On Saturday, June 15, 2013 6:17:37 PM UTC+2, Paolo valleri wrote: > > I don't see an approach able to tackle the issue at all,we should > implement several techniques together. > Anyway, what shall we do when a bot is detected? Have we got a sort of > blacklist? If so,instead of starting with an empty list, we could think to > start from a public available blacklist of bot. > ehm. when you detect a bot you don't allow it to post something ^_^. do you want to ban its ip ? sure, can be done, but it's quite a stretch. BTW, I created a stopforumspam plugin that validates to a list of ips and/or emails to sort out if you want to do that kind of check, but I think it's superflous if honeypots works out.
> Il giorno 15/giu/2013 15:51, "Niphlod" <[email protected] <javascript:>> > ha scritto: > >> I have an unrelated (on web2py's side) website that uses captchas from >> google and bots are successfully registering to it (of course, they need to >> be approved first but it's a PITA to remove them anyway). >> There are captcha services that decode the images for you (and your bot). >> >> I'm working on a threaded comments plugin on my spare time and for spam >> prevention I just add some hidden fields that needs javascript to be >> filled. Given that bots running javascript code are a little percentage, >> this should mitigate the issue (at least, a similar technique on the >> aforementioned site is keeping spambots away). >> Small problem, though, users with javascript disabled are left alone. If >> that is fine, I can share the draft code (was waiting to complete the >> plugin before posting to github and here, but if needed that's not a big >> deal) >> >> On Saturday, June 15, 2013 3:37:26 PM UTC+2, Alan Etkin wrote: >>> >>> Is it possible these are not being posted by bots? >>> >>> >>> It would take a very smart bot to pass captcha (no?). Maybe it is >>> possible to change type of captcha used (i.e. random visual tests like >>> those of arithmetics with objects, etc.)?. I'm clueless about >>> authentication beyond the built-in web2py features but I can help running >>> tests against the web2pyslices app if needed. >>> >>> If so, we might need another tactic, such as requiring that a new user's >>>> first post be approved by a moderator. >>> >>> >>> +1 >>> >> -- >> >> --- >> You received this message because you are subscribed to a topic in the >> Google Groups "web2py-users" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/web2py/M2HlsCpqHbM/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> [email protected] <javascript:>. >> For more options, visit https://groups.google.com/groups/opt_out. >> >> >> > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
