Community is now completely taken over

21 views
Skip to first unread message

Jeffrey Tucker

unread,
Jun 30, 2011, 9:18:30 AM6/30/11
to mises...@googlegroups.com, misesdev
The hopes for the community (http://community.mises.org) were high but it is now totally overrun with spam.

This is a bit embarrassing for me personally since preparations for this installation date back a full year.

Does anyone have any ideas about what to do? It is not possible to keep up with deleting them manually.

Again, it is WP with http://buddypress.org/


Michael Sandford

unread,
Jun 30, 2011, 10:20:30 AM6/30/11
to mise...@googlegroups.com
I can't load the page so I can't tell if this plugin is installed
already, but there is a CAPTCHA plugin for buddypress.
http://buddypress.org/community/groups/si-captcha-for-wordpress/

Mike

jcfo...@pureperfect.com

unread,
Jun 30, 2011, 10:47:15 AM6/30/11
to mise...@googlegroups.com


1. Have you considered doing deletes at a user level? I.e, deleting a user account automatically deletes all the posts from that user.

2. I'm not really sure how the account sign up works, as the page timed out, but I am sure there is a lot that can be done to verify that they are actually a human being (no not captchas). Asking simple questions, particularly at random intervals seems almost impossible to break.

3  A flag as spam feature would probably help.

4. Have a graduated comment cap that only allows x posts per day for the first day or whatever, but gives the user more freedom once their account is established.

5. Develop an audit trail so that you know where they are coming from.

6. Generate forms with JavaScript.


Anyway, don't despair. It's probably easier to solve than you think. All the spam users seem to be coming from the same software. They all have that generated two tone fractal-looking profile image.

Jarrod Stenberg

unread,
Jun 30, 2011, 4:50:27 PM6/30/11
to mise...@googlegroups.com

I have eradicated comment spam using project honey pot and captcha for anonymous users.

Israel Curtis

unread,
Jun 30, 2011, 5:47:01 PM6/30/11
to mise...@googlegroups.com
FYI - I am in Tennessee, and my internet connectivity is spotty at best... sorry I haven't been more responsive to all the recent activity....

The spam problem in the Community has been pretty narrowly focused. The overwhelming majority of it comes not from comments but from new accounts being created and then spam blog posts being created immediately thereafter on those accounts. These new posts show up in the activity stream, and thus are more publicly noticeable than usual.

There has already been for some time a combination captcha/question/known-spammer-database check on new signups, but some new signups have been defeating all these barriers (I assume by using human "bots" to create the accounts, then turning over to the bot-lords to spawn posts that attempt to appear as legitimate blog posts).

There is a "flag as spam" button now available, and you can access the flagged posts in the Moderation menu of Buddypress.

It is better to mark a user as spammer than to delete the account, as that way the system gets trained, and they are prevented from simply signing up with the same credentials again. Once they've been marked, their blog is suspended and they can't create any new content - they are essentially frozen.

I've even setup the registration page to be a randomized URL every few hours so that spambots can't find the door...

I'm still working on locking out completely manual signups so that users must create accounts with facebook.

thanks for your help and patience...

- ic

Jarrod Stenberg

unread,
Jun 30, 2011, 8:46:13 PM6/30/11
to mise...@googlegroups.com
Please take a look at the attached.  I can do a conference call tomorrow or Saturday if anyone is interested.  I don't have a lot of time to commit to actually coding however. 

The next two months are absolutely crazy for my schedule.
Fighting Comment Spam.ppt
Reply all
Reply to author
Forward
0 new messages