Shalom friends! Moderator Ramsi here o/
So, as I'm sure the early to late forum users have noticed we've been under attack by bots posting things along the lines of "耶稣基督帮我你个狗娘养的SHOPBESTVIAGRAMAGAZINE.NOPE" and then a long line of that being spammed for about 100 times in a topic, then that topic gets cloned as many times as the user can before they get banned. It goes without saying but these are bots and they deserve death. Before anyone throws a huff or a puff by the way the term Moonspeak has been culturally accepted by most Asian territories so relax... <3
Sometimes the bots spam in Chinese, we had three bots spamming in Japanese, and a large number of them seem to post in Korean dialects. We really can't do too much to counter it just short of closing down registration and personally that's not something I'm comfortable with as the influx of new users daily is a marvelous thing and I don't feel one apple spoils the bunch. Now there are some options we can follow but most of them take time and resources that just aren't worth expending but I assure you all there is a fix for the problem coming down the pipe, it'll just take a bit so sit tight folks! Oh, and before anyone just screams "CAPTCHA THE HELL OUT OF IT!" Yeah we're almost 5000% sure that the bots are having accounts made for them then told to run rampant so captcha only goes so far these days.
"So, what is actually being done about the spammers?"
WELL I'M GLAD YOU ASKED. We have, to date, 9 global moderators who have total access to every inch of the boards for cleaning up messes. Believe it or not we get maybe 1-2 reports every few days anymore because for the most part you lot police yourselves, which is amazing by the way DON'T TAKE THAT AS A CHALLENGE, but as I'm sure some of you can assume that means problems are generally first come ~ first serve for the mods so when these spammers come out of the wood works at a normal time it's not uncommon to see 3-5 moderators light up on the active lists. We hit like piranhas most of the time trying to dismantle and solve problems, it's why we're here. With a spammer we try our best to go into overdrive as they tend to crank out topics ASAP. Mass deletions, tracking, banning of bots, etc.
"So what can I do to help?"
REPORT. HOLY CRAP IF YOU SEE A SPAMMER REPORT ASAP! Don't think "oh well I'm sure everyone else is reporting them too so I won't bother." No, to hell with that friendo! Report them as soon as you see them! I'd rather clean up 20 duplication reports but hit the spammer almost as soon as they start than have seven users at three in the morning not report a spammer; suddenly we wake up to 500 topics because of people questioning if they should report.
MODERATION WILL NEVER BE ANGRY AT A REPORT. EVEN THE SILLIEST REPORT!
Did you see what I did there? It's obnoxious and orange and it makes me want to harvest all of my prisoner's organs out of pure rage. Seriously though, we're here for you guys and to keep Tynan from having to do anything other than responding to posts and working on his sassy little game. If we have a problem with serial reportists we will talk to that person but other than a moderator telling you to stop please report to your heart's content.
Tl;dr: Mods killing spammers, report harder nerds!
Alright well go on with your day folks, I'm going to GO for a bit.
(http://i.imgur.com/0dzptuK.gif)
The thread will be unstickied after a week or two, just making sure the word gets out ;)
Capcha on login and / or registration should prevent this?
Quote from: zandadoum on August 13, 2016, 02:15:44 PM
Capcha on login and / or registration should prevent this?
Tynan tried to find out a proper good one to prevent bots quite a while ago when there was huge bot troubles like.. maybe a year ago? (He even asked around in twitter for some strong stuff for weeding out bots, as far as I recall!)
and it did work really well so far
Quote from: Shinzy on August 13, 2016, 03:20:09 PM
Quote from: zandadoum on August 13, 2016, 02:15:44 PM
Capcha on login and / or registration should prevent this?
Tynan tried to find out a proper good one to prevent bots quite a while ago when there was huge bot troubles like.. maybe a year ago? (He even asked around in twitter for some strong stuff for weeding out bots, as far as I recall!)
and it did work really well so far
Spammers tech keeps evolving. So must the anti spam tech.
You can't just install something static and expect it to work forever.
I don't know compatible apps/mods for this specific forum software, but the must be some piece of capcha compatible and up to date with current spams.
Some paid ones have database updates like antivirus to keep on pair with spammers, so might be worth looking into that.
Worst case scenario: a forum migration might be in order, to a better forum software.
Can't you just block messages with asian ideograms ? You could leave one subforum where they are allowed, so when someone from Asia comes he can post there and be whitelisted.
Quote from: b0rsuk on August 13, 2016, 03:39:17 PM
Can't you just block messages with asian ideograms ? You could leave one subforum where they are allowed, so when someone from Asia comes he can post there and be whitelisted.
How would this help when spammers (even Asian ones) start using occidental characters instead?
PS:
@OP
try if FAIL2BAN works. I have it on all my mail & webservers but I don't know if it works specifically for this forum software other than running on the whole server instead just forum.
EDIT: found this pretty informative post:
http://www.simplemachines.org/community/index.php?topic=452752.0
I don't know if maybe it would be a lot of moderation work, but if it's possible for posts to go to the moderation queue until someone has had five to ten posts approved, that would defeat the purpose of bot spamming.
They use this sort of system over on the KSP forums.
Perhaps just use a post counter, for example if some user makes a high amount of posts in a short amount of time, they get flagged automatically as requiring moderator attention and don't get posted until the moderator verifies its not a spam bot. The same could be applied to multiple threads over a short period of time. Maybe even add something on that checks for high similarities between posts and lowers the post counter significantly based on that.
Quote from: chaotix14 on August 14, 2016, 03:48:29 AM
Perhaps just use a post counter, for example if some user makes a high amount of posts in a short amount of time, they get flagged automatically as requiring moderator attention and don't get posted until the moderator verifies its not a spam bot. The same could be applied to multiple threads over a short period of time. Maybe even add something on that checks for high similarities between posts and lowers the post counter significantly based on that.
Or some way to flag them and let them keep posting, but give the mods an option to automatically take down all of their posts from the user page?
I am assuming that if there is a spam of many many of the same threads that it will be sufficient to just report one of them.
Yes, that's correct. Once we identify a spam account, we both ban it and delete all its posts.
And as most everyone knows, I'm pretty active here on a regular basis. It's a testament to our moderator teamwork that the last two major incursions were dealt with before I had a chance to lift a finger. Keep reporting spam so I can get in on the section! :D
Quote from: milon on August 15, 2016, 03:13:37 AMlast two major incursions were dealt with before I had a chance to lift a finger.
Lazy bugger
Lately I see on Reddit people complaining about being banned from the forum. Can it be related? (When you ban is it by IP range ?)
https://www.reddit.com/r/RimWorld/comments/4xxcaf/banned_from_ludeon_forums/
https://www.reddit.com/r/RimWorld/comments/4x05cm/banned_from_forum/
https://www.reddit.com/r/RimWorld/comments/4xcyv9/im_banned_for_no_reason_please_help/
Was just trying to help. Keep up the good job guys o7
For a short while we were using IP bans, but that did end up blocking legit users.
Regarding the links - thanks for digging those up. I don't have a reddit account, nor do I plan to make one. If anyone does have a reddit account, feel free to relate what I'm saying here:
https://www.reddit.com/r/RimWorld/comments/4xxcaf/banned_from_ludeon_forums/
That's not a banned user. It's a server error of some type. That user should try again.
https://www.reddit.com/r/RimWorld/comments/4x05cm/banned_from_forum/
This person should email Ludeon Support (
[email protected]) or have a friend PM me. We'll look into it.
https://www.reddit.com/r/RimWorld/comments/4xcyv9/im_banned_for_no_reason_please_help/
This user was correctly informed to contact Ludeon Support. Hopefully they did. :)
Thx for the quick reply. I will try to pass the message there.
Thanks for relaying the messages! :)
I was actually prevented from posting due to a broken verification image earlier. I mentioned a potential solution: write your own verification system. Any self-developed system (even if it's a simple button that sends an ajax post) should do the trick. If you do it that way you won't need to have your users answer silly verification questions or have to deal with a lot of hassle.
Quote from: NullQuery on August 16, 2016, 02:08:17 PM
I was actually prevented from posting due to a broken verification image earlier. I mentioned a potential solution: write your own verification system. Any self-developed system (even if it's a simple button that sends an ajax post) should do the trick. If you do it that way you won't need to have your users answer silly verification questions or have to deal with a lot of hassle.
I saw you communicate via the report post thing, it was really fascinating ride to follow ;D
Quote from: Shinzy on August 16, 2016, 02:35:16 PM
I saw you communicate via the report post thing, it was really fascinating ride to follow ;D
Was anything ever done about that offensive post though?
Quote from: NullQuery on August 16, 2016, 02:39:05 PM
Quote from: Shinzy on August 16, 2016, 02:35:16 PM
I saw you communicate via the report post thing, it was really fascinating ride to follow ;D
Was anything ever done about that offensive post though?
It was real Raymon Redding situation there. That post now has diplomatic immunity as it's services as conduit for communication was required
Quote from: Shinzy on August 16, 2016, 03:00:42 PM
It was real Raymon Redding situation there. That post now has diplomatic immunity as it's services as conduit for communication was required
congratulations, you actually used a phrase that made me use google. good job.
moving on, I noticed the term "global moderators". does that mean you have normal moderators to supplement/support the globals? interesting chain of command here....
Another one tonight, it seems that every night about the same time we have this issue.
Quote from: billycop32 on August 16, 2016, 08:49:08 PM
Quote from: Shinzy on August 16, 2016, 03:00:42 PM
It was real Raymon Redding situation there. That post now has diplomatic immunity as it's services as conduit for communication was required
congratulations, you actually used a phrase that made me use google. good job.
moving on, I noticed the term "global moderators". does that mean you have normal moderators to supplement/support the globals? interesting chain of command here....
Oh I hope it was to find out about Raymond and not to decode my grammar ;D
(Thank you?)
Anyway global moderators are at the collar end of the command chain
it's just global as in we've got the access/moderationrights everywhere in the board
There aren't any other kind of moderators.. except for Skully.. he's bit different.
I tried to have Fluffy deputised as my minion but Ty wouldn't do it
slap another spam down. you gotta admire their resilience though.
and yes it was raymon redding.
Seems the spambots are a bit later than usual today. Hopefully someone's still/already awake to slap them down.
I only ever see 'em when none of you guys are online, report 'em every time I see them. Either they watch the boards to see when all the mods are off, or you guys are just that quick to slaughter them where they stand. ;D
Either way, Cheers!
Quote from: Coenmcj on September 02, 2016, 12:48:45 AM
I only ever see 'em when none of you guys are online, report 'em every time I see them. Either they watch the boards to see when all the mods are off, or you guys are just that quick to slaughter them where they stand. ;D
Either way, Cheers!
(speaking from experience as a mod on other forums.)
more like quick to slaughter them where they stand. just because someone appears to be offline doesn't mean they aren't watching from other methods like a open email. Not to mention a lot of forums allow you to "hide" or appear to be offline
even though you are still on the forum. Like a hunter stalking the prey....
Quote
Spammers tech keeps evolving. So must the anti spam tech.
Yes this is the case, there is forum spamming software out there called Xrummer it's kinda of widely known about secret in the blackhat marketing world. You just plug in some keywords and it goes out and finds all the forums on the net that are related to that keyword and then proceeds to create accounts automatically and start posting your spam in every thread/topic/section it gains access to. (Not to mention other 0-day exploits on any and all forum softwares.
Quote
Worst case scenario: a forum migration might be in order, to a better forum software.
It doesn't matter what forum software you're on the software targets all the most popular and also free forums available.
I've been in marketing for 9 years and know a great deal about different techniques and tools available for such things. (Note: inbe4-screams of Spammer comes my way, just cause I know about them doesn't mean I employ these techniques personally. Best way to stay competitive in any business is to know your competition.)
Captchas also are not really effective either, There is proof of concept advanced OCR that was shown a few years back that successfully defeated RE-Captcha (owned by google) and various other captcha solutions automatically. Thankfully it was never released publicly and only shown off as a demostration, otherwise the spam problem would be even greater then it currently is. Also there are blackhat services available with API's that allow you to copy the captcha image and send to a live data entry agent (Usually Indian or Filipeno) that will type the captcha out and send it back to your software to defeat the captcha. Semi-Automated and only limited by the amount of cash you throw at these services. Implementing Captcha will slow things down, but will never truly get away from the problem at hand, and as a bonus you also cost the spammers a bit of cash with each captcha they solve.
The newer captcha systems that make you click on and choose specific images or the ones that have like a mini-game (puzzle to complete) are the best ones available at this point since there requires mouse interaction and "problem solving (ie. a puzzle) with the captcha instead. And the captcha solving services aren't able to accept these types to solve by hand.
Just some food for thought on the whole issue from someone that's been in the industry for quite a long time. Typically I just ignore threads like these, however I really love RimWorld and the work being done over at Ludeon Studios so thought I'd offer up a bit of my experience in the matter as a thank you.
@ All
Bumping this to kindly request and remind all RimWorlders to please report any spambot posts you see asap, and please don't assume someone else has already reported them, or that we (the moderators) will see the spambot posts ourselves. We likely will see them (at some point) but unfortunately perhaps not until after they've made a considerable mess. Which was the case earlier today, since anybody visiting the mods forum couldn't possibly have missed the 1,000+ spambot posts that were generated by a pair of bots inside of 4 hours.
So if you see a spambot post (they ae very obvious) then please report it so that we can ban the bot and clean up the mess as soon as possible, and before it gets to ridiculous levels of 1,000+ posts.
Thanks.
try a combination of captcha (hard ones and the newest tech only, also with great variation in their style to make coding just that much harder), e-mail registration (while you only accept well known and trusted companies) and limitation of ANY user on how many comments they can post and threads they can start and private messages they can send. (hourly limit, daily limit, weekly limit and maybe even more. it will make sure more users make more quality comments aswell. just like me. sometimes my comments lack quality. sorry about that.)
if you had an hourly limit of 20 posts and a daily limit of 100, the most recent spam could not have happened to such a level. 4 hours times 2 accounts = 160 posts. and these arent even restrictive numbers for normal users. personally, i'd go with like 5 posts per hour and 20 per day. that's 40 spam messages.
and we arent even talking about starting threads. i'd put the limit to 1 per hour and 5 per day.
Quote from: billycop32 on September 02, 2016, 01:37:51 PM
Quote from: Coenmcj on September 02, 2016, 12:48:45 AM
I only ever see 'em when none of you guys are online, report 'em every time I see them. Either they watch the boards to see when all the mods are off, or you guys are just that quick to slaughter them where they stand. ;D
Either way, Cheers!
(speaking from experience as a mod on other forums.)
more like quick to slaughter them where they stand. just because someone appears to be offline doesn't mean they aren't watching from other methods like a open email. Not to mention a lot of forums allow you to "hide" or appear to be offline even though you are still on the forum. Like a hunter stalking the prey....
you can literally just log out
it's as easy as that
honestly? i do that