Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt November 11, 2024
Morrigan Posted May 5, 2009 Posted May 5, 2009 So I was considering the complaints on spam and I remembered one thing that I think might help in alleviating some spam bots, it would require a source code change but I think it might be worth it. It might have already been changed in 3.0 but I think this might help: Change the Email address fields name. I truthfully think that there should be an option in security and Privacy that allows you to set the field name so that it is not the default EmailAddress. I'm pretty sure as long as it's inserted properly it will work just the same as having the field named EmailAddress. I ask that it be a field instead of just changed because if it can be set individually each site is more likely to have a uniquer field name which would in turn make it more difficult for spammers to identify the field and fill it out. That may not help with human spammers but it could very well slow them down. Just a thought.
CynicalFrost Posted May 5, 2009 Posted May 5, 2009 heh heh... I can imagine some good field names already. Not a bad idea since bots look for signs. Although, I fear that bots would adapt and, in the end, look for the odd name field if it can't find the email one by default.
Guest Posted May 5, 2009 Posted May 5, 2009 Another problem is that within a week, the bots would be reprogrammed to instead look for the one field that isn't named something they expect (find name, password, custom field 1, custom field 2, the only field left is bound to be email address).
Morrigan Posted May 5, 2009 Author Posted May 5, 2009 Not if they are all settable to different parameters. Like I could imagine changing the Username to: Corrupted The Password to: Rider The Email to: Carousel It can help quite simply because it defaults to certain field names, it expects things in them/in the coding to fill them out, if we have the ability to uniquely set them it would be more difficult for them to just pick them out using a script.
Connor T Posted May 5, 2009 Posted May 5, 2009 Just re-generate the hard-coded form names everytime, based on your session. So unless they figure out the pattern to generate they can't auto-populate the register form.
CynicalFrost Posted May 5, 2009 Posted May 5, 2009 Oh. You mean to have the all registration form fields names defined differently?That would work. If they are all different than the default, then the bot would definitely have an issue trying to figure it out. It just occurred to me that the password field will be obvious, regardless of the name you give it.
Ryan H. Posted May 5, 2009 Posted May 5, 2009 A similar discussion from a week ago: http://forums.invisionpower.com/topic/283419-ipb-should-use-recaptcha-for-login-purposes/page__view__findpost__p__1798610
Morrigan Posted May 5, 2009 Author Posted May 5, 2009 [quote name='iBotPeaches' date='05 May 2009 - 02:02 PM' timestamp='1241546540' post='1799952'] Just re-generate the hard-coded form names everytime, based on your session. So unless they figure out the pattern to generate they can't auto-populate the register form. This was my first idea but I wasn't sure how hard that would be to add to the source code.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.