Elgg and Spam/Security

Seeing a number of spammers just on this site, and not having opened my Elgg site public yet, I wonder about keeping the spammers out. Now I realize that this site isn't using the same captcha system as the Elgg 1.7.1 default, but it still makes me consider if the default captcha is actually decent enough to use or if I need to look at replacing it.

Any thoughts, suggestions?

  • RE:

    fertitta143 posted on fertitta143's message board (5 minutes ago)

    Sometimes I wonder how it is.. that I can spot a spam user within minutes of their posting funky spam on their own messageboards.. long before Brett/Cash get there ? I do believe that the Elgg Team should have "hired" me for a nominal fee to be the "SpamBlocker" for Community.Elgg.Org a long time ago.

    I will be working on an automatic detector for this particular type of spam (yes there is an automated solution!) so that we can block this as it happens for our own (biggest in the universe ~128,000 users!) FbfKids.Com. If Elgg.org are interested in my solution... please feel welcome to broach the subject.

  • Hi all,

    Just thought that this might be interesting for you.

    Being a 3rd party developer for a "Commercial Social Networking" product, lead to the development of an advanced and easy to use Anti WebSpam solution called SpamTrawler.

    “SpamTrawler” is a web application firewall which can be embedded into any PHP based application like:

    - Forums
    - Blogs
    - Photo Albums
    - Any other application which allows content to be posted by members

    It can be used to protect all applications running on the same host.

    It provides protection against:

    - Spam
    - A range of attacks against web applications
    - Fraud
    - In certain cases against http dos

    “SpamTrawler” is a self-hosted application, which can be installed and maintained on your Server or Webspace, without any programming knowledge.

    The whole installation process usually takes about 5 minutes.

    To configure the “SpamTrawler” Web Application Firewall, you have a fully fitted Administration Panel at your hand, which allows for quick and easy changes.

    Please Note:
    As we do not want to throw our Source Code at the people we want to protect you and us from, “SpamTrawler” is not Open Source and comes IonCube encrypted.

    The current version of "SpamTrawler" is available for $5, which is used to keep the servers running and the lights switched on and of course allow us to invest money into more resources.

    I am not sure if it is ok to provide our URL here, so in case you are interested, please feel free to ask for the URL and we will provide it.

    Thank you

    Kind Regards

  • Vazco doesn't just sound genius, he is!

  • How about the akismet pugin?

    If it could be extended to check blog and other posts that would really help.

    I just opened my elgg network yesterday and already several Chinese spam accounts have popped up creating these stupid blog posts in unreadbale English.

    That doesn't make me optimistic. And how did they find my network so quick?