Bad guys can farm out captcha solving work, and more. Check this out: http://www.accountheadquarters.com/social-networking-accounts/facebook-pva-and-non-pva-accounts/
Deploying a captcha and using Aksimet are prudent, and definitely help, but are still insufficient. I'm giving select power users the ability to boot other users. I think a self-regulating community is the best defense. On Tue, Dec 6, 2011 at 11:40 AM, Alexis <alexismast...@gmail.com> wrote: > Hi Dave, > Thanks for this. I'll get it installed too and send an update to the > list. > > Unfortunately, research at Recaptcha leads me to conclude that > Recaptcha has not been broken. Apparently REAL PEOPLE are being paid > to create accounts and post the spam. I think we need an INVITATION > ONLY sign up or a MODERATED sign up. > > It will mean more work for the moderator, but I think this is the only > way to deal with the spammers. > > Bruno, can you give any guidance on how to implement this? Anyone > else? > > On Dec 5, 8:05 pm, Dave Minor <d...@sus4.net> wrote: >> I've implemented a honeypot in my CE instance tonight and it seems to >> have halted to bot signups (for now -- where's some wood to knock >> on?). I'll report back in a couple of days with the progress. >> >> I installed Grosser's >> pluginhttp://grosser.it/2008/10/06/catch-robots-with-honeypot-plugin/ >> It worked out of the box beautifully, but I modified the plugin so >> that my form names were different from his. >> >> HTH and I'll let you know how it's going. >> >> dm >> >> On Dec 5, 11:47 am, Alexis <alexismast...@gmail.com> wrote: >> >> >> >> >> >> >> >> > If anyone can quote us a price for installing and testing a honeypot, >> > I think my client would pay to end these spam attacks... >> >> > On Dec 5, 9:46 am, Alexis <alexismast...@gmail.com> wrote: >> >> > > Has anyone implemented Honeypot yet? I went towww.projecthoneypot.org/ >> > > and created an account, but there is no rails code there. I looked for >> > > honeypot at github, but the version of CE we are using does not have a >> > > gemfile, so I can't use the honeypot there. >> >> > > I got a honeypot link at the .org site, but I'm not sure how to use >> > > it. Would you convert the link to haml and put it on the forms views? >> >> > > On Dec 2, 12:39 pm, Bruno Bornsztein <bruno.bornszt...@gmail.com> >> > > wrote: >> >> > > > Yeah, akismet helps a little, but it's not as good at recognizing user >> > > > spam >> > > > (especially since all you have on signup is an e-mail and username). >> >> > > > I'd suggest using a honeypot, or trying any of the strategies mentioned >> > > > here: >> >> > > >http://www.scirra.com/blog/61/reducing-website-spam >> >> > > > On Fri, Dec 2, 2011 at 2:37 PM, mike muldoon <mike.muld...@gmail.com> >> > > > wrote: >> > > > > The captcha almost solved my fake account problem, but I'm still >> > > > > getting a few fakes a week. Manually deleting those is managable for >> > > > > the time being. What kind of volume are you seeing after deploying >> > > > > the >> > > > > captcha? >> >> > > > > It looks like Bruno's using akismet, from the rails3 branch: >> >> > > > > add spam flagging to comments and users >> >> > > > >https://github.com/bborn/communityengine/commit/ae55b8446fbf2bf62a7e0... >> >> > > > > Mike >> >> > > > > On Fri, Dec 2, 2011 at 8:43 AM, Dave Minor <d...@sus4.net> wrote: >> > > > > > I've implemented recaptcha to knock down registration spam and it >> > > > > > helped for a couple of weeks but now they've figured a way around. >> > > > > > Has anyone implemented moderated registration or is there another >> > > > > > solution I should be looking at? Don't want to reinvent the wheel. >> >> > > > > > Thanks, >> > > > > > Dave >> >> > > > > > -- >> > > > > > You received this message because you are subscribed to the Google >> > > > > Groups "CommunityEngine" group. >> > > > > > To post to this group, send email to >> > > > > > communityengine@googlegroups.com. >> > > > > > To unsubscribe from this group, send email to >> > > > > communityengine+unsubscr...@googlegroups.com. >> > > > > > For more options, visit this group at >> > > > >http://groups.google.com/group/communityengine?hl=en. >> >> > > > > -- >> > > > > You received this message because you are subscribed to the Google >> > > > > Groups >> > > > > "CommunityEngine" group. >> > > > > To post to this group, send email to >> > > > > communityengine@googlegroups.com. >> > > > > To unsubscribe from this group, send email to >> > > > > communityengine+unsubscr...@googlegroups.com. >> > > > > For more options, visit this group at >> > > > >http://groups.google.com/group/communityengine?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "CommunityEngine" group. > To post to this group, send email to communityengine@googlegroups.com. > To unsubscribe from this group, send email to > communityengine+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/communityengine?hl=en. > -- You received this message because you are subscribed to the Google Groups "CommunityEngine" group. To post to this group, send email to communityengine@googlegroups.com. To unsubscribe from this group, send email to communityengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/communityengine?hl=en.
