000+ posts by accident, as Ingo fears might happen, the button could be placed in the user account, appear only after the account has been suspended already, and remove a max number of posts, starting with the oldest to cause least damage. A very basic practical solution that would have saved an awful lot of time - in this case.

I hope we can stay away from options that restrict first time users still. To me the forums are formost a low-level first stop for new silverstripe users, trying to get in touch with core devs and the community. In that way they may have a role in building the community. To put restrictions here would not appear very friendly and might even send them away again. QuestIons are often answered within just a couple of hours. For me that's a great thing and I personally would really like to keep it that way! And with something like the above, i think we could keep spam under control for now.

Also, when first posts are to be approved first: please consider that mods are not always 'on duty' and working hours may or may not overlap, I think a couple of the mods listed aren't even active any more. Once you implement this, you'd have to make sure all post are always(!) moderated within a strict timeframe.

Martine

swaiba

unread,
Dec 17, 2013, 11:47:03 AM12/17/13
to silverst...@googlegroups.com
@ingo

Thanks for the offer of help - that applies to windows 7 machines? (or maybe win 8 if santa comes early)
My issue has been that, in the past whenever I've tried, the instal through PEAR is arkward (and fails), then the silverstripe wrapper is incompatible with the verion of PHPUnit I've eventually got running.

I am considering going direct to UNIX now web dev is my life, and I've no qualms it installs / runs fine on there

@martimiz

Yes I agree the main worry is that all the posts get lost.
I was thinking that I could just read the posts before deleting, serialize and gzcompress and store in a "rollback" table
then these could always been restored if there was a serious mistake

but I also agree that "mark ALL as spam" should be conceptually at a different point and on the he profile, after account suspended sounds perfect

what do you think?

Martimiz

unread,
Dec 18, 2013, 4:06:32 AM12/18/13
to silverst...@googlegroups.com
HELP :(

Indian guy has now posted 94 spams on one account: http://www.silverstripe.org/ForumMemberProfile/show/38336

To remove means some 400+ page requests, which is slowly costing me my indexfinger... Anyone with access to the backend/database willing to pick this up? Please?

Martine

Martimiz

unread,
Dec 18, 2013, 5:56:49 AM12/18/13
to silverst...@googlegroups.com
Ok, I decided not to wait because the forums were basically rendered unusable. i removed a grand total of 219 similar spam messages from 10 accounts (lastnight,this morning only), which took some effort. Unless this stops soon, the question whether we should or shouldn't keep the forums alive might become obsolete real soon I fear.

Enough for today for me anyway,

Martine

Johannes Weberhofer

unread,
Dec 18, 2013, 9:23:13 AM12/18/13
to silverst...@googlegroups.com
I don't think, the messages are posted manually; Posting is too quick, I think (see /ForumMemberProfile/show/38345 ).

I have made good experiances adding a visible field named URL which is hidden per CSS. Robots usually post data in this field; Revoking this posts prevents lots of messages to be posted.

Another simple method is to add a very simple calculation to the form that must be solved by the user to allow posting.

Both methods are very easy to implement and helps a lot.

Best regards,
Johannes
--
Johannes Weberhofer
Weberhofer GmbH, Austria, Vienna

Ingo Schommer

unread,
Dec 19, 2013, 6:08:38 PM12/19/13
to silverst...@googlegroups.com
Just a quick status update: I've integrated https://github.com/mateusz/silverstripe-qacaptcha into forum post submissions,
which should stop automated responses by requesting answers to questions like "What's the third letter in 'SilverStripe'?".
Less annoying to fill out than Recaptcha, right? We could even remove that captcha if a user has more than X posts (so is validated).
It'll make the investment per post higher for spammers, and if we do the questions right won't be able to be automated easily.

Cam is currently testing this approach, and wants to get help in styling it tomorrow at the hackfest.
We could also use some sample questions - anybody keen to write some? They should be easy, unambiguous
and ideally geared towards the SilverStripe or PHP space. Please send them to Cam/me via email rather than
posting here, we don't want to make it too easy for spammers, right? ;)

Ingo

c...@silverstripe.com

unread,
Dec 19, 2013, 6:36:36 PM12/19/13
to silverst...@googlegroups.com
Hopefully I don't get any emails from Indian Love Guru's with suggested questions.

c...@silverstripe.com

unread,
Dec 20, 2013, 6:45:10 PM12/20/13
to silverst...@googlegroups.com
What would be a suitable number of posts before we remove the captcha for posts? 5 perhaps? I might write this check in today before styling it.


On Friday, 20 December 2013 12:08:38 UTC+13, Ingo Schommer wrote:

Shaun de Greeff

unread,
Dec 21, 2013, 2:18:53 AM12/21/13
to silverst...@googlegroups.com

@Cam,

 

5 sounds good to me for a start. We can always increase it, if we don't see good results. I don't think the average user will mind typing in the captcha. He would have already spend a good couple of minutes writing his post, and another 10 seconds is not going to make him abandon posting.

--

c...@silverstripe.com

unread,
Dec 22, 2013, 5:16:40 PM12/22/13
to silverst...@googlegroups.com
Right, I have pushed some code back into our internal git repo for ss.org. Once Ingo reviews we could look at deployment.

Though the Indian love guru seems to have quietened down over the last few days (unless all you mods have been doing a killer job at dumping that spam?).

Still will be interesting to deploy the proposed code and see how that helps.

As Ingo mentioned we need some simple questions and answers (the question and answer allows for 1 question but multiple possible answers if you want to get creative!) for the qacaptcha module, please email through to myself (c...@silverstripe.com) or Ingo. 

Already had a few through which is awesome to see :)

c...@silverstripe.com

unread,
Dec 28, 2013, 1:23:47 PM12/28/13
to silverst...@googlegroups.com
Just an update: I'm still jumping on here regularly (as I think many of you mods are too) and cleaning spam off the forums. 

I think Ingo is probably still in the process of moving countries but as soon as he reviews the proposed code to shut this spammer up it will go live.

For now, I'll continue to hang on the front lines with everyone and fight the good fight (against the love guru and his hokem astrological love magic).


I am also thinking whether it would be a good idea to actually completely remove these spammers accounts rather than just suspend them. Even suspended accounts have a public URL and more recently the spammers have started to put spam related details in their profile listing.

Martine Bloem

unread,
Dec 29, 2013, 5:35:37 AM12/29/13
to silverst...@googlegroups.com
Hi Cam,
One up for removing the account - or at least not publicly displaying it anymore, once suspended :) None of the links to profiles seem to have a nofollow, so they might very well get indexed.

He might even be aiming for that, because lately he creates these accounts and then waits for a long time before posting, so we cannot mark them.

Anxiously awaiting your/Ingo's solutions, in the mean ttime wishing all SilverStripers  a great (and hopefully spamfree) 2014!!

Martine

Ingo Schommer

unread,
Dec 29, 2013, 8:32:32 AM12/29/13
to silverst...@googlegroups.com
Alright, I’ve deployed the QA captcha protection. Thanks to Will for styling+fixes, Cam for testing, and Shaun for providing us with awesome questions.
We’ve only got 20 so far, so the variation/protection isn’t that great. If any of you guys has a bit of downtime to come up with new ones, please send them through by email :)

Its currently set up to require a captcha on the first 7 days after account creation, or for the first 5 posts.
If the spam continues, we can tweak that to the first 20 posts or so. That’s in the custom (non-public)
ssorg codebase by the way, not in the forum or qacaptcha codebase.

Completely removing accounts by moderators has the same issue as completely removing all posts: Its easy to mess up,
and delete valid members without easy recovery options. Hiding the profile will do the trick as well, right?
We still need to show the profile to the own user on login, since he might be mistakenly suspended 
and a message on top of the profile screen is the only way we communicate that suspension at the moment.
So, anybody keen to implement that on the forum? 

External links in forum posts and “Website” links in the profile should have nofollow,

All the best
Ingo

swaiba

unread,
Jan 2, 2014, 9:52:34 AM1/2/14
to silverst...@googlegroups.com
I think I see some improvement, but I'm still coming on and seeing 100 posts by baba every now and then, makes the odd kitchen one heavenly.

At one point the messages contina silverstripe type phrases and at another point there was a message with no title that could be seen in the forum, but not opened/spected 

Cam Findlay

unread,
Jan 3, 2014, 2:41:53 AM1/3/14
to silverst...@googlegroups.com
Agreed the deployment of the new qacaptcha has slowed them, but it is possible we are dealing with humans solving them.

I have another piece of code I am going to run by Ingo which might finally curb these spammers...

Thanks again all for helping with the spam cleaning, hopefully we get a complete resolve on this soon :)

~Cam

Martimiz

unread,
Jan 7, 2014, 10:40:39 AM1/7/14
to silverst...@googlegroups.com

Well, despite all your efforts, it looks like the current spam measures are not really discouraging friend baba. Yesterday I removed about 200 spam from 3(!) accounts and I don't know about the other mods. Just now removed one account with 112 spams attached, posted within a 3 tot 2 hour interal. And another account is already lined up, which I cannot remove because he hasn't posted yet. Possibly waiting till I'm offline... :(

Is there any chance the multi-spam-removal button can be approved? Or maybe a limit to the number of posts an account can post within an hour or a day?

By the way would it be an idea to at least add no-follow to the profile links? Because a lot of these profiles have already been indexed by google as mini adds for this guy...

Thanks, Martine

camfindlay

unread,
Jan 8, 2014, 3:01:01 AM1/8/14
to silverst...@googlegroups.com
Hamish has been working on some new code to hopefully sort this out, will be along the lines of ghost/hell banning (making the spammers posts/profile invisible to everyone but them). Once their account is set to this it will hide all the spam from them in one go so no more injured index fingers from clicking delete. I have been testing out the code this afternoon, so far so good. Will require a peer review prior to going live. Hold tight, again thanks for your patices and help in clearing the spam everyone! I really appreciate it.

On a funny note, we have confirmation that we are indeed dealing with humans as one was cheeky enough to actually email our support team today and ask why their account was banned and could we turn it back on please.

swaiba

unread,
Jan 9, 2014, 6:47:56 AM1/9/14
to silverst...@googlegroups.com
>>On a funny note, we have confirmation that we are indeed dealing with humans as one was cheeky enough to actually email our support team today and ask why their account was banned and could we turn it back on please.

cheeky monkey

Cam Findlay

unread,
Jan 12, 2014, 8:40:26 PM1/12/14
to silverst...@googlegroups.com
Ok forum mods.

We have released some more code to help with spam. You have been emailed the details as we don't want them public for our friends the spammers to stumble across.

If you are a forum mod and haven't got an email from me yet please let me know here or drop me an email and I will forward you the details.

Let's hope this hlep to keep the spammers under control finally!

~Cam

Martinique

unread,
Jan 13, 2014, 7:37:48 AM1/13/14
to silverst...@googlegroups.com
I'm just soooo happy now :)))))) Thanks!

jpalsu

unread,
Mar 7, 2014, 3:10:37 AM3/7/14
to silverst...@googlegroups.com
Hi

in my RSS reader,

I use 2 filters to delete 100 or more spams within Ss forum.

So I can keep my Ss forum history clean.

Good Luck for you...

Friendly

jpalsu

swaiba

unread,
Mar 7, 2014, 9:55:23 AM3/7/14
to silverst...@googlegroups.com
is that "baba" and "kitchen"? :-)

Oh and Cam since you didn't respond on the forum - what about reviewing the mods - as I said I think half simply don't visit the site anymore.

Also can I be a mod of the payment gateways too - it bugs me when I can't weed them out from there... even if they are the more subtle spam mesages...

Cam Findlay

unread,
Mar 9, 2014, 4:09:51 PM3/9/14
to silverst...@googlegroups.com
Hey Barry, 

Yes I think reviewing the mods is going to be a good idea. Have you got a list of those you think are no longer around?

I'd be keen to get a few more mods in to replace them in localtion around the world so we can catch most of the spam before it gets out of had (perhaps I need a dashboard with "number of love gurus plans foiled" metric lol).

Happy to add you to the payment gateways forum.

swaiba

unread,
Mar 10, 2014, 9:52:05 AM3/10/14
to silverst...@googlegroups.com
Hey Cam,

These are the three I'm thinking are not around that much...

Howard (Last post: 1 year ago)
Ryan M. (Last post: 2 years ago)
biapar (Last post: 2 years ago)

... I could be wrong?  Maybe it is possible to determine internally if someone is marking spam?

Cam Findlay

unread,
Mar 10, 2014, 3:56:19 PM3/10/14
to silverst...@googlegroups.com
Thanks, I'll get in touch with these guys and see if they are still around.

Cam Findlay

unread,
Mar 30, 2014, 8:17:17 PM3/30/14
to silverst...@googlegroups.com
Have emailed these mods, Ryan is stepping down from being a mod. I might look to find out the geographic regions of our mods to ensure we have mod coverage across as many timezones as possible. 


On Tuesday, 11 March 2014 02:52:05 UTC+13, swaiba wrote:

Matthew Bonner

unread,
Aug 4, 2014, 11:01:50 AM8/4/14
to silverst...@googlegroups.com
What you want to do is rename the registration page, as it is clearly the registration page being compromised. Somehow the captcha validation is being bypassed, renaming the registration page from time to time helps, even if it causes a few problems, it is still better than spending hours deleting spam posts and registrations.

jpalsu

unread,
Aug 5, 2014, 2:08:19 PM8/5/14
to silverst...@googlegroups.com
Hi,

This problem is too hard for me,
but If this below can help you...

Honeypot in UserForms » All other Modules » SilverStripe.org - Open Source CMS / Framework
http://www.silverstripe.org/all-other-modules/show/18847


Combatting Spam - Perch CMS documentation
http://docs.grabaperch.com/docs/blog/spam/

Comment spam prevention for your blog - Akismet
https://akismet.com/

User Registration Spam Prevention - WangGuard Anti-Splog
http://www.wangguard.com/

The Web's Largest Community Tracking Online Fraud & Abuse | Project Honey Pot
https://www.projecthoneypot.org/



Bests regards

Friendly,

jpalsu
><((((°> <°))))><
Euskadi, I Love it !
Maite dut Euskal Herria
Le Pays Basque, J'aime
--
You received this message because you are subscribed to a topic in the Google Groups "SilverStripe Core Development" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/silverstripe-dev/qnIFobIM6Os/unsubscribe.
To unsubscribe from this group and all its topics, send an email to silverstripe-d...@googlegroups.com.

To post to this group, send email to silverst...@googlegroups.com.
Visit this group at http://groups.google.com/group/silverstripe-dev.
For more options, visit https://groups.google.com/d/optout.

Zenmonkey

unread,
Aug 5, 2014, 2:12:37 PM8/5/14
to silverst...@googlegroups.com
I'd been using a combination of honeypot field and submision time index on my forms for a while. It seemed to only worked as a stop gap. Bots started getting through after a year. I've moved to Akismet and it seems fine so far.

jpalsu

unread,
Sep 20, 2014, 4:17:39 AM9/20/14
to silverst...@googlegroups.com
Hi,

Is ther some Rss 
for SilverStripe.org, SS.com, SS Forums ?

Thanks

jpalsu

unread,
Sep 20, 2014, 4:32:52 AM9/20/14
to silverst...@googlegroups.com
Hi Swaiba,

Is there some Rss

jpalsu

unread,
Sep 20, 2014, 4:37:14 AM9/20/14
to silverst...@googlegroups.com
Hi Cam Findlay,
Le Pays Basque, J'aime
Reply all
Reply to author
Forward
0 new messages