Spam @ Elgg Sites

How do we handle spam users/ content on elgg-based web sites ?

  • From this site:

    http://blamcast.net/articles/block-bots-hotlinking-ban-ip-htaccess

    Their suggested code for .htaccess:

       #get rid of the bad bot
       RewriteEngine on
       RewriteCond %{HTTP_USER_AGENT} ^BadBot
       RewriteRule ^(.*)$ http://go.away/

    My code:

       #get rid of bad bots
       RewriteEngine on
       RewriteCond %{HTTP_USER_AGENT} ^Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1;)
       RewriteRule ^(.*)$ http://go.away/

    Can't see the mis-typing, even wearing my 2.50 reading glasses. :(

    If anyone would be so kind as to point out the specific item(s) that I mis-typed, I'd greatly appreciate it.

  • @SS --

    I just copied your exact htaccess code into my 1.7.5 XAMPP and guess what ? Broke my whole test site ;-P   btw:- I use 4.0 reading glasses ;-)

    Server error!
    The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script.
    If you think this is a server error, please contact the webmaster.
    Error 500

    Remember that old saying  " a little learning.." -> your Cond does not specify a RegEx which Apache needs. Also I believe to make the diagnosis that the bare user-agent Rewrite will solve all spam problems is a misunderstanding..

     

    @S1

    "NoFollow" PlugIn ? sounds like a cute idea.. As I have spare time on my hands and nothing better to do - I will experiment with some basic code to see what can be via jQuery and PageDraw hooks.. giving away trade secrets here lolz ;-)

     

     

  • Dhrup,

    Thanks.

    I will ponder & research this advice, "your Cond does not specify a RegEx which Apache needs."

    The user-agent rewrite looks like it might thwart a big chunk of today's spammers. We agree that it will not solve all spam problems forever.

    IMHO, fighting spam is an unending struggle, a constant battle. So we do what we can against a big chunk of it today, and then tomorrow, respond as they adapt. It's Darwinian.

  • A rewrite rule for user agents in a little while will be effectless, I think.

    @drhup: nofollow and jquery? hmmm... js code will not be followed, I think such a plugin should rewrite all html a href tags in the content while pagedraw, especcially for the blog plugin.

  • @SS -

    if you're comfortable using or learning RegEx you'll be fine, if not.. you're heading for trouble.

    You've made an assumption that the UserAgent block wil be the panacea to spam issues or clean up the majority of spam.

    An aside - I've mentioned before several times that FbdKids.Com ( @ 173,00 users today ) has about 0.01 spam -- we do not use UserAgent blocking. Sometimes we block IPs, usually we just Ban users and delete their offensvie content and that is it ;-) My surprise has always been that other Elgg sites with some mere 100'x or 1000's of users have so much spam trouble - which the order of magnitude of the scale does not quite relate. If a 1000 user site has 20% spam <--> FK should have a much higher spam rate, not 0.01% ;-) Have we just been lucky for 18 months ?

  • @TW

    Both jQuery blocking and PageDraw blocks will do the job.

    I would go for PageDraw hooks because this will *not show in the Browser and so cannot be reverse-engineered or hacked ;-)

  • At one of my sites I'm using my own AJAX registration form (of course, it's qooxdoo ;-) ) instead of the default elgg registration. This site is a PR4 Site and visited about 3000-5000 time a day, and I have really no spam there. I assume, most of the spammers are using tools, only working together with default elgg pages.

    This could be a way to make it more complicated for spammers.

  • @westor,

    I think you're on to something. Seems to me, the bots have to look for pages called "register.php, new_user.php, etc." Or something similar.

    Would it be feasible for the individual site owners to change "register.php" to something unique of their own choosing, e.g "Zreg1ster.php" .. whatever. IIRC, when using MT blogging software a few years ago, this was recommended practice. And it was easy enough to do with that tool at that time.

    But I wouldn't hack around with Elgg unless there was a plugin, or an expert said "Change the name of register.php in these 3 places, and you'll be fine.'

     

  • @SS
    You're fishing LOLZ ;-)
    Go ahead - change all your file-names - I will hack in and register in abt 10 minutes ;-P

    Did you not read elsewhere some time back - I used to hack into the IBM System for a large corporation circa 1990 ) to detect security holes so that these could then be fixed ? And last one my clients sent me a crying email that the had 2000 spamers register ontheir Moodle site n 48 hours - Mois ? 5 mins to figure how it was done, 5 mins to devise a permanent block ;-P

  • all digital security is breakable, there is no true challenge in making it or breaking it...

    the answer is not to compete and battle each other.. to be secure in ourselves and thus no 'fake' security is needed.

    this is the same in all cases and actually even 'spam' is resolved by the same method, since spam is generally either a 'confidence trickster' attempting to exploit your lack of confidence or they are selling something.. which 99% of the time neither you (nor anyone) actually needs.

    'but surely no matter what I do there will still be spammers 'out there' attracted to me'?

    nope.. life is not random.. we attract what is on our frequency.

     

    this is the lateral way to be secure.. lateral being.. not so much lateral doing.. :)

     

    n.b. i have no expectation of anyone agreeing with me since the 'technical mind' doesn't register such possibilities very often.. too focussed on screens.. its true none the less. ;)