[TAC] Stop Human Spam

[TAC] Stop Human Spam [Paid] 1.4.8

No permission to buy ($19.00)
Overview Updates (34) Reviews (13) History Discussion
hmm, well if they are using banned words and not logged in... it's not a show stopper to display a login form. But it would be better to let them know the post has gone in to moderation.

I will look into it, but it's quite low in my priorities (low enhancement)

What is the behaviour of a moderated post for logged out users for XF core?

I have a suspicion it's the same issue (in which case, it's a core issue)
 
Last edited:
I am not sure. We are so new to Xenforo that I am not sure what other issues would cause a post to be moderated. I will see if I can find out what what happens with core alone.
 
I haven't been able to pinpoint this to a specific addon but I only have two addons that really mess with signatures, this being one of them.

I get this error occasionally....

Code: 
Error Info
ErrorException: Undefined index: sigPerms - library/XenForo/ViewPublic/Account/Signature.php:10
Generated By: starFleet_Yacht, Today at 1:10 PM
Stack Trace
#0 /home/cruising/public_html/library/XenForo/ViewPublic/Account/Signature.php(10): XenForo_Application::handlePhpError(8, 'Undefined index...', '/home/cruising/...', 10, Array)
#1 /home/cruising/public_html/library/XenForo/ViewRenderer/Abstract.php(227): XenForo_ViewPublic_Account_Signature->renderHtml()
#2 /home/cruising/public_html/library/XenForo/ViewRenderer/HtmlPublic.php(67): XenForo_ViewRenderer_Abstract->renderViewObject('XenForo_ViewPub...', 'Html', Array, 'shs_can_not_mod...')
#3 /home/cruising/public_html/library/XenForo/ViewRenderer/Abstract.php(249): XenForo_ViewRenderer_HtmlPublic->renderView('XenForo_ViewPub...', Array, 'shs_can_not_mod...', NULL)
#4 /home/cruising/public_html/library/XenForo/ViewRenderer/HtmlPublic.php(64): XenForo_ViewRenderer_Abstract->renderSubView(Object(XenForo_ControllerResponse_View))
#5 /home/cruising/public_html/library/XenForo/FrontController.php(572): XenForo_ViewRenderer_HtmlPublic->renderView('XenForo_ViewPub...', Array, 'account_wrapper', Object(XenForo_ControllerResponse_View))
#6 /home/cruising/public_html/library/XenForo/FrontController.php(158): XenForo_FrontController->renderView(Object(XenForo_ControllerResponse_View), Object(XenForo_ViewRenderer_HtmlPublic), Array)
#7 /home/cruising/public_html/index.php(13): XenForo_FrontController->run()
#8 {main}
Request State
array(3) {
  ["url"] => string(45) "http://www.cruisingtalk.com/account/signature"
  ["_GET"] => array(0) {
  }
  ["_POST"] => array(0) {
  }
}
 
BamaStangGuy said:
I haven't been able to pinpoint this to a specific addon but I only have two addons that really mess with signatures, this being one of them.

I get this error occasionally....

Code: 
Error Info
ErrorException: Undefined index: sigPerms - library/XenForo/ViewPublic/Account/Signature.php:10
Generated By: starFleet_Yacht, Today at 1:10 PM
Stack Trace
#0 /home/cruising/public_html/library/XenForo/ViewPublic/Account/Signature.php(10): XenForo_Application::handlePhpError(8, 'Undefined index...', '/home/cruising/...', 10, Array)
#1 /home/cruising/public_html/library/XenForo/ViewRenderer/Abstract.php(227): XenForo_ViewPublic_Account_Signature->renderHtml()
#2 /home/cruising/public_html/library/XenForo/ViewRenderer/HtmlPublic.php(67): XenForo_ViewRenderer_Abstract->renderViewObject('XenForo_ViewPub...', 'Html', Array, 'shs_can_not_mod...')
#3 /home/cruising/public_html/library/XenForo/ViewRenderer/Abstract.php(249): XenForo_ViewRenderer_HtmlPublic->renderView('XenForo_ViewPub...', Array, 'shs_can_not_mod...', NULL)
#4 /home/cruising/public_html/library/XenForo/ViewRenderer/HtmlPublic.php(64): XenForo_ViewRenderer_Abstract->renderSubView(Object(XenForo_ControllerResponse_View))
#5 /home/cruising/public_html/library/XenForo/FrontController.php(572): XenForo_ViewRenderer_HtmlPublic->renderView('XenForo_ViewPub...', Array, 'account_wrapper', Object(XenForo_ControllerResponse_View))
#6 /home/cruising/public_html/library/XenForo/FrontController.php(158): XenForo_FrontController->renderView(Object(XenForo_ControllerResponse_View), Object(XenForo_ViewRenderer_HtmlPublic), Array)
#7 /home/cruising/public_html/index.php(13): XenForo_FrontController->run()
#8 {main}
Request State
array(3) {
  ["url"] => string(45) "http://www.cruisingtalk.com/account/signature"
  ["_GET"] => array(0) {
  }
  ["_POST"] => array(0) {
  }
}
Click to expand...
Looks the same as this: http://xenforo.com/community/threads/stophumanspam-anti-human-spam-paid.45491/page-3#post-576478

Have you updated to 1.2.7 of the add-on?
 
By any chance, is starFleet_Yacht a bot?

I ask this, since there is a way that this could happen, but it would only happen if the user saved the signature by not going to the signature area (just firing a request to save the sig).

If that's the case, do you not use FoolBotHoneyPot

If you do use FoolBotHoneyPot can you check the logs of that users, and give me all the details you can. I'm very interested in anything that works out how to get around FBHP, since it's stopped 100% bots (more than 5 mil, 0 false negatives), if someone is working around it, I want to know ASAP (0 have gotten through any of my honeypot forums)

If you are using FBHP, but this user does not appear in the logs, are you allowing FaceBook/other registration, and do you have anything to prevent bots via that route?

I can send you an updated file, can you test it and tell me if you still see the issue (attached)

Replace Tac\StopHumanSpam\ControllerPublic\Account

BTW, we may have just stumbled into another way of detecting bots, but I'm concerned about any at all getting through FBHP, so I want to get to the bottom of it
 

Attachments

Last edited:
No I am not using FBHP on any of my forums. All are on 1.2 and all use the built in Spam detection and SHS. This was not a legitimate user but not 100% sure it was a "bot". I imagine it was from reading your response above since it managed to throw this error.

I will give your file change a go.
 
That's good news, FBHP remains 100% effective, and we have another way of detecting bots (without affecting humans)

Sometimes knowing why/how an error occurs, rather than just validating/fixing it can be fruitful ;)
 
tenants said:
hmm, well if they are using banned words and not logged in... it's not a show stopper to display a login form. But it would be better to let them know the post has gone in to moderation.

I will look into it, but it's quite low in my priorities (low enhancement)

What is the behaviour of a moderated post for logged out users for XF core?

I have a suspicion it's the same issue (in which case, it's a core issue)
Click to expand...

I don't think this is core behavior. I set a forum to moderate all posts. When an unregistered user makes a post in this forum, it does initially present a message that the message has been posted. Then the user is taken to the forum page and sees the following message: Your message has been submitted and will be displayed pending approval by a moderator.
 
Just FYI Mike, Allow External Images & Media when unchecked isn't being applied to profile about field, thus a member just exploited it by posting spam via a youtube embed into their profile field.
 
Hi!

I'm having problem with spam emails via contact us form. I don't get any spam registrations (fake users) or spam post on my forum, just via contact us form. I'm using QapTcha add-on.

Will this add-on prevent spams via contact us form?
 
Why don't you turn on the CAPTCHA for guest (this should cover the contact us form):

upload_2013-8-27_16-6-36.webp

However, if they are getting past your CAPTCHA here, then your CAPTCHA is no longer affective (in all areas... )

No, this addon doesn't cover the contact us form (CustomImgCapthca does, but I believe QapTcha should also )
 
I have captcha (QapTcha) turned on for guests, but spam is somehow getting past it (but only on contact us form!). I guess it is working only for registrations... But now I don't get any more support from developer of QapTcha because of that: XF QapTcha.

That's why I'm asking you if this add-on could help me. I guess not then. I think I'll just have to uninstall QapTcha :(
 
I've worked in automation for a few years, I can see that it would be easy to target XF QapTcha and automate getting past it.
But for bots like XRumer, it wouldn't worth it, since it's not installed that widely. (XRumer operates at targeting millions, not thousands)

[multiple non core mechanism are often not worth the effort to target if the frequency is low, so simple sliders can often be affective]

However, if I am wrong, and it is now installed widely, the chances are, bots are getting past it, or these are simply custom bots

Some things are very hard to automate, others are not... Sending the correct request/response when that response is constant is very easy (weather it's a JavaScript game / slider / other )
Reading textual information from an image and training it against a known set is also fairly easy (this is why many textual CAPTCHA fail)

Reading textual information related to an object against an unknown set is still a challenge for AI, so try CustomImgCapthcha: http://xenforo.com/community/resources/customimgcaptcha-spam-combat.1161/

(I'd still be fairly surprised if QapTcha is being targeted, bots have bigger core issues to get around first)
 
Last edited:
tenants said:
I've worked in automation for a few years, I can see that it would be easy to target XF QapTcha and automate getting past it.
But for bots like XRumer, it wouldn't worth it, since it's not installed that widely. (XRumer operates at targeting millions, not thousands)

[multiple non core mechanism are often not worth the effort to target if the frequency is low, so simple sliders can often be affective]

However, if I am wrong, and it is now installed widely, the chances are, bots are getting past it, or these are simply custom bots

Some things are very hard to automate, others are not... Sending the correct request/response when that response is constant is very easy (weather it's a JavaScript game / slider / other )
Reading textual information from an image and training it against a known set is also fairly easy (this is why many textual CAPTCHA fail)

Reading textual information related to an object against an unknown set is still a challenge for AI, so try CustomImgCapthcha: http://xenforo.com/community/resources/customimgcaptcha-spam-combat.1161/

(I'd still be fairly surprised if QapTcha is being targeted, they have bigger core issues to get around first)
Click to expand...
Thank you for your explanation. I'll see what I can do.
 
Hey Mike,

Instead of stopping the thread / post containing links for users with not enough posts, is it possible to automatically put it in moderation?
There are times when a genuine new member post a legitimate link and this restriction will definitely put them off...

This option is already available for "Banned Words" and hope that you can also add this in for link rules.

Thanks.
 
After upgrading to 1.3 Beta 1 I am seeing this not working. Members that are not suppose to be able to add info to About Me are now able to. No changes to settings, just upgrade to 1.3 Beta 1.
 
You must log in or register to reply here.

Similar threads

AndyB
Signature search [Paid]
Replies
1
Views
555
AndyB
AndyB
Yugensoft
Add-on Offer: Sale of IP Rights of All Addons
Replies
10
Views
2K
ssj2_ssbm
ssj2_ssbm
Yugensoft
[WMTech] TAC - Stop Country Spam [Paid]
2 3 4
Replies
71
Views
7K
wmtech
wmtech
sonnb
sonnb - Stop Spam Here - Bot detector API
Replies
2
Views
870
sonnb
sonnb
sonnb
sonnb - Stop Spam Here [Deleted]
2 3
Replies
46
Views
5K
sonnb
sonnb
Top Bottom