[TAC] Stop Human Spam

[TAC] Stop Human Spam [Paid] 1.4.8

No permission to buy ($19.00)
Overview Updates (34) Reviews (13) History Discussion
I figured that was the case, just wanted to make sure. And of course I was being lazy, i could have downloaded it, unzipped it and looked at the code. :)

Updating now. Thanks.

-- hugh
 
  • Its now possible to moderate messages ~(threads / posts) with banned words (rather than just preventing creation)
Click to expand...

Can you confirm what this function does?

So if someone tries to post a link when they don't meet the criteria set in the post rules, their post is added to the moderation queue? Or does this only apply to the banned words?
 
Banned keywords are separate from from real urls/ sneaky urls

I haven't added moderation for urls, just banned keywords words

If someone tries to add a banned word that you have listed in your StopHumanSpam banned word lists (such as Viagra by default), if you have the option "Moderate Banned Word Content" ticked, then posts/threads created containing this banned word (either in the title / content) get moderated .. rather than prevented from creation

StopHumanSpam-Banned-Keywords prevents the spammers from just copying and pasting common known phases, a good example of this would be "watch game of thrones on-line". Just censoring keywords doesn't prevent the content from being created

Previously the content containing StopHumanSpam-Banned-Keywords wouldn't have been created, the information is logged in your admin area, and the user would have seen this:

bannedword.webp


Now, there is an ACP option for this content to be created, the information is still logged in the ACP, but since it contains the banned word (in the title / content) it is sent to the moderation queue.

Why would you want this? Because your custom list of banned words might catch more than you mean to
See the Scunthorpe problem: http://en.wikipedia.org/wiki/S****horpe_problem (replace **** with tnuc in reverse << it looks like XF list of censored words runs into this issue... StopHumanSpam banned words gets around this issue by giving forum admins the option to moderate content containing banned words)


StopHumanSpam banned words are always banned unless the user/group has the permision: canBypassStopBannedWords
 
My tiny forum has only been up for a few days, and only I have 8 or so members...
too bad they have emails like ddd.ddd@gmail.com / dddd.dddd.ddd@gmail.com
does this sound familer? :(

but I was already one step ahead of them before the forum even went online
as I had already disabled sigs and profiles, but surely not an automated solution,
but would indeed stop them from posting, which is obviously what they tried
to do, signup with bogus looking name/email, then spam away, not one of
these members have yet to even post or say hi, so i am not sure if they
were human, or simply just bot trained to answer 2+2=4

I am starting to like this addon...
seems like it has a solution for almost any event.
strongly considering it....

the problem with human spammers is they may post enough
just to bypass any requirements as their end goal is
to get their backlink on the forum, one way or
another then they vanish forever...

How much impotence does google even put on signature links anymore?
I am pretty sure that google knows good and well what they are, and
most people use them these days for obvious reasons....

for the branded version, how long do we get updates for?
 
Almost all bots get passed the simple questions such as "2+2" or "what year is it", even very hard QA's have been beaten. They use a local file (textcaptch.txt) to store the answers... when a bot user can not get passed a QA, they go back to your forum and manually register... they then updated the textcaptch.txt with your QA answer. This is then shared via a central database so all bot users can pass your QA question. QA has been solved for a while (as has ReCaptcha)

The emails that look like this:

my.email.what.ever.1.2.3.@blabla.xyz

Are often created by automation. It's just easier to throw lots of dots into an algorithm and iterate through emails that are likely to have never been created before. If they are automating emails, they are quite likely to be using other automation software such as XRumer

For some email accounts, they are using the dots to avoid detection longer (gmail for instance, doesn't distinguished between the dots) So a user can use their.email@gmail.. get caught by an API, and then use theire.mail@gmail ... as long as the API hasn't recognised them another way (for instance their IP address) the user can keep spamming without getting caught

One of the "recent" updates for Google (one of them being the Panda Update) actually really hurt a XRumer users ... so much that XRumer even talk about the update on their site. XRumer users will keep running into these issues, blackhat isn't good for a site with long term goals

It doesn't seem to stop the spammers, they don't seem to learn :confused:

This plugin will stop automated spam too (but don't use it to stop floods of bots, foolbothoneypot can stop them from even registering)
There is no limit on updates... for as long as I/you can keep on coming up with good ideas to stop human spam, I'll keep developing it
 
tenants updated StopHumanSpam - Anti Human Spam with a new update entry:

Stop Human Spam: Fix for internal links + More thorough email checks

  • A fix for internal links, now [url]example.com[/url] internal links are allowed (if the allow internal links option is checked)
  • Email links are now more thoroughly checked if an email host is mentioned in the post... so that @hotmail or [at]gmail will not be allowed (if the stop email links option is checked)
Click to expand...

Read the rest of this update entry...
 
Sure, but I'm working on quite a big add-on right now.

Your request is a small enhancement, so I'll do it straight after the 1st release of this add-on (within a week)
 
Just tried enabling this on my test conversion on XF 1.2 Beta 4

Code: 
Error Info
ErrorException: Undefined index: sigPerms - library/XenForo/ViewPublic/Account/Signature.php:10
Generated By: freann1984, A moment ago
Stack Trace

#0 /var/www/forum/library/XenForo/ViewPublic/Account/Signature.php(10): XenForo_Application::handlePhpError(8, 'Undefined index...', '/var/www/forum/...', 10, Array)
#1 /var/www/forum/library/XenForo/ViewRenderer/Abstract.php(227): XenForo_ViewPublic_Account_Signature->renderHtml()
#2 /var/www/forum/library/XenForo/ViewRenderer/HtmlPublic.php(67): XenForo_ViewRenderer_Abstract->renderViewObject('XenForo_ViewPub...', 'Html', Array, 'shs_can_not_mod...')
#3 /var/www/forum/library/XenForo/ViewRenderer/Abstract.php(249): XenForo_ViewRenderer_HtmlPublic->renderView('XenForo_ViewPub...', Array, 'shs_can_not_mod...', NULL)
#4 /var/www/forum/library/XenForo/ViewRenderer/HtmlPublic.php(64): XenForo_ViewRenderer_Abstract->renderSubView(Object(XenForo_ControllerResponse_View))
#5 /var/www/forum/library/XenForo/FrontController.php(570): XenForo_ViewRenderer_HtmlPublic->renderView('XenForo_ViewPub...', Array, 'account_wrapper', Object(XenForo_ControllerResponse_View))
#6 /var/www/forum/library/XenForo/FrontController.php(156): XenForo_FrontController->renderView(Object(XenForo_ControllerResponse_View), Object(XenForo_ViewRenderer_HtmlPublic), Array)
#7 /var/www/forum/index.php(13): XenForo_FrontController->run()
#8 {main}
Request State
array(3) {
  ["url"] => string(60) "http://home.z22se.com:8984/forum/index.php?account/signature"
  ["_GET"] => array(1) {
    ["account/signature"] => string(0) ""
  }
  ["_POST"] => array(0) {
  }
}

Will this be updated to work with 1.2 at some point?
 
It will, I didn't know about that, I'll look in to it

Thanks for letting me know
 
Last edited:
Yes, it was a simple fix for something that wasn't needed:

The view to render the editor when the signature editor isn't even available, since the 'spammer' doesn't meet the minimum requirements to be able to edit their signature

That sounds more confusing that it should.. yes.. it works post 1.2 and pre 1.2
 
Ideally, when a user made a post with a banned word, they would see a message that said something like, "your post has been sent to a queue for review. If approved, it will be visible soon". Currently a user sees something like: first, "your post has been created" second, they see an error message that says you have to be logged in to do that ( we allow anonymous posting) and they are taken to the registration/login form.

Is there a way to change to our ideal behavior?

Thank you
 
You must log in or register to reply here.

Similar threads

AndyB
Signature search [Paid]
Replies
1
Views
555
AndyB
AndyB
Yugensoft
Add-on Offer: Sale of IP Rights of All Addons
Replies
10
Views
2K
ssj2_ssbm
ssj2_ssbm
Yugensoft
[WMTech] TAC - Stop Country Spam [Paid]
2 3 4
Replies
71
Views
7K
wmtech
wmtech
sonnb
sonnb - Stop Spam Here - Bot detector API
Replies
2
Views
870
sonnb
sonnb
sonnb
sonnb - Stop Spam Here [Deleted]
2 3
Replies
46
Views
5K
sonnb
sonnb
Top Bottom