• Join the A7X Discord!

    We're updating the community and moving all social content from the community to the Discord. All lessons related conversations will still take place here though! Join the Discord below and view the full announcement for more details

    JOIN THE DISCORD VIEW THREAD

um wtf?

TOLF

Free Bird Player
Nov 11, 2019
16
0
How can we disable mail notification? I’ve already disable it from my profile settings, I did not subscribe to any topic and I continue receiving notification each time someone write something on the forum…
 
Synner Endless Summer Collection

idssdi

Sold-out Crowd Surfer
Nov 11, 2019
5,336
6,749
Groningen
11
@syn Yeah blocking certain countries would suck. Maybe having a maximum amount of forum topics started by one person is an idea? Let’s say like 10 forum topics per day and if you exceed that you just can’t start a new forum topic anymore
 
Synner Endless Summer Collection
J

Jak Angelescu

Guest
It’s Korean and one time my friend translated it and it said something about “The lion club” and the color red was mentioned somewhere in there 😂 the spam sucks, yes. But I just trust the people behind SGS will get it sorted out in the best way possible. As long as it’s not affecting my ability to watch the lessons and use the interface it’s not a huge deal for me. Maybe they will do the captcha thing eventually.
 

Julian Barton

Free Bird Player
Nov 11, 2019
179
0
As a hacker and a coder might I suggest a few things:
One a recaptcha sign up
two max forum posts per 10 minutes (maybe like 10 posts and 15 replies as no human should be doing that)
three try finding anyone who has excessive posts and removing those users (obviously looking at their posts to see if they are real or fake)
Four maybe as well give some incentive to people who pen test the site (like a little icon next to their name for finding an exploit) would help the devs a bit :)
 

Andrew Milner

Campfire Attention Holder
  • Nov 11, 2019
    532
    1,235
    andreilucianmoraru.com
    10
    It’s been a long time since I registered so I don’t remember if it’s in place, but a confirmation mail in order to activate one’s account should also work. And anyone who hasn’t activated his account can’t post comments/make forum posts. Of course, there is the option to resend the activation e-mail for real users, but it should, in theory, prevent spam accounts, because there is a need for a valid email in order to activate said account. And yes, I am a software developer (*humblebrags in C#*).
     

    Michał

    Free Bird Player
    Nov 11, 2019
    9
    0
    I’m afraid simple mail activation isn’t much for people that really want to spam some forums. It’ll help for sure, but only for some time. Then next spam script that is a little bit more intelligent will spam forum if find it (spam bots can be really annoingly inteligent).
    But when security done with few things simultaniusly it would be enough for bigger span time.
    1) Recaptha on registration
    2) Mail activation, no posting without activated account
    3) Maybe even simple recaptcha on topic creation (only that with checkbox required)
    4) As you are using WordPress and BBpress forums (one installed with ultimate member I think), you can easily throttle user interactions in wpadmin panel – throttle posts posting to 1-2 minutes.
    5) I don’t remember now, but inside bb Akismet is built in by default, so needs just to activate it; this could help a little
    6) Another way is to redirect every POST request to /register/ page that doesn’t have referrer from syngates.com
    7) You can blacklist ip’s of spambots that already tried to spam here
    The easiest and 5 minute way to deal with some of spam bots is to create honeypot for them. Silly ones won’t deal with empty hidden input field that should be empty. It’s really simple to check, as spambot will put something in there (it analyzes code so it “sees” it there) but it will be visually hidden from humans. Especially if it has label or something with “required” word around it. So just create empty hidden field and then check it. If it is empty it’s human if not it’s barely spam bot 🙂
    Oh and there is plugin – Spam Destroyer that adds honeypot that I wrote above to forum forms 🙂
    Maybe you and your team find in that message something that help you to deal with spam @syn
     

    Julian Barton

    Free Bird Player
    Nov 11, 2019
    179
    0
    The only problem with ReCaptcha for all you nerds on here (I am too don’t worry) is you know as well as I do that a hacker can easily bypass thousands of ReCaptchas per seconds with new code especially userscripts. This is still a good idea but it is not perfect. I would say that the site should definitely install them but also use a text code verification or something. 2 step is always better for bots.
     
    Synner Endless Summer Collection