Forum update [was: the forum is flooded by Spam. What can I do ?]

Hallo,

the past few days the “Questions and Answers” forum is flooded by spam messages. Is there anything I can do/help to get rid of them ?

regards

One thing the forum admins could do (of which I volunteer to be one to help delete spam) is remove the 60 second forced time window for reporting spam. I want to help these forums out by reporting the 3 or 4 spam messages in the forums I care about, forcing it to take 3 or 4 minutes instead of the 30 seconds it should take is not helping.

The spam is getting worse. :frowning: If I can do anything to help, I’d happily volunteer.

Yes, the spam is getting worse unfortunately. I’m trying to get modifications installed that can help against this, but the forum software is already modified so new modifications possibly conflict.

Reporting these korean spammers is not necessary as they reveal themselves to me in one glance. In fact i’d rather not have too many reports because i need to acknoledge them one by one, adding even more work.

Edit:
Just tried a few usernames and ip addresses of known spammers with the StopForumSpam service. None of them were marked as spammer. So SFS is of no use with this spam run.

FYI, Lambertus made me moderator to help with this. I think I removed 50-60 spammers in the last 3 days. Feels like a game, you see one popping up somewhere, hit it, and another one pops up :slight_smile:

No seriously, I do this in the morning, which seems to be the moment they all had the chance to write their messages.

[Posted in wrong thread]

Just for the record, I also got my moderator status as a result of the spam wave. I have removed dozens of spammers since then – not sure how many exactly, I’ve lost count.

Thanks, looks like we all remove a lot of them. There is noticeably less spam when visiting the forums, so that’s great!

I’ve hacked the login page with a second username field and a honeypot field. Hopefully this will elude the spammers for a while.

Fingers crossed.

Thanks for taking the time to come up with a solution

Well, this time the implementation delay wasn’t so much lack of time but lack of moments with relative clear thinking to offer the possible solution after two years of sleep-deprivated nights :sunglasses:

Only 6 spammers this morning

Yeah, that didn’t take them long to work around. If this doesn’t stop soon we’ll have to implement heavier measures. Next step in fighting the spam is to add post moderation for new users so that new posts only appear on the forum when a moderator approves it. Lot’s of work but almost guaranteed no spam anymore.

A heads up:
With FluxBB 1.5.8 the forum can automatically promote users from e.g. a New Member group to a Member group (currently all registered forum users are Members except the moderators and admin). When we combine this function with a post moderation system then (obvious) spam would not become visible on the forum, significantly reducing the incentive for spammers to attempt posting. Moderators would only have to approve posts from New Member and after (say) five approved posts the New Member would automatically upgrade to full Member whose posts are not actively moderated.

This week I’ve successfully tested the upgrade from Fluxbb 1.4.8 (current version) to 1.5.8 (latest version). Some modifications to the current forum software will initially be lost but can be added again after the upgrade to 1.5.8. The first obvious modification to re-implement would be the remote user authentication against the main OSM website API. When this is up-and-running the post moderation mod will be installed in the following days.

Sounds good?

Only issue I see with post-moderation is the “Users: *” forums and foreign languages, especially Cyrillic and Asian languages (i.e. non-Latin character sets). But we’ll see how it goes.

As it stands now I’ll start upgrading this evening, depending on real-world necessities (i.e. household and baby stuff that needs to be done). :slight_smile:

Forum software upgrade has finished. Next is apply the various modifications…

… fixed various counters that were out of sync (post count, topic counts, etc) and removed orphaned last_post references and such. Fixed a bug in a FluxBB plugin as well during this process.

… forum registration is disabled so only existing members can login. Will take a while before new OSM users will be able to login again because I’ve decided that the post moderation should be implemented first.

… new New Member group created with restricted permissions (e.g. unable to send emails as the spammers were using the forum email system to send email spam).

… about half way through adding the post moderation modification. Will continue tomorrow when time permits. New users won’t be able to join the forum for now unfortunately.

The main issue so far - fixed width of forum. 22" @ 1680x1050 looks not that good.

Great job, Lambertus :slight_smile:

one minor problem: Clicking on a link in a post does not open a new page like before.

Regards

walter

I am using number of features in my squid - proxy server - to enhance anonymity a little bit

reply_header_access Via deny all
reply_header_access X-Forwarded-For deny all
reply_header_access From deny all
reply_header_access Server deny all
reply_header_access WWW-Authenticate deny all
reply_header_access Link deny all
reply_header_access X-Cache-Lookup deny all
reply_header_access X-Squid-Error deny all
reply_header_access X-Cache deny all
reply_header_access Referer deny all
reply_header_access User-Agent deny all

So far I have had no problems using any of these features on any of the web pages I use until upgrade of this very forum. Now using “reply_header_access Referer deny all” returns following error while posting:

Bad HTTP_REFERER. You were referred to this page from an unauthorized source. If the problem persists please make sure that ‘Base URL’ is correctly set in Admin/Options and that you are visiting the forum by navigating to that URL. More information regarding the referrer check can be found in the FluxBB documentation.

I have disabled that line in squid to post this message, but i would hate it to be the last post as I am not going to turn it of just for one forum, sorry. Besides does that enhance security of the forum anyway?

I have Refcontrol as a Firefox Plugin for years, never had a problem with it until now! Setting is “forge”, it sends the root of site (e.g. forum.openstreetmap.org). Same problem “HTTP_REFERER”. Workaround is to add an exception, but is this security feature really neccessary?

https://addons.mozilla.org/en-US/firefox/addon/refcontrol/

Does choosing one of the other styles (via your Profile page) help?

Yes, that’s one of the modifications I need to re-apply.
Edit: Should be fixed now

Re: Bad HTTP_REFERER
This seems to be a design flaw in FluxBB. I’m not a security expert, so I hope someone more knowledgeable can say if this modification would help? I.e changing from checking a token instead of the HTTP_REFERER?