On Wednesday, 3 December 2014 at 08:51:13 UTC, Gary Willoughby wrote:
On Wednesday, 3 December 2014 at 08:28:25 UTC, Vladimir Panteleev wrote:
Got it. But we're not going back to reCAPTCHA either. I'm tired of deleting spam by hand.

Please suggest some ideas (or better, send pull requests).

I got fed up of having spam on an old blog so i implemented a simple question, click on Darth Vader. Then i had lots of little images of film icons and would not post anything until Darth Vader was correctly selected. This sounds simple but the order of the images was randomised to stop bots and humans didn't seem to get it. Also if the wrong icon was selected, i presented a countdown on the page of 2 minutes letting them know this is a anti-spam measure and they can't post until the timer reached zero. Anyone managing to post spam to the blog was IP logged and always redirected to the countdown (once redirected and once the countdown reached zero it always reset forever to make it extremely frustrating for them). Yes you have to put in the effort to log IP's but i found there were very few persistent spammers. It honestly stopped all spam on my old blog.

I'm seeing a very large variation of IPs here. The humans seem to be connecting through a botnet, or a large open proxy directory.

125 IPs banned so far on the forum, for all the good that did. I suppose I could now clear the banlist, so that any future visitors happening to have those IPs are not turned away.

For my personal blog, the "Anti-spam" plugin (with no additional configuration) seems to work fine for now, but it relies on its relative obscurity. No canned solution would be suitable for an active forum, it's too high-profile of a target.

Reply via email to