preventing abuse

WillemGrooters · Post by **WillemGrooters** » Thu Feb 23, 2006 8:39 am

I know there is software around, searching the web for forums like this, and then posting annoying advertisements ("adult content", medicine, illegal software) - without logging in, eventually. Some will do a registration and dump their junk still the same, or specify a website in their profile, not at all related to the forum - just to attract attentions to their sites - or even containing malicious content.
This site is by times abused for this

.

Since it takes too much time to keep an eye on this - and to remove all that is unwanted, so before starting my own installations, I would want to disable this ; I prefer to fight the cause, not the symptoms. I know of sites that prsent an image with text or numbers, to be typed in before a post is accepted. That rules out automated postings - just what I want.

Does something like that exist in e107, PHPBB and Wordpress?

Post by **issinoho** » Thu Feb 23, 2006 5:47 pm

Most CMS packages have pretty good abuse prevention. The abuse I get on this site is because I am currently allowing guest access - annoyingly PHPBB doesn't let you control this globally so I would have to switch this off on a per forum basis. Laziness has precluded me from doing so thus far.

PHPBB, e107 and Wordpress all have image-based sign-up forms which prevent automated abuse; they also have banning controls and flood prevention.

WillemGrooters · Post by **WillemGrooters** » Fri Feb 24, 2006 2:39 pm

That would mean no guest access - so any user MUST sign on (and therefore: register) before being able to post an message. and at login, you'd have to enter such a code.
But that won't be sufficient: you would need to disable "Auto-logon on access", because otherwise, a bot would access the forum, log in automatically (because remembered) and plunge his crap.
I like the idea not having to remember my password - and I guess most users will. Therefore, the code would need to be entered at the moment you post a message, not at logon.

I'll play around with ecah of them (on XP) and look what would be possible.

andys · Post by **andys** » Tue Apr 11, 2006 8:35 am

What was the result of you playing around with the different packages? It would interesting to get your feedback.

andys · Post by **andys** » Tue Apr 11, 2006 8:48 am

Just for info. Drupal has captchas (image with letters user needs to type in functionality) for user registration, registered and anonymous comment posting.

I have found that another of the most annoying things is spam trackbacks to blog entries. Drupal will let you moderate these so you can delete them before they are published but this requires leg work for the admin.

Spammers must be responsible for a millenium or ten of sys admin time.

Rant! Rant!