Due to the recent complain's about elgg anti-spam capabilities...... i have been having these ideas on my mind.......
1. The issues of spammers that registered succesfully in our elgg network......
My idea...... i think implementing a capcha that verify if someone is human i.e scanning the comments before posting it ( before making the comment visible to the public) e.g after posting like 3 spamlinks.....in the wire......blog comments...... group comments...
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
Please all new ideas are welcomed
http://community.elgg.org/plugins/821368/1.6/spam-throttle-18x is a plugin that helps when a spammer managed to register an account. Requiring to enter some captcha code each time you want to post something might stop spammers but it surely will annoy your valid users very much.
There are a lot of tips on this thread:
http://community.elgg.org/discussion/view/1570790/fake-users-registration-attack?annoff=50
Rodolfo Hernandez
Arvixe/Elgg Community Liaison
iionly -- i only worry that annoying the valid users, on a site just getting off the ground, is a kiss of death.
On the other hand, having a site full of spammy posts is probably worse.
Rodolfo, I liked your idea of ...
The spam throttle plugin does not require entering captchas. It limits the number of new content a user is allowed to add within a certain time (you can configure the limits). If someone posts quite a lot within a very short time it's likely a spammer and the account gets banned (but you can configure what action should be done, too).
Requirement of entering captchas for valid users again and again is surely not good. I fully agree with that. That's why I suggested the Spam throttle plugin as an already existing alternative.
text and image capcha is not useful and out of dated...can't stops spammers shows @$$
ban all ussrs from posting for 1 hour when they join that killed spam on my site also i use https
@UK - that's ok, but generally people join because they want to participate, and delaying that for everyone isn't a very good welcome to legitimate users
i know i hate that i have to do that but if i dont they kill the site lol the spammers, my sites more of a information site search engines are my members lol
@ UK, Requiring site members to enter captcha image or code each time the members want to post anything to a site might be a tedious chore for users and to be honest, most users do not like that process. That is why http://community.elgg.org/plugins/1172111/1.8.15b/elgg-captcha is not using captcha for logged in users.
I am working on elgg-captcha so that it will only be solved by human but not scripts or software captcha crackers. Even when the captcha will be working they way it is meant to be working, I will recommend using it only for non logged in users and let other anti spam tools take care of logged in users who might have succeeded logging in as human but connected those accounts to computer scripts to upload spam to elgg sites.
- Previous
- 1
- 2
- Next
You must log in to post replies.