Management Charles Posted August 7, 2023 Management Posted August 7, 2023 This topic only applies to those on our cloud services. As we prepare to launch improved spam management, we are also making changes to traffic control. We have many tools in place to stop malicious traffic on our network. These tools stop day to day bad actors and can also handle situations where we get a huge flood of traffic in a denial of service attack. It is always a balancing act to stop bad traffic while allowing good traffic. There have been some situations where real users were getting blocked because they were getting caught up in a suspicious IP range, for example. When you were caught in a block, all you got was a permission denied page and that was it. This is what we want for bad bots or attacks, but for real people that is no help. So today we are launching a new system where you will be presented with a captcha (or similar) challenge to bypass a bot-focused block. This will allow you, and your visitors, to continue browsing your community if you are caught in a block you should not be in. It also lets our firewall and other systems learn and do a better job of blocking bad traffic while allowing people in. Please let us know if you experience any issues, inability to access a community, or you are prompted more than once for the challenge to access. In normal operations, you should really never get the challenge prompt so please also let us know if you see it more frequently. Matt, SeNioR-, David N. and 4 others 7
Markus Jung Posted August 28, 2023 Posted August 28, 2023 I installed the tool chatbox+ and now I am prompted repeatedly to solve a quiz, and probably also my users. Good thing: The quiz is shown in my local language (German). Will the system learn this and not ask us again after some time? I am on Cloud.
David N. Posted September 8, 2023 Posted September 8, 2023 On 8/7/2023 at 8:38 PM, Charles said: Please let us know if you experience any issues, inability to access a community, or you are prompted more than once for the challenge to access. I just saw the following after I clicked on member's avatar to see his profile. Is this part of the new spam prevention system?
Marc Posted September 8, 2023 Posted September 8, 2023 That is correct, yes. If you answer that, you should be back in right away. This is one of those situations where a real user (yourself) has been caught up in the prevention. This was added to ensure you can get back as soon as possible David N. 1
David N. Posted September 8, 2023 Posted September 8, 2023 That's fine, however I was first confused when I saw that and thought I was victim of a hack or a phishing scam (the black line at the bottom looks like a text field). The problem is that the look of that form is completely unfamiliar, and it looks like one of those fake ads that have fake buttons like "Submit" or "Verify" etc to make you click them by mistake. I feel like that the look of that form should match the branding of my site: keep the site header, use the same font I'm using on the rest of the site, same button as in the forum etc... just like the Invision Community Alert pop-ups. Sonya* and Markus Jung 2
Randy Calvert Posted September 8, 2023 Posted September 8, 2023 Remember this is happening outside of the IPB software itself. That check is being done by the WAF. It’s not aware of your theme settings etc. it’s not “themeable”. Jim M 1
David N. Posted September 11, 2023 Posted September 11, 2023 On 9/8/2023 at 5:51 PM, Randy Calvert said: Remember this is happening outside of the IPB software itself. That check is being done by the WAF. It’s not aware of your theme settings etc. it’s not “themeable”. Ok I understand. However in my opinion that's an issue for visitors who are seeing this and wondering where it's coming from and whether or not it's legit. Markus Jung and G17 Media 2
Marc Posted September 11, 2023 Posted September 11, 2023 3 hours ago, David N. said: Ok I understand. However in my opinion that's an issue for visitors who are seeing this and wondering where it's coming from and whether or not it's legit. The alternative unfortunately would be not protecting the network in the case of attacks. Its somewhat of a balancing act these days. It should be rare that you see these David N. 1
ekforum Posted February 7 Posted February 7 On 8/8/2023 at 1:38 AM, Charles said: Please let us know if you experience any issues, inability to access a community, or you are prompted more than once for the challenge to access. In normal operations, you should really never get the challenge prompt so please also let us know if you see it more frequently. It is happening regularly now for users. It also degrades the credibility as it looks like have accidentally gone onto a spam website / clicked on the wrong link due to the way the captcha is designed and looks. And degrades the credibility of my forum IMO https://invisioncommunity.com/forums/topic/477069-captcha-now-on-cloud-hosting/ Markus Jung 1
Markus Jung Posted February 7 Posted February 7 Same here, and it is often the first page a (new) visitor sees. If I was greeted with such a page somewhere else, I would leave immediately. And I haven't seen something similar on any other website. There is no hint that the user is on the website he intended to visit, just the warning/captcha as first impression. ekforum 1
Heavy Harmonies Posted February 7 Posted February 7 I'm getting complaints from many of my board users about this. Some of them are encountering this CAPTCHA spam with EVERY single attempt to post. Not good, guys.... not good.
Management Charles Posted February 7 Author Management Posted February 7 52 minutes ago, Heavy Harmonies said: I'm getting complaints from many of my board users about this. Some of them are encountering this CAPTCHA spam with EVERY single attempt to post. Not good, guys.... not good. We made a change a few hours ago to reduce the challenges. Are you still seeing people being prompted?
Saurabh Jain Posted February 9 Posted February 9 On one site I ahve been asked many times witha quiz challenge as an admin I want to post fats but it ask me .... on other site there is no such challenge sene however i am not bale to mange spam abd I dont knwo how to do since 2010 I am running that community but could not get right support as well
Marc Posted February 9 Posted February 9 27 minutes ago, Saurabh Jain said: On one site I ahve been asked many times witha quiz challenge as an admin I want to post fats but it ask me .... on other site there is no such challenge sene however i am not bale to mange spam abd I dont knwo how to do since 2010 I am running that community but could not get right support as well This should have been resolved now. Let us know if its not
Recommended Posts