Jump to content

Busy Forum: Spam Prevention + Optimisation


MartyMcFly

Recommended Posts

Hello!
We run a very large forum (500k+ members) and recently upgraded from v1.3 to v3.4.6.
We used v1.3 for almost a decade and implemented many custom features during that time to help us tackle spammers and trolls. Unfortunately, due to the subject matter of our forum (a computer game!), it is a magnet for teenage spammers and trolls who register new accounts at ridiculous speeds. We get hundreds, and on some days over a thousand new accounts per day, so manual account validation is not feasible.
Obviously there's no way to prevent this completely, but there's features we'd like to see that would, at the very least, slow down the spammers:
  • Posting flood control delay group setting: Make 'Posting flood control delay' a group setting rather than a global setting. Then we can set up a Newbies group with high flood control, and the members in that group can be automatically promoted to the standard Members group after X days, or after making X posts, or whatever.
  • Disable group embedded media: Make it so that groups can only post links to images/media rather than being able to use embedded IMG/YouTube tags.
  • Stealth banning: Stealth banning so that spammers won't realise they've been banned, reducing the speed at which they attempt to register new accounts. This is a proven spam-prevention method by big communities such as Reddit.
  • Show IP addresses for all member posts: Show IP addresses beside posts when finding all posts under member profiles.
  • Auto (stealth) ban posters of blacklisted media and links: Automatically ban people who post blacklisted URLs and media. Also allow URL prefixes or regex so we can blacklist entire domains and other URL structures.
  • Warn users of risky URLs: Introduce an option to warn users of unapproved URLs posted by members of certain groups. Viewers of the post should be warned that the URL has not been approved by a moderator and that they should proceed with caution.
  • Use PHP user-land persistent caching for the online user list: Implement the online users list in memory alone, using user-land persistent variable caching instead of a database. (Such as apc_store, apc_add, apc_fetch, etc.) We've found this to be the single-biggest performance increase for IPB.

Thank you!

Link to comment
Share on other sites

  • Posting flood control delay group setting: Make 'Posting flood control delay' a group setting rather than a global setting. Then we can set up a Newbies group with high flood control, and the members in that group can be automatically promoted to the standard Members group after X days, or after making X posts, or whatever.

You can control this on forum using groups ! first need make sure have post limit delay set via ADMIN CP - SYSTEM - SYSTEM SETTINGS -SYSTEM - SECURITY AND PRIVACY - Security [Managing Members] - Posting flood control delay (in seconds)

Then by default all group will have post delay unless been removed to check this go to ADMIN CP - MEMBERS - MEMBERS GROUP - - MANAGER MEMBERS GROUPS - EDIT GROUP - FORUM TAB - Avoidance - Can avoid flood control?

You can also create group move good members in so first when sign up default members group then have setting on x post move x group.

  • Stealth banning: Stealth banning so that spammers won't realise they've been banned, reducing the speed at which they attempt to register new accounts. This is a proven spam-prevention method by big communities such as Reddit.

Have installed this APP http://community.invisionpower.com/files/file/5143-stop-spammer-registration/ if not will reduce amount Spam account being created.

  • Warn users of risky URLs: Introduce an option to warn users of unapproved URLs posted by members of certain groups. Viewers of the post should be warned that the URL has not been approved by a moderator and that they should proceed with caution.

If have approved by moderator in select forum this will already do above !

Auto (stealth) ban posters of blacklisted media and links: Automatically ban people who post blacklisted URLs and media. Also allow URL prefixes or regex so we can blacklist entire domains and other URL structures

Already do this !!

Link to comment
Share on other sites

Are you using the IPS Spam filter? This will cut down on a lot of spammers before they even register with you.

I would also look at basic options such as Captcha, Email verification and question & answer.

If you can enable all of these, then I would be surprised if you get many spammers.

Link to comment
Share on other sites

Hi! I'm an administrator from the same site as the OP.

  • Posting flood control delay group setting: Make 'Posting flood control delay' a group setting rather than a global setting. Then we can set up a Newbies group with high flood control, and the members in that group can be automatically promoted to the standard Members group after X days, or after making X posts, or whatever.

You can control this on forum using groups ! first need make sure have post limit delay set via ADMIN CP - SYSTEM - SYSTEM SETTINGS -SYSTEM - SECURITY AND PRIVACY - Security [Managing Members] - Posting flood control delay (in seconds)



Then by default all group will have post delay unless been removed to check this go to ADMIN CP - MEMBERS - MEMBERS GROUP - - MANAGER MEMBERS GROUPS - EDIT GROUP - FORUM TAB - Avoidance - Can avoid flood control?


Thanks for the suggestion, but it's not an ideal solution. That would involve disabling flood control completely for 95% of our members. It's not just new accounts that go on spam rampages; occasionally there are old accounts too. Also not forgetting compromised accounts. The ideal solution is to have high flood control for newbies (e.g. 5 minutes) and lower flood control for normal members (e.g. 1 minute).

  • Warn users of risky URLs: Introduce an option to warn users of unapproved URLs posted by members of certain groups. Viewers of the post should be warned that the URL has not been approved by a moderator and that they should proceed with caution.

If have approved by moderator in select forum this will already do above !


Our forum receives on average 10,000 new posts every day, so manual approval is not an option. We need automated solutions.

Auto (stealth) ban posters of blacklisted media and links: Automatically ban people who post blacklisted URLs and media. Also allow URL prefixes or regex so we can blacklist entire domains and other URL structures

Already do this !!


I see the URL filtering options, but is there an option to automatically ban users who post blacklisted URLs?

Are you using the IPS Spam filter? This will cut down on a lot of spammers before they even register with you.

I would also look at basic options such as Captcha, Email verification and question & answer.

If you can enable all of these, then I would be surprised if you get many spammers.

Yes, we use all of these. However, robots aren't the problem - the problem is angry teenagers with too much time on their hands. :smile:

Use PHP user-land persistent caching for the online user list: Implement the online users list in memory alone, using user-land persistent variable caching instead of a database. (Such as apc_store, apc_add, apc_fetch, etc.) We've found this to be the single-biggest performance increase for IPB.

I can't stress enough how important this is. Our forum is completely unusable with the active users list enabled because of the high activity.

Link to comment
Share on other sites

The problem claim can resolved if setup correct forum permissions all new members would need post checking but if had http://community.invisionpower.com/files/file/5143-stop-spammer-registration/ this installed first reduce spam from spam bot unable sign up then if past that have them being checked during x amount post again reducing spam.


Manual approval is not a practical solution for busy forums such as hours. We get hundreds of new accounts each day, and around 10,000 posts (on average) each day.

As I mentioned in my previous post, spambots are not the problem - the problem is real users who continually re-register to spam our forums, using different emails and IP addresses each time. There is currently no practical solution available for dealing with this. I've searched on IPS Marketplace and, as far as I can see, there is no app available that will help us.

The problem is very bad due to the subject matter of our forum and the audience that it attracts. On IPB 1.3, we developed a quick & dirty hack to increase flood control for newbies, however we lost this during the upgrade.

To give you an idea of what we're dealing with, we had one troll register over 400(!) new accounts over a period of just a few months to post porn. And no, I'm not joking. :(

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...