HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Shoutboxes and Spammers: A Fair Warning

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#91923 (In Topic #18462)
Avatar

Community saint

Greetings,

I am and have been a loyal and enthuastic ocPortal user for many years now, powering my site with ocPortal since the late 3, early 4 series.

During this time I have had a shoutbox on the main part of my site, the forum. This shoutbox is an ocPortal piece of work which in reality is simply a mirror of a chatroom, which in my case was the General chatroom. 

My membership has been low - around 23 members, not even half of which are frequent vistors or active on the site. Lately I have been working hard on addressing that problem, having a Help & Questions chat room set as guest friendly, having the shoutbox guest friendly, and having almost all of the site so that guest can see what is there before deciding to join. I have also been posting adverts on RPG-D, a website for people to advertise their RPG websites, and for people looking for such sites. Slowly I have started to see some positive growth in activity.

But now something has happened that is working against me and my desires to build an active, and hopefully one day, substainable website - as in enough members opting for subscriptions or purchasing my RPG book - so that its fees are covered not only by my meager paycheck. 

A few days ago I came on my site only to witness horror in the shoutbox. The spammers have found it, and populated it with over 400 spam posts in a period of time less than 4 hours. I did my IP bans, cleaned out the shoutbox, and had to set it to member only.

But that was not the worst of it. These spammers, obviously excited about having found a way in, had broadcast this to all their spammer friends, and my bandwidth for that day and the next two days was more than triple that of what is normally used in a month. My bandwidth went past its cap, and my site was down for a day because of it.

Luckily I have a very good host, Brian Hay, who does this as a passion and a hobby. I know he has a real job to feed his family and pay his bills so I never expect a solution as soon as I send an email. But he was able to get me some more bandwidth so my site was open again, within 24 hours.

Unfortunately, it wasn't enough as my site is down again for bandwidth. I fear that these spammers won't quit trying to get back in now, now that they have had a piece of the site they are obviously hungry for more. I know that Brian will address the problem as quickly as he can though, cause he is just awesome like that.

Anyways, the moral of this story is: Beware. Do not have a guest friendly shout box. It will only invite trouble. 

Legends of Nor'Ova: A site powered by ocPortal; home of the Legends of Nor'Ova tabletop RPG wiki and community.

Like ocPortal? Want to thank Chris and gang somehow? Then help out in the chat room! It really needs your help! Just open it in a tab everytime you open your web browser, and when you hear a "ding", check it out!

"Those who want help should first be willing to give help."
Back to the top
 
Posted
Rating:
#91927
Avatar

Community saint

Thats why i don't use any guest free options. They have only read rights.


http://digiflash.nl Photo community  (dutch)
Back to the top
 
Posted
Rating:
#91932
Avatar

Community saint

That's just nasty :o!

While its too late for this incident, you might want to consider incorporating something like Cloudflare caching down the track to not only reduce bandwidth but also weed out some of the spammers. BobS has had some very good results with the free version.

Looks like the spammers are aware of you in a big way and who knows when or how often they might return.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#91935
Avatar

Community saint

I generally shut down most things to guest where spammers can do such things.    I have a few WP sites for others and use askimet, and it is REAL good at getting rid of spam comments.   So far I haven't seen a single one pass by askimet.   I don't know if OCP has the ability to use that service or not.

But either way, that wouldn't solve your problem, as they would still be using your bandwidth to post comments, they just wouldn't show up…

Unfortunately the only solution is to close it to guests.  

Paul
Back to the top
 
Posted
Rating:
#91945
Avatar

Community saint

temp1024 said

Looks like the spammers are aware of you in a big way and who knows when or how often they might return.

I know, right? And this couldn't come at a worse time, just when site activity has actually started growing and attracting actual real people. Figures spammers would have to get involved.

I doubt that my site is of any real importance that spammers would have been necessarily targeting. However, their noticing of my guest friendly shoutbox seems to have been like blood in the water for them.

I am hoping that I can work with Brian Hay to get all of this under control. While for right now the first symptom to be cured, bandwidth, can only be done with an increase, we gotta find a way to cure the disease. Just raising bandwidth can't be the only approach here. After all, that won't stop the spammers from wagging war on my site.

I'll have to look at options such as Cloudflare to see if I can't get an handle on this very real problem, before it costs me my site!

Legends of Nor'Ova: A site powered by ocPortal; home of the Legends of Nor'Ova tabletop RPG wiki and community.

Like ocPortal? Want to thank Chris and gang somehow? Then help out in the chat room! It really needs your help! Just open it in a tab everytime you open your web browser, and when you hear a "ding", check it out!

"Those who want help should first be willing to give help."
Back to the top
 
Posted
Rating:
#91946
Avatar

v9 has anti-spammer functionality, would be interesting to know if the spammers IPs would be triggered by it, and what threshold on. BobS and I had a long topic about this:
View topic: Sponsorship for feature tracker item #290 - Spammer database - ocPortal.com

There's an OcCLE command for manually checking an IP against the antispam services ocP9 connects to.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#91947
Avatar

Community saint

As soon as my site is up again I'll check that out since my site is version 9.0.2.

Legends of Nor'Ova: A site powered by ocPortal; home of the Legends of Nor'Ova tabletop RPG wiki and community.

Like ocPortal? Want to thank Chris and gang somehow? Then help out in the chat room! It really needs your help! Just open it in a tab everytime you open your web browser, and when you hear a "ding", check it out!

"Those who want help should first be willing to give help."
Back to the top
 
Posted
Rating:
#91948
Avatar

Community saint

Taking temp's advice, I have setup cloudflare. Hopefully this will help once my site comes back online.

Legends of Nor'Ova: A site powered by ocPortal; home of the Legends of Nor'Ova tabletop RPG wiki and community.

Like ocPortal? Want to thank Chris and gang somehow? Then help out in the chat room! It really needs your help! Just open it in a tab everytime you open your web browser, and when you hear a "ding", check it out!

"Those who want help should first be willing to give help."
Back to the top
 
Posted
Rating:
#91952
Avatar

Community saint

Is it possible to do a mod that if it is a guest, even for shoutbox they get the CAPTCHA?   That should shut down most spammers.

And do you have blackhole detection turned on in security->spammer detection?   If that puts in hidden fields in shout box as well and they are using bots, that may help to at least keep their shouts from posting.


Paul
Back to the top
 
Posted
Rating:
#91953
Avatar

Community saint

Um, I'm not sure about the answer to either of those questions. From what I gather, CloudFlare does this automagically for those it suspects as spambots (the captcha thing).

For that other thing, is that an ocPortal function? I don't remember doing anything like that, and can't look right now… site is still past the bandwidth limit.

Legends of Nor'Ova: A site powered by ocPortal; home of the Legends of Nor'Ova tabletop RPG wiki and community.

Like ocPortal? Want to thank Chris and gang somehow? Then help out in the chat room! It really needs your help! Just open it in a tab everytime you open your web browser, and when you hear a "ding", check it out!

"Those who want help should first be willing to give help."
Back to the top
 
Posted
Rating:
#91954
Avatar

Community saint

Yeah, it's in config->security .. maybe new to v9 …  it says what it does it add extra hidden fields to input areas, ones humans can't see or interact with, but bots can pick up and fill in, thus the software then knows that if such a field has data, it was a bot.  Or something along those lines.

Paul
Back to the top
 
Posted
Item has a rating of 5 (Liked by GuestLiked by Jean)  
Rating:
#91955
Avatar

Spam blackhole is not on shoutbox, we'll add that.

Attachment
» Download: BLOCK_SIDE_SHOUTBOX.tpl (863 Bytes, 171 downloads so far)


(this puts in a hidden field that spam bots are likely to fill, but humans won't - so ocPortal uses that to detect spam bots)


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Item has a rating of 5 (Liked by ArboLiked by Jean)  
Rating:
#91961
Avatar

Community saint

Sorry to hear of your woes!
You might wanna legitimately shut your site down for a day or 2 (warn your real members first) and then put an htaccess redirect all traffic to the FBI  or something. Hopefully that'll make the spammers stop trying?
Back to the top
 
Posted
Rating:
#92074
Avatar

Community saint

Well thanks to cloudflre and other security measures, our bandwidth has returned to normal numbers and things have stable-ized.

The only issue I had ran into using cloudflare is one person who I knew wasn't a spammer couldn't register because their IP was marked as a spammer. Cloudflare wouldn't let me trust the IP because it was marked as one of their IP's. I found this odd, but I was talking to the person and knew the person so I worked around it.

But yay, I think I beet the spam bots - for now.

Legends of Nor'Ova: A site powered by ocPortal; home of the Legends of Nor'Ova tabletop RPG wiki and community.

Like ocPortal? Want to thank Chris and gang somehow? Then help out in the chat room! It really needs your help! Just open it in a tab everytime you open your web browser, and when you hear a "ding", check it out!

"Those who want help should first be willing to give help."
Back to the top
 
Posted
Rating:
#92078
Avatar

Community saint

Sorry Chris, your blackhole code didn't help.

I went in and put that new tpl you gave in here in.  Saved. And the moment I made the shout room guest friendly, I got 4 spam bot posts, wanting me to get male enhancement, herbal supplemants, and do online betting….

Man, they were fast! It is like they were just waiting, constantly sending a message at the shout box, and the moment I opened it, they started in.

So yeah, they didn't care about the black holes. Not one bit.

Legends of Nor'Ova: A site powered by ocPortal; home of the Legends of Nor'Ova tabletop RPG wiki and community.

Like ocPortal? Want to thank Chris and gang somehow? Then help out in the chat room! It really needs your help! Just open it in a tab everytime you open your web browser, and when you hear a "ding", check it out!

"Those who want help should first be willing to give help."
Back to the top
 
Posted
Rating:
#92084
Avatar

Community saint

Great to hear that you are back up mythus.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#92105
Avatar

Community saint

Good news that you're up and running.

I remove 'view' access for the 'Shoutbox' for Guests. I also remove view access to the FIRST or 'General' Chatroom for the same reason. These are issues I've had to deal with in the past.

For the unitiated: The 'General' (or whatever you choose to call it) chatroom is considered the primary chatroom and is mirrored in the Shoutbox. You may want to warn your users that anything they say in that chatroom can be seen by any registered user that has dropped in for a nose around.

Sometimes users aren't careful enough in what they say, assuming that since nobody else is in the chat room, their comments won't be read …!!

 :o

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
There are too many online users to list.
Control functions:

Quick reply   Contract

Your name:
Your message: