Look, after what happened today, I don't think Curse can continue to be so out of touch with anti-spammer protocol.
As of right now, the first seven (7) PAGES in D3 GD are from the same spamming entity.
7
pages
Now, this sort of thing has been a problem for a long time, but this is certainly the worst incident.
Preventing this is as simple as setting a hardline rule that new members cannot start a thread for X number of days/X number of posts...... after registration. This kind of thing makes this website look JV.
Please do SOMETHING about this. New members will understand why they cannot start a separate topic for their first week, I'm sure.
As someone who actually manages a community platform myself, the platform really dictates how far anti-spammer protocols can go. If the platform doesn't allow for enchanced permissions management (or "trust levels"), then there isn't much they can do without migrating to a new platform.
On a side note, even the founder of discourse.org was asking what was up with all the spam lately. I'm not disagreeing with your statement, but I think there is some new bot or spamming firm on the loose lately and it's hurting everyone with a forum, even mine. The devs for all these different platform need to figure it out so they can stop it the best they can through the coding.
I can assure you, ruksak, that Curse and all its mods are not ignoring this and doing everything they can. However, as Thornagol hinted, this was a new attack that managed to get past the established spam filters.
As you might have noticed, the spam got significantly less in recent weeks - because the Indian love problem solution (c) spam is almost completely covered by the spam system. The Korean spam stuff is something new that hit us unprepared.
Also, it's kind of a bad coincidence as the mods are busy with personal life (d'oh!) concerning the upcoming holidays ;-) However, I just marked several hundred (!) of those spam messages manually, so there's some hope that the system will start catching those bots. If not - keep in mind that all forums (even the official B.Net forums) are hit by those and similar attacks. It's an arms race, and no system can ever be completely spam-free. Especially since there's a thin line between keeping bots out and making the sign-up/posting process awkward and alienating for new users.
Thanks for your post though, great to see all of you caring about the site so much :-) Maybe those who are responsible for configuring/changing the forum software can take up your suggestions about new posts. We'll see, I don't know what's possible/feasible at this point. Thanks for your input!
Oh ....I care, Bags. This is hands down the best Diablo fansite in the world.
I'm not going to pretend to know more than I do, however I do know the best, most tried and true, old fashioned anti-spammer protocol has always been limited permissions for new members.
Are we saying this forum software has no such permissions tuning capability?
This idea that limited permissions is off-putting to new members, not sure I believe that. It certainly looks worse when new members come here and see we're a spammers paradise. I think we need to weigh the positives and negatives of limited permissions with a bit more objectivity. I'm a long time member that knows the staff here is diligent and professional in their volunteer duties, and these antics make me raise an eyebrow in regard to administration competence every time I see it.
Please don't take my harsh words the wrong way, I care and I don't want to see this continue. But....this is a serious issue.
So Cobalt does allow for role restrictions based on post, and date. However, we try to never use these when at all possible. These have proven to reduce community growth while active. A lot of users sign up to make their first thread asking something. When they cant do this, they get turned off for the most part.
With that said, as bagstone has already stated, our spam filter learns as things are reported, unfortunately, this is the first big korean spam that has hit our sites. This was also not a normal spam bot issue, but a direct attack (as it hit other sites). However the issue has been handled now, and the spam filter should be picking up most of them from here on out.
We also have a another system that is being worked on in our local dev environment that should really help the with the reduction of spam accounts being created, though this wont be deployed out till the new year.
the tl;dr Limiting accounts really does not help, Bots will just post comments instead of threads, and it really does put off new users more than it helps. The better solution is to keep improving the current spam system (which works great on a normal day) to handle big attacks better.
Though I would submit that many (most?) people who sign up only to ask a question tend to create threads that end up locked quite quickly, as I have seen time and time again. I'm not sure the quality of offerings from these potential members is worth the loss of site quality suffered upon those of us who do frequent the site often.
It seems like an ill trade off. Just my opinion of course. It sends a message that empty traffic is more important than a quality page. I understand however that there are considerations well beyond the impression such breaches present to regular members.
Hopefully the new systems will subvert future attempts. But if they fail, I implore you, please, consider some sensible approach to permission limits for new members. If a new member wants to ask a question, they would require only the ability to create 1 new thread in order to facilitate them.
Good luck, and thanks for the back-n-forth on this.
Happy Holidays to the staff. Sucks to have to fuss with such things during this time of year, and your work is appreciated.
for heavens sake's don't deploy one of those terrible capcha systems. some aren't too bad, but others are impossible for even me to get by! heck, maybe even a compromise between what ruksak and the mods are discussing: require users to pass a capcha system for either posting or starting new threads for the first week. That way it doesn't alienate new users that would like to create a new thread and it doesn't annoy long-time users (for long).
Yes, I realize, as thornagol said, you're a bit at the mercy of your platform. But nobody makes progress without some suggestions.
for heavens sake's don't deploy one of those terrible capcha systems. some aren't too bad, but others are impossible for even me to get by! heck, maybe even a compromise between what ruksak and the mods are discussing: require users to pass a capcha system for either posting or starting new threads for the first week. That way it doesn't alienate new users that would like to create a new thread and it doesn't annoy long-time users (for long).
Yes, I realize, as thornagol said, you're a bit at the mercy of your platform. But nobody makes progress without some suggestions.
We will never do a normal captcha system. They do not stop bots any more than a good spam system will, no fears there
I think Bagstone and Molster already said most of what needed to be said about this. I'd just like to chime in and say: thanks for flagging the spam and spammers, you have no idea how much it helps us deal with it (without checking the entire forum). And obviously for your patience while we try to sort this out. I'll definitely keep an eye on these during the next few days!
If possible, though, I'd like to suggest that users only flag a spammer once (and preferably the account/profile, not the threads). Once a profile has been identified as a spambot, marking it should remove all of its threads, so no reason to mark all of those.
We've had like 5-10 reports on the same users (due to multiple threads), and it takes longer to check them one by one than it takes to actually ban those users. And it has to be done to ensure nothing gets left behind.
Just figured it would be something worth letting you guys know. And again, thanks a lot for the help!
I think Bagstone and Molster already said most of what needed to be said about this. I'd just like to chime in and say: thanks for flagging the spam and spammers, you have no idea how much it helps us deal with it
I THOUGHT WE WEREN'T SUPPOSED TO TALK ABOUT THE ILLEGAL BOTNET WE USE FOR OUR REVENGE?
Maybe now would be a good time for said permissions? At least until this stops or a better, actual solution rolls out?
Temporary permissions should be enacted IMO. We've been through this before, and nothing stops them. If they can't post, they can't post. You're letting them post. Why?
That same spammer is back flooding general discussion
I know
I don't mean to toot my own horn, but if they had listened to me yesterday, this wouldn't be occurring. They admitted this is an unusual attack, but they don't enact a temporary permission restriction? They're inviting this.
I won't be posting in any forum/thread other than this one on this website until this matter is resolved. I implore others to do the same. Send a message that quality concerns should trump traffic concerns.
Is this occuring on MMO-Champion and Reign of Gaming too? They are both Curse's site and i don't see this flood of spam there. Are mods more active there (i think the userbase is bigger and requires more attention)? Or is this site easily exploitable?
It's been a regular occurence on Dfans to have multiple spam thread, but never this bad. I understand this is a new type of attack and hopefully it will be fixed soon, but i saw a quality decline here in the last few months (cough, quote bug), and it's a shame since it's the best Diablo forum with really good posters and discussions....
As an fyi, when the spam threads appear for a couple minutes or almost instantly disappear, it's the anti-spam measure taking care of them. It's how that trolling idiot who kept spamming the forums flaming me a while ago (thinking I was "censoring his opinion") got that mad - he thought I was actually deleting his threads instantly, when he was fighting an automated mechanism manually. Such a smart boy [Kappa]
But every now and then the bots will switch their formatting, or the text, and then the anti-spam measures take a while to kick in. In these situations, I usually mark 10-20 threads "as spam", to help the anti-spam bot pick those up. Taking a quick look at my "recent actions" on the website, I've marked a few hundred threads/profiles as spammers recently, and I've gotten pretty quick at that (can mark 10-20 all at once), but no matter what I can't stay here all day watching it.
That's why every now and then you'll see things go a little out of control. It's a mixture of the spammers adapting to the anti-spam measures and lack of manual control by us (well, me, since most mods aren't really active or can't deal with this, and Bagstone is afk for a few days).
Just thought you might want to know how things work from our perspective. In regards to actual changes to policies, or doubts on website coding and support (like why MMOChamp or Hearthpwn don't suffer these), you'd have to ask Molster - he's the one in charge of those and who actually has knowledge on that. I know almost nothing about Cobalt and the DFans/HPwn/MMOC structure.
-
View User Profile
-
View Posts
-
Send Message
Wise ElderAs of right now, the first seven (7) PAGES in D3 GD are from the same spamming entity.
7
pages
Now, this sort of thing has been a problem for a long time, but this is certainly the worst incident.
Preventing this is as simple as setting a hardline rule that new members cannot start a thread for X number of days/X number of posts...... after registration. This kind of thing makes this website look JV.
Please do SOMETHING about this. New members will understand why they cannot start a separate topic for their first week, I'm sure.
BurningRope#1322 (US~HC)
Request an invite to the official (NA) <dfans> Clan
As someone who actually manages a community platform myself, the platform really dictates how far anti-spammer protocols can go. If the platform doesn't allow for enchanced permissions management (or "trust levels"), then there isn't much they can do without migrating to a new platform.
On a side note, even the founder of discourse.org was asking what was up with all the spam lately. I'm not disagreeing with your statement, but I think there is some new bot or spamming firm on the loose lately and it's hurting everyone with a forum, even mine. The devs for all these different platform need to figure it out so they can stop it the best they can through the coding.
-
View User Profile
-
View Posts
-
Send Message
ModeratorAs you might have noticed, the spam got significantly less in recent weeks - because the Indian love problem solution (c) spam is almost completely covered by the spam system. The Korean spam stuff is something new that hit us unprepared.
Also, it's kind of a bad coincidence as the mods are busy with personal life (d'oh!) concerning the upcoming holidays ;-) However, I just marked several hundred (!) of those spam messages manually, so there's some hope that the system will start catching those bots. If not - keep in mind that all forums (even the official B.Net forums) are hit by those and similar attacks. It's an arms race, and no system can ever be completely spam-free. Especially since there's a thin line between keeping bots out and making the sign-up/posting process awkward and alienating for new users.
Thanks for your post though, great to see all of you caring about the site so much :-) Maybe those who are responsible for configuring/changing the forum software can take up your suggestions about new posts. We'll see, I don't know what's possible/feasible at this point. Thanks for your input!
-
View User Profile
-
View Posts
-
Send Message
Wise ElderI'm not going to pretend to know more than I do, however I do know the best, most tried and true, old fashioned anti-spammer protocol has always been limited permissions for new members.
Are we saying this forum software has no such permissions tuning capability?
This idea that limited permissions is off-putting to new members, not sure I believe that. It certainly looks worse when new members come here and see we're a spammers paradise. I think we need to weigh the positives and negatives of limited permissions with a bit more objectivity. I'm a long time member that knows the staff here is diligent and professional in their volunteer duties, and these antics make me raise an eyebrow in regard to administration competence every time I see it.
Please don't take my harsh words the wrong way, I care and I don't want to see this continue. But....this is a serious issue.
BurningRope#1322 (US~HC)
Request an invite to the official (NA) <dfans> Clan
-
View User Profile
-
View Posts
-
Send Message
AdministratorSo Cobalt does allow for role restrictions based on post, and date. However, we try to never use these when at all possible. These have proven to reduce community growth while active. A lot of users sign up to make their first thread asking something. When they cant do this, they get turned off for the most part.
With that said, as bagstone has already stated, our spam filter learns as things are reported, unfortunately, this is the first big korean spam that has hit our sites. This was also not a normal spam bot issue, but a direct attack (as it hit other sites). However the issue has been handled now, and the spam filter should be picking up most of them from here on out.
We also have a another system that is being worked on in our local dev environment that should really help the with the reduction of spam accounts being created, though this wont be deployed out till the new year.
the tl;dr Limiting accounts really does not help, Bots will just post comments instead of threads, and it really does put off new users more than it helps. The better solution is to keep improving the current spam system (which works great on a normal day) to handle big attacks better.
-
View User Profile
-
View Posts
-
Send Message
Wise ElderThough I would submit that many (most?) people who sign up only to ask a question tend to create threads that end up locked quite quickly, as I have seen time and time again. I'm not sure the quality of offerings from these potential members is worth the loss of site quality suffered upon those of us who do frequent the site often.
It seems like an ill trade off. Just my opinion of course. It sends a message that empty traffic is more important than a quality page. I understand however that there are considerations well beyond the impression such breaches present to regular members.
Hopefully the new systems will subvert future attempts. But if they fail, I implore you, please, consider some sensible approach to permission limits for new members. If a new member wants to ask a question, they would require only the ability to create 1 new thread in order to facilitate them.
Good luck, and thanks for the back-n-forth on this.
Happy Holidays to the staff. Sucks to have to fuss with such things during this time of year, and your work is appreciated.
BurningRope#1322 (US~HC)
Request an invite to the official (NA) <dfans> Clan
-
View User Profile
-
View Posts
-
Send Message
Curse PremiumYes, I realize, as thornagol said, you're a bit at the mercy of your platform. But nobody makes progress without some suggestions.
-
View User Profile
-
View Posts
-
Send Message
AdministratorI just flagged 2 more for you guys. Trying to help. This is the best Diablo site! Scammers need to get a life!
-
View User Profile
-
View Posts
-
Send Message
Wise ElderIf possible, though, I'd like to suggest that users only flag a spammer once (and preferably the account/profile, not the threads). Once a profile has been identified as a spambot, marking it should remove all of its threads, so no reason to mark all of those.
We've had like 5-10 reports on the same users (due to multiple threads), and it takes longer to check them one by one than it takes to actually ban those users. And it has to be done to ensure nothing gets left behind.
Just figured it would be something worth letting you guys know. And again, thanks a lot for the help!
-
View User Profile
-
View Posts
-
Send Message
Wise ElderTemporary permissions should be enacted IMO. We've been through this before, and nothing stops them. If they can't post, they can't post. You're letting them post. Why?
BurningRope#1322 (US~HC)
Request an invite to the official (NA) <dfans> Clan
-
View User Profile
-
View Posts
-
Send Message
Wise ElderI don't mean to toot my own horn, but if they had listened to me yesterday, this wouldn't be occurring. They admitted this is an unusual attack, but they don't enact a temporary permission restriction? They're inviting this.
I won't be posting in any forum/thread other than this one on this website until this matter is resolved. I implore others to do the same. Send a message that quality concerns should trump traffic concerns.
BurningRope#1322 (US~HC)
Request an invite to the official (NA) <dfans> Clan
It's been a regular occurence on Dfans to have multiple spam thread, but never this bad. I understand this is a new type of attack and hopefully it will be fixed soon, but i saw a quality decline here in the last few months (cough, quote bug), and it's a shame since it's the best Diablo forum with really good posters and discussions....
-
View User Profile
-
View Posts
-
Send Message
Wise ElderPick your poison.
BurningRope#1322 (US~HC)
Request an invite to the official (NA) <dfans> Clan
-
View User Profile
-
View Posts
-
Send Message
Wise ElderBut every now and then the bots will switch their formatting, or the text, and then the anti-spam measures take a while to kick in. In these situations, I usually mark 10-20 threads "as spam", to help the anti-spam bot pick those up. Taking a quick look at my "recent actions" on the website, I've marked a few hundred threads/profiles as spammers recently, and I've gotten pretty quick at that (can mark 10-20 all at once), but no matter what I can't stay here all day watching it.
That's why every now and then you'll see things go a little out of control. It's a mixture of the spammers adapting to the anti-spam measures and lack of manual control by us (well, me, since most mods aren't really active or can't deal with this, and Bagstone is afk for a few days).
Just thought you might want to know how things work from our perspective. In regards to actual changes to policies, or doubts on website coding and support (like why MMOChamp or Hearthpwn don't suffer these), you'd have to ask Molster - he's the one in charge of those and who actually has knowledge on that. I know almost nothing about Cobalt and the DFans/HPwn/MMOC structure.
-
View User Profile
-
View Posts
-
Send Message
Wise ElderWhat were we saying about "turning off" prospective new members?
BurningRope#1322 (US~HC)
Request an invite to the official (NA) <dfans> Clan
Kinda sad to see d-fans getting flooded with spammers ;__;