Jump to content
Matt
 Share


IP.Board 3.4 Dev Update: Anti-spam Enhancements

It's an unfortunate fact that when you run a successful site, you attract unwanted users posting spam on your site. IP.Board has always been incredibly pro-active in preventing spam users from signing up by making use of built in tools such as the question and answer challenge, spam monitoring service and CAPTCHA systems.

I'd like to take a moment to talk about some enhancements we've made in IP.Board 3.4.0 to help prevent unwanted posts and spam.

Spam Monitoring Improvements

We've further enhanced the spam monitoring service in IP.Board 3.4.0 by adding a new option: "Do not permit the user to register an account". This reduces the amount of clean up you need to do after a new wave of attempted spam user sign-ups.

Furthermore, the "flag a member as a spammer" tool optionally deletes posted content rather than simply hiding them further reducing the amount of work needed to maintain your community.



We have also totally reworked our spammer-detection logic behind the scenes to make the spam monitoring service detect spammers more quickly. In addition to internal changes, we are also looking at direct integration with services like Project Honey Pot and others. The great thing about the spam monitoring service is that we can make improvements on our side that are instantly beneficial to your community.

keyCAPTCHA Integration
IP.Board has made good use of the popular reCAPTCHA service to limit the number of "bots" that sign up to your forum with the intent of posting spam. The idea being that a slightly jumbled selection of letters is easy enough for a human to read but more difficult for a computer program. However, some do find that the CAPTCHA images are becoming increasingly complex to keep up with more intelligently written programs to defeat them.

KeyCAPTCHA takes a novel approach to this problem by using images instead of letters and numbers. You simply arrange a few large pieces of a very simple puzzle to complete an image.



You don't need to be completely accurate when building the image, either.



This is now an option in the IP.Board Admin CP. Should you wish to enable it, you'll need to register an account with keyCAPTCHA. The link for this is contained in the setting form and is very straight forward.

As always, we look for new ways to help make running your community a little easier and we look forward to helping you keep those spammers at bay!

 Share

Comments

Recommended Comments



However, some do find that the CAPTCHA images are becoming increasingly complex to keep up with more intelligently written programs to defeat them.

I'm finding captchas more hard to decipher myself. Sometimges I wonder if I'm a robot.

Link to comment
Share on other sites

I was sort of expecting that KeyCaptcha would be added as an option in 3.4 at some stage. :)

 

This may help with human assisted spambots too, as although a few are (paid) to read the capcha I doubt they would want to re-arrange some pieces, whereas a genuine member would not have any real concern in doing this.

Link to comment
Share on other sites

I was sort of expecting that KeyCaptcha would be added as an option in 3.4 at some stage. :smile:

 

This may help with human assisted spambots too, as although a few are (paid) to read the capcha I doubt they would want to re-arrange some pieces, whereas a genuine member would not have any real concern in doing this.

Chances are that if the best job they could find was spamming forums then they're probably not smart enough to solve a 6 piece puzzle anyway.

Link to comment
Share on other sites

I've been using KeyCAPTCHA for about 18 months and the total number of spam registrations on my site during that time is still in single digits. It really is a silver bullet against spammers and allowed me to turn off all other anti-spam measures (the IPS spam service was only catching false positives after installing KeyCAPTCHA).

It's a great decision to include this as a standard option in the ACP. I recommend every IPB admin try it out (and there's no need to wait for 3.4, you can get it in the marketplace now).

Link to comment
Share on other sites

Chances are that if the best job they could find was spamming forums then they're probably not smart enough to solve a 6 piece puzzle anyway.

I was thinking of the paid ones, whereby someone is shown captcha's and just has to reply with the answers for pittance really. As they are shown a picture of the capcha rather than actually being directly involved in it, they would not have any control or be able to do anything with it, if that makes sense. :)

Link to comment
Share on other sites

In the future, CAPTCHA will be replaced by a webcam-based system. It asks you to hold up two fingers on your left hand (peace sign), gesture "no" with your head, and then put on a big smile. You do these three actions correctly, you passed.

Link to comment
Share on other sites

Please add Bad Behavior, StopForumSpam and registration time detection (ISBOT). That would put a major dent in spam in IPS.

 

Personally I do not believe in annoying new members with captha's. Capthas will only get broken again.

Link to comment
Share on other sites

This is enough for me to not trust those guys.

http://whois.domaintools.com/keycaptcha.com

MERSANE Ltd

    Nikolay Prays        ()     Orion Mall, Suite #118     Victoria     Mahe,248000     SC





Who are they? Why are they registered in a suite in the Seychelles (And not Russia, where they are based)? Why isn't there any information about them on their own website? Googling the company doesn't return any form of official looking sites (other than WHOIS data).

 

And then there's this blog: http://keycaptchaured.wordpress.com/

Link to comment
Share on other sites

It's good that there's an alternative to reCaptcha now, but I'm not a huge fan of Captchas in general. I'd personally like the see the ability for the Question & Answer challenge to be applied to guest posting as well as registrations. "What color is the blue alligator" and the like all but stop spammer registrations on my board.

Link to comment
Share on other sites

  • Management

This is enough for me to not trust those guys.

http://whois.domaintools.com/keycaptcha.com

 

Who are they? Why are they registered in a suite in the Seychelles (And not Russia, where they are based)? Why isn't there any information about them on their own website? Googling the company doesn't return any form of official looking sites (other than WHOIS data).

 

And then there's this blog: http://keycaptchaured.wordpress.com/

 

Stay in business long enough, and you'll have hate-blogs in your honour. :)

 

It's an option for those that want to use it. The default is still reCAPTCHA.

Link to comment
Share on other sites

The AreYouAHuman CAPTCHA is an American company based in Detroit. Might be good to look at integration of this when time permits if keyCAPTCHA's location leaves many uneasy. It also looks harder for a computer to solve.

 

Other enhancements are also great additions!

Link to comment
Share on other sites

I tried to like KeyCaptcha. Thought it was a nice concept, but registrations went down after I implemented it. There are also some accessibility concerns. Perhaps a wider adoption will expose more users to it, and registrations will increase.

 

re-captcha has become all but impossible sometimes. Challenge questions seem the best answer at present.

Link to comment
Share on other sites




Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Add a comment...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...