Jump to content


Photo
* * * * * 2 votes

Report form need a captcha to stop spambots


  • Please log in to reply
31 replies to this topic

#1 IPBSupport.de

IPBSupport.de

    Spam Happy

  • +Clients
  • 559 posts

Posted 08 August 2012 - 07:03 AM

Like my Feedback in July 2010 (Security Problem on the "Share this link via Email" Page), we now need a captcha for the "Report" forms.

I get a lot of spam messages from spambots since yesterday - all bots reporting posts... :angry:

So: Please add a captcha to the "Report" form(s)!
  • Wolf, TSP and MisterPhilip like this
Helge Holst
IPBSupport.de Organization

| German IP.Board Support | German Language Packs | My Amazon Wishlist |

"Programmining is similar to sex, if you make a mistake you have to support it for the rest of your life!"

#2 digifredje

digifredje

    IPB Full Member

  • +Clients
  • 124 posts

Posted 08 August 2012 - 08:10 AM

Had it too.
I changed the settings in ACP so "Guests" can no longer report something.

#3 IPBSupport.de

IPBSupport.de

    Spam Happy

  • +Clients
  • 559 posts

Posted 08 August 2012 - 02:17 PM

Yes, this is a workaround, but i made good experience with guests as "reporter" of content, so i would not miss it.
Helge Holst
IPBSupport.de Organization

| German IP.Board Support | German Language Packs | My Amazon Wishlist |

"Programmining is similar to sex, if you make a mistake you have to support it for the rest of your life!"

#4 guest of honour

guest of honour

    IPB Newbie

  • +Clients
  • 17 posts

Posted 19 August 2012 - 11:37 AM

Can you tell us how you did it?


Thanks

#5 IPBSupport.de

IPBSupport.de

    Spam Happy

  • +Clients
  • 559 posts

Posted 19 August 2012 - 04:02 PM

Change the "Guest" group setting "Can submit reports?" to "No".
Helge Holst
IPBSupport.de Organization

| German IP.Board Support | German Language Packs | My Amazon Wishlist |

"Programmining is similar to sex, if you make a mistake you have to support it for the rest of your life!"

#6 Wolfie

Wolfie

    Don't get mad, get N*Raged!

  • +Clients
  • 12,500 posts

Posted 19 August 2012 - 05:00 PM

I get a lot of spam messages from spambots since yesterday - all bots reporting posts... :angry:

Talk about stupid. A spammer (or spambot) using the report feature for spamming is like a crook robbing a bank leaving his drivers license at the scene of the crime along with directions to where he's going to be hiding out at.

Being able to enable/include/add some sort of spam prevention on various pages for guests would be useful. Report feature being one of them.
  • Wolf, IPBSupport.de and Marcher Technologies like this

٩(͡๏̯͡๏)۶ Click here to browse or purchase IPS software. ٩(͡๏̯͡๏)۶
n-raged.com
- Dacity.Com

♪ Me and you ♪
♪ a two-man crew ♪
♪ side by side we're unified ♪
♪ and we will never be divided ♪

Spoiler

CLICK HERE AND VOTE IP.BOARD AS BEST FORUM SOFTWARE FOR 2013!!!


#7 bigPaws

bigPaws

    IPB Full Member

  • +Clients
  • 159 posts

Posted 23 August 2012 - 06:11 PM

+1 to this idea. I think it's important to allow guests to report content and therefore it would be good to have a Q&A challenge on there to stop spam bots.
  • Wolf likes this

#8 Sandi_

Sandi_

    Code Addict

  • +Clients
  • 1,099 posts

Posted 23 August 2012 - 06:16 PM

Think it is best to just set Guests can send reports to "No." More than that is bloating the code with a second path to the same objective.
  • Jay likes this

Twenty years ago we had Johnny Cash, Bob Hope and Steve Jobs.

 

Now we have no Cash, no Hope and no Jobs. PLEASE! Don't let Kevin Bacon die.


#9 bigPaws

bigPaws

    IPB Full Member

  • +Clients
  • 159 posts

Posted 23 August 2012 - 06:47 PM

It's not the same thing though. Guests might spot something a member doesn't see and therefore should be given access to report content...
  • Wolf and TSP like this

#10 Sandi_

Sandi_

    Code Addict

  • +Clients
  • 1,099 posts

Posted 23 August 2012 - 07:24 PM

It's not the same thing though. Guests might spot something a member doesn't see and therefore should be given access to report content...


I disagree. We don't know who guests are, and are as likely as not to be spammers. The only perms I give to guest is "View." Any more permission that that for guests is just asking for thouble.
  • Jay likes this

Twenty years ago we had Johnny Cash, Bob Hope and Steve Jobs.

 

Now we have no Cash, no Hope and no Jobs. PLEASE! Don't let Kevin Bacon die.


#11 Wolfie

Wolfie

    Don't get mad, get N*Raged!

  • +Clients
  • 12,500 posts

Posted 23 August 2012 - 07:48 PM

I disagree. We don't know who guests are, and are as likely as not to be spammers. The only perms I give to guest is "View." Any more permission that that for guests is just asking for thouble.

I think it would be best as an option. For sites where an admin feels as you do, they just disable guest access and they're done with it. For admins that want to allow guests access to certain things such as reporting content, be able to force some sort of verification to reduce the chances of it being a spammer.

Not taking sides on who is right/wrong, since each community is unique and what works for one site may not work for another.
  • Wolf likes this

٩(͡๏̯͡๏)۶ Click here to browse or purchase IPS software. ٩(͡๏̯͡๏)۶
n-raged.com
- Dacity.Com

♪ Me and you ♪
♪ a two-man crew ♪
♪ side by side we're unified ♪
♪ and we will never be divided ♪

Spoiler

CLICK HERE AND VOTE IP.BOARD AS BEST FORUM SOFTWARE FOR 2013!!!


#12 Sandi_

Sandi_

    Code Addict

  • +Clients
  • 1,099 posts

Posted 23 August 2012 - 09:08 PM

To each their own I guess, it just seem to me that allowing guest to "report content" (or any other posting) is sorta like allowing a rabbit to go to the store for a head of lettuce. (w00t)

Twenty years ago we had Johnny Cash, Bob Hope and Steve Jobs.

 

Now we have no Cash, no Hope and no Jobs. PLEASE! Don't let Kevin Bacon die.


#13 TSP

TSP

    Needs Serious Help

  • +Clients
  • 1,042 posts

Posted 23 August 2012 - 11:03 PM

I think it would be best as an option. For sites where an admin feels as you do, they just disable guest access and they're done with it. For admins that want to allow guests access to certain things such as reporting content, be able to force some sort of verification to reduce the chances of it being a spammer.

Not taking sides on who is right/wrong, since each community is unique and what works for one site may not work for another.

Why would you need a new option? (Correct me if I misunderstood)Isn't captcha already used on posting by default? And you already can decide to let guests report. Couldn't we just do it as easy as "if guest report, show him our default guest spam prevention thing"?

I support the ability to enable guest reports.

I am administrator TSP on the norwegian IPB 3.4.5-board Diskusjon.no.


#14 Wolfie

Wolfie

    Don't get mad, get N*Raged!

  • +Clients
  • 12,500 posts

Posted 23 August 2012 - 11:18 PM

To each their own I guess, it just seem to me that allowing guest to "report content" (or any other posting) is sorta like allowing a rabbit to go to the store for a head of lettuce. (w00t)

More like allowing a shopper to get a member discount without needing to use a membership card. Some businesses all it because they see it as good business while others don't because it's seen as an incentive to become a member.


Why would you need a new option? (Correct me if I misunderstood)Isn't captcha already used on posting by default? And you already can decide to let guests report. Couldn't we just do it as easy as "if guest report, show him our default guest spam prevention thing"?

I support the ability to enable guest reports.

I'm referring to anything that can be enabled for guests that doesn't already offer/support spam prevention when enabled. Reporting content would be one of them. So I'm referring to having it be consistent in usage.
  • Wolf likes this

٩(͡๏̯͡๏)۶ Click here to browse or purchase IPS software. ٩(͡๏̯͡๏)۶
n-raged.com
- Dacity.Com

♪ Me and you ♪
♪ a two-man crew ♪
♪ side by side we're unified ♪
♪ and we will never be divided ♪

Spoiler

CLICK HERE AND VOTE IP.BOARD AS BEST FORUM SOFTWARE FOR 2013!!!


#15 TSP

TSP

    Needs Serious Help

  • +Clients
  • 1,042 posts

Posted 24 August 2012 - 02:08 AM

More like allowing a shopper to get a member discount without needing to use a membership card. Some businesses all it because they see it as good business while others don't because it's seen as an incentive to become a member.

Well. For posting I could agree on that, but this is reporting content to the staff of a site. Would I need to buy a membership card at the police to report a crime?

I'm referring to anything that can be enabled for guests that doesn't already offer/support spam prevention when enabled. Reporting content would be one of them. So I'm referring to having it be consistent in usage.

You already have the setting "Guest posting bot control". I can't see why you would need anything other than that.

The rule here should be simple. When a guest submits content to a site, whether it be a comment, a forum post, a report, or whatever else guests can use to add content to the site, you simply go "Show the spam prevention method chosen in CAPTCHA if guest posting bot control is enabled."

Anything more complicated than that, (say you want a different kind of spam prevention method on different types of content), is what someone could make a hook for.

There is really no need for additonal settings here, in my opinion.

I am administrator TSP on the norwegian IPB 3.4.5-board Diskusjon.no.


#16 Wolfie

Wolfie

    Don't get mad, get N*Raged!

  • +Clients
  • 12,500 posts

Posted 24 August 2012 - 07:10 AM

Well. For posting I could agree on that, but this is reporting content to the staff of a site. Would I need to buy a membership card at the police to report a crime?

I was responding to someones use of a grocery store as an analogy with one that would be more appropriate to the situation. What I used was to be a generalized concept instead of something specific.


You already have the setting "Guest posting bot control". I can't see why you would need anything other than that.

The rule here should be simple. When a guest submits content to a site, whether it be a comment, a forum post, a report, or whatever else guests can use to add content to the site, you simply go "Show the spam prevention method chosen in CAPTCHA if guest posting bot control is enabled."

Anything more complicated than that, (say you want a different kind of spam prevention method on different types of content), is what someone could make a hook for.

There is really no need for additonal settings here, in my opinion.

You're essentially agreeing with me while thinking you are disagreeing.

Option to enable (or not) spam prevention for posts, comments (where appropriate), reporting content, etc. Someone may want to allow the use of certain areas without it being enabled. The method of prevention though, would be consistent. More times than not, you'd expect it to be all or nothing, but there could be areas where the admin feels it is unnecessary for some reason. Don't take that control away from them, but do remain consistent with the method used. If many get past the spam prevention method chosen, then obviously it's not working and another one needs to be used.

٩(͡๏̯͡๏)۶ Click here to browse or purchase IPS software. ٩(͡๏̯͡๏)۶
n-raged.com
- Dacity.Com

♪ Me and you ♪
♪ a two-man crew ♪
♪ side by side we're unified ♪
♪ and we will never be divided ♪

Spoiler

CLICK HERE AND VOTE IP.BOARD AS BEST FORUM SOFTWARE FOR 2013!!!


#17 IPBSupport.de

IPBSupport.de

    Spam Happy

  • +Clients
  • 559 posts

Posted 21 September 2012 - 02:46 PM

Thank's for the discussion... But summarized, there are only 2 options:
  • Removing the complete option for guests to report anything from IP.Board and the IPS.Apps or
  • Adding a Captcha
Option 1 (removing) make no sense - guests often reporting content which members (maybe) not do/see/find. And as i said, this could (maybe) a legal problem if a person must register before he can report any abuse.

(and just for the records: i'm wondering if there are not more members/customers here with this problem, i get so many spam from guest reportings - it's really frustrating and disturbing me and my admins/moderators)

Attached Thumbnails

  • Bildschirmfoto 2012-09-21 um 21.38.49.png
  • Bildschirmfoto 2012-09-21 um 21.39.12.png

Helge Holst
IPBSupport.de Organization

| German IP.Board Support | German Language Packs | My Amazon Wishlist |

"Programmining is similar to sex, if you make a mistake you have to support it for the rest of your life!"

#18 Jυra

Jυra

    Needs Serious Help

  • +Clients
  • 2,634 posts

Posted 21 September 2012 - 03:35 PM

Doesn't seem frequent, but I've seen it. I do wish to keep reporting open to guests. At the moment it isn't a concern of mine.
"If you want to make enemies, try to change something." - Woodrow Wilson
"Success is the ability to go from one failure to another with no loss of enthusiasm." - Winston Churchill
"An error doesn't become a mistake until you refuse to correct it." - Orlando A. Battista
"If you could kick the person in the pants responsible for most of your trouble, you wouldn't sit for a month." - Theodore Roosevelt

#19 Wolfie

Wolfie

    Don't get mad, get N*Raged!

  • +Clients
  • 12,500 posts

Posted 30 September 2012 - 04:42 PM

Option 1 (removing) make no sense - guests often reporting content which members (maybe) not do/see/find. And as i said, this could (maybe) a legal problem if a person must register before he can report any abuse.

How could it possibly be a legal problem? Here's how I see it..

Any content that is viewable only by a guest but not by a registered member should only be content that the admin put there. If an admin is using a "Guest message" hook, then that's not something that you can report anyway.

If someone (as a guest) stumbles upon something that could be a legal issue (copyright infringement), then that person either owns the rights and thus would need to send a notice (which would be done by email) or they're just wanting to be helpful and can always opt to send an email if they don't want to register. If they submit a report, certain information is going to be collected anyway (IP address for example) so no matter which way they go, they're leaving some sort of a trail.


I'm not saying that guests shouldn't be able to report content, only that if an admin wants to restrict it from guests, then that's up to them. What doesn't make sense to you might make perfect sense to someone else. As in, for your site it might not make sense, but on someone else's site, it might not make sense the other way around.

I believe that when a spam control method is chosen for guests, it should be used anywhere that the admin wants it to be used. As in, if the admin wants it shown when someone posts a message as a guest, then it shows there. If they want it to show when leaving a comment on something (blog/calendar/downloads/gallery) then it shows up in all those places. Same with reporting content. Should be able to decide when it shows up. The method used though should remain the same. As in, not one captcha method for posts, then another for leaving comments, with yet another for reporting content. All the same but only used where the admin wants it used.
  • IPBSupport.de likes this

٩(͡๏̯͡๏)۶ Click here to browse or purchase IPS software. ٩(͡๏̯͡๏)۶
n-raged.com
- Dacity.Com

♪ Me and you ♪
♪ a two-man crew ♪
♪ side by side we're unified ♪
♪ and we will never be divided ♪

Spoiler

CLICK HERE AND VOTE IP.BOARD AS BEST FORUM SOFTWARE FOR 2013!!!


#20 Wolf

Wolf

    Advanced Member

  • Members
  • PipPipPipPip
  • 306 posts

Posted 30 September 2012 - 04:59 PM

I believe that it should be added as an option to have a captcha on the report form for guests, just as it is for "forgot password", and other functions that can be abused by automated programs. This would (ideally) be able to be enabled/disabled in settings, like any other options in IP.Board. I currently have the ability for guests to report posts turned off, mainly because if I don't, spam bots will (and they have before I turned it off) fill in the report form with spam. I for one would love to be able to turn the ability for guests to report posts on, with the CAPTCHA option so I don't have to worry about spam. My community exists just as much for reading as it does posting, and there are many 'guests' who read posts every day, but never register because they don't intend on posting... these 'guests' are just as much of the reason I started the community as the members are.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users