MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Suggestions and Feedback > ultimate antispam
Full Version: ultimate antispam
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

dennyhalim

2009-05-14, 01:51 AM
in wp there's a great antispam:
http://www.hybrid6.com/webgeek/plugins/wp-spamfree
http://www.hashcash.org/

lots of people hate captcha and it does really annoying.
this method combine js and cookies that no spambot can use.

maybe can be ported to mybb?
with that, we dont need captcha to block 100% spambot with zero false positive.
and it's absolutely transparent to real browser

Scoutie44

2009-05-14, 02:00 AM
MyBB already uses Askimet, which to my knowledge does a good job.

dennyhalim

2009-05-14, 02:16 AM
cmiiw.

with akismet, each spam post gets into the database. then, it's sent to akismet to check if it's spam or not.
if you hit by spambot a lot, it will causing very high usage of cpu/ram and very busy mysql server.
you might even get suspended by your host for that.

with this method, the spam never even gets to the database.
never need to be checked at all.
zero overhead on the server.


akismet still can be usefull for manual human posted spam.


so,
i still suggest this kind of method to protect not only forum message,
but ALL forms (registration, login, post, search, etc...)

Scoutie44

2009-05-14, 02:36 AM
That's all fine and good, but MyBB hasn't experienced any problems with bots yet ( to my knowledge ) so human spam protection is all we really need right now. It's much more suitable as a plugin.

dennyhalim

2009-05-14, 02:43 AM
which antispam can claim this?
- 100% spambot blocked. nothing more. nothing less.
- 0 false positive
- 0 false negative
- nothing to configure
- nothing to moderate
- completely transparent to real human with real browser
- zero server overhead
- can protects ALL forms: registration, login, search, etc...

only this method can.
(2009-05-14, 02:36 AM)Scoutie44 Wrote: [ -> ]... but MyBB hasn't experienced any problems with bots yet ( to my knowledge ) ...

correct. but i really do not want to wait for that to happen.

Tomm M

2009-05-14, 09:41 AM
(2009-05-14, 02:43 AM)dennyhalim Wrote: [ -> ]- completely transparent to real human with real browser

I've just been reading up on this, and it's certainly an interesting idea - for a blog. I have Askimet on my blog and every forum I've setup, and it's never failed me once.

I haven't seen a demo of this, or really seen it in action, but what if I disable javascript on my browser (which I frequently do)? It's poo'd...

dennyhalim

2009-05-14, 09:50 AM
(2009-05-14, 09:41 AM)Tomm M Wrote: [ -> ]I've just been reading up on this, and it's certainly an interesting idea - for a blog. I have Askimet on my blog and every forum I've setup, and it's never failed me once.

I haven't seen a demo of this, or really seen it in action, but what if I disable javascript on my browser (which I frequently do)? It's poo'd...

it'll tell you:
you need to enable js & cookie to be able to post comment/messages/login/etc...etc...
something like that...

but again...
see your stats. i bet less than 5% disable js or cookies.
on my web, it's less than 1%.

only geek want to disable js/cookies. most usual user dont even know anything about js/cookies.
and if your user know how to disable js/cookies, it's certainly easy for them to enable it.

for me... it's worth it.
(also... nowadays, which website you can login without js/cookies?)

btw. you can see it on my wpmu blog http://gobloglah.com
which already experiences multiple up and down hits by spambot very badly.

akismet did do a lot blocking spam at that time.
but i end up with huge cpu/ram usage and suspended by my hosting multiple times.
not to count the time i have to moderate few hundreds spam filtered by akismet. everyday.

Tomm M

2009-05-14, 10:19 AM
(2009-05-14, 09:50 AM)dennyhalim Wrote: [ -> ]see your stats. i bet less than 5% disable js or cookies.
on my web, it's less than 1%.

only geek want to disable js/cookies. most usual user dont even know anything about js/cookies.
and if your user know how to disable js/cookies, it's certainly easy for them to enable it.

Actually, my stats say 9% don't have cookies, and 11% don't have JS.

Your perception of "only geeks" who disable javascript is wrong. Blind/hard of sight users will not be able to use the website. In some businesses, they disable javascript for security reasons (most use IE6 too). People who use keyboard accessibility keys will not be able to use the website. Same goes for those people who use assistive technology.

If I were to use this software on some of the things I've worked on in the past, I probably would have wiped out 75% of the user audience.

Ryan Gordon

2009-05-14, 03:22 PM
(2009-05-14, 09:50 AM)dennyhalim Wrote: [ -> ]it'll tell you:
you need to enable js & cookie to be able to post comment/messages/login/etc...etc...
something like that...

Wrong. MyBB works just fine without javascript. You just don't get all the fancy effects

dennyhalim

2009-05-15, 12:04 AM
i actually read somewhere (i should bookmark it) that someone a blind himself actually using this protecting his blog. i'll dig up see if i can find it again.
(maybe half of those 11% non js users are actually spambot???)

anyway... if js not an option, maybe (if posible) implement only the cookies method?
http://ocaoimh.ie/cookies-for-comments/

or how about these, they do not need js/cookies:
http://www.svenkubiak.de/nospamnx-en/
http://www.poradnik-webmastera.com/proje..._defender/

my only concern is to stop spambot. as most manual human posted spam can be catched with akismet/typepad
Pages: 1 2
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Suggestions and Feedback > ultimate antispam