This Is What Happened With The Forum I Advertised Here Ages Ago

[Jonathan90]

Just found this forum again after getting an email about this September raffle. I joined a long time ago (October 2012 looking at profile) to promote this forum I created which didn't go very well. I still remember members saying it wouldn't get many visitors. However this forum eventually got thousands of users which were spam bots that took over the forum spamming it with money advertising. My forum eventually got disabled as they got out of control and impossible to all ban. I just wonder how I could have avoided this back then.

 

[VirusZero]

Don't take this the wrong way but every forum gets hit with spambots. It's inevitable that bots will come. The question then becomes what to do about it. In this case since you mentioned so many were able to register and post I have to ask if you used email verification or had group permissions set so they could post right away. If not those would be pretty major reasons why so many bots were able to get through.
Also what software (or forum host) were you using? And, by extension, what anti-bot/spam measures did you have in place?

 

[Jonathan90]

Don't take this the wrong way but every forum gets hit with spambots. It's inevitable that bots will come. The question then becomes what to do about it. In this case since you mentioned so many were able to register and post I have to ask if you used email verification or had group permissions set so they could post right away. If not those would be pretty major reasons why so many bots were able to get through.
Also what software (or forum host) were you using? And, by extension, what anti-bot/spam measures did you have in place?

I used a free host that's no longer in use called Forum Build but back then never thought about bot measures.

 

[VirusZero]

Ah, they may not even have had very good anti-bot measures to begin with. So there might not really have even been much you could have done. I mean it's not going to make enough of a difference if the host has no anti-spambot measures to keep them from trying.

 

[Reverie]

Back then I just had enough moderators with different time zones and they were to delete posts made by bots and ban them/prevent them from posting.

From that point you could delete the bots.

Luckily now there is more prevention, but the select few still get through. It usually isn't that bad. Members notice it as spam as well and report them early on too.

 

[KnownSyntax]

Did you use some form of a free forum hosting? I'm not sure if any paid web hosting would have cared about what was on your hosting account, since I highly doubt any spam bot links to anything illegal. Although, I've seen plenty of people take thos spam bot posts and show them into a hidden area to boost their actual forum count numbers.


Maybe try again and see if the idea catches on more?

 

[Azareal]

There's an old phrase. You get what you pay for.
Even with the free software, you get a degree of freedom far greater than when the entire pipeline is controlled by a free host.

I've seen plenty of people take thos spam bot posts and show them into a hidden area to boost their actual forum count numbers.

Pro tip: You can just modify those numbers, in fact you can have "2 billion posts" when you merely have ten. I don't bother as it's pointless, in fact the only one who can really see statistics is me as it's just noise to everyone else.

 

[Jonathan90]

Did you use some form of a free forum hosting? I'm not sure if any paid web hosting would have cared about what was on your hosting account, since I highly doubt any spam bot links to anything illegal. Although, I've seen plenty of people take thos spam bot posts and show them into a hidden area to boost their actual forum count numbers.


Maybe try again and see if the idea catches on more?

I haven't thought about starting a new forum recently but it would be hard to get moderators these days. Back then I had someone from this center I went to which I made global moderator. Used to like the PHPBB forums due to fact they have good rank colours.

 

[Jerlene]

There are always anti-spam mods and features you can use. Require admin approval for all registrations.

 

[Kaynil]

Sorry to hear that's what happened. It sounds like it got overwhelming. For some members here that have been managing forums during years it might become like second nature the measures to minimise and keep under control bots and stuff.

The problem going for a free host that isn't wildly used is that is more likely people didn't like it because it was limited/vulnerable by comparison to other options rather than being a gem. You mentioned that when you advertised your community even then some members were being skeptic, it might have to do with the software.

Basically the standard measures are
1. To have at least the confirmation of email enabled. It is so standard in communities that most people is used to them so they won't mind.
2. Have some sort of anti-bot measure in the registration form. For example some sort of CAPTCHA or at least the "answer this question" kind of random prompt with questions that can't get the exact answer just by pasting the question into google.
3. Report system and staff that understand hiw to deal with it.

Even with those measures a forum could get a wave and then you'd need to add more restrictions to keep under contric while you try to find what is not working.
Those keasures woukd typically be
1. Restrict posting to awaiting moderation for the newcomers.
2. Restrict the use of lunks, img, etc to trusted users
3. Temporarily make registrations to have to be approved by the staff.

I am just mentioning all this because you mentioned that you didn't know what could have been done, so I hope this can be of help if you decide to make a new community.

Also, welcome back. ItsI so cool that you came back with that email. I hope you enjen your time here.

 

[Azareal]

To have at least the confirmation of email enabled. It is so standard in communities that most people is used to them so they won't mind.

Email verification is obsolete. The only reason I do it is so that people can reset their passwords, otherwise they'll forget their passwords and will come complaining to me about it.

Any spambot worth their salt can deal with email verification.

 

[Kaynil]

To have at least the confirmation of email enabled. It is so standard in communities that most people is used to them so they won't mind.

Email verification is obsolete. The only reason I do it is so that people can reset their passwords, otherwise they'll forget their passwords and will come complaining to me about it.

Any spambot worth their salt can deal with email verification.

True. Sadly the same can be said about some of the capcha. However I would still recommend it, even if those emails are disposable so long they're functional they're still an extra field you can use to notice patterns assign filters so they can't register. As a new forum administrator it is a good way to learn the usual flags.

 

[fantanoice]

Another thing you can have is add a 'human answerable question' to the sign up process. Just be prepared for potential dumb humans failing it. I had one that was, "What is the 3rd planet from the sun" and got a complaint from someone who couldn't answer it.

 

[Azareal]

"What is the 3rd planet from the sun"

Mercury, Venus, Earth, Ceres (dwarf planet, it got promoted from asteroid), Jupiter, Saturn, Uranus, Neptune, Pluto (dwarf planet). And then, there's the dwarf planets Eris and Sedna beyond Pluto. There's probably some I missed.

By the way, spambots know how to use Google.

 

[Jason76]

Backward questions like, "What is the word red spelled backward?" usually work good enough. But for sure, don't trust default questions like MyBB's "What is 2 + 2?".

OK, as for captchas, I don't like them, but a short one is fine - but those might be ineffective.

 

[fantanoice]

By the way, spambots know how to use Google.

Oh yeah for sure. Machine learning is just going make them more and more resilient.