I was curious why the spam is just non-stop, so I registered a new account to familiarize myself with it. Turns out neither of the spam prevention methods for Simple Machine Forums are even in place. There is no CAPTCHA or security questions, even as simple as a math question. It's just a simple form that any bot can use (i even entered in all my data via HTML like a bot would).
Why is is the CAPTCHA feature disabled, as well as Verification Questions?
Good show, Jordan. I have a daytime job reporting :P
That's indeed annoying. I had no idea, it's so easy to create an account. That explains the recent spamming.
Holy cow, this is so annoying!!!! >:( I'd really love to hear someone of the staff members about that.
Two for today. And it's noon here. >:(
At this point I'm starting to think they allow easy registrations for the hope of new users quickly, at the risk of spammers. I do know CAPTCHA/Security Questions can turn away potential users. But in this day in age it should be required and those users not interested in security may not be the best people to hold accounts for.
Enabling these features takes no time, and effort really, so I see no excuse. Kinda sad really. We already know these bots are scraping content to use in their data mining and further spamming of sites and phishing for data. Our user agreements already shed Planetside of any liability for security and legal issues with our forum posts, as well as stating they do not monitor any posts. Lol So maybe they're just sticking to those guns, and don't care.
Well, maybe staff just doesn't get to it, due to ther stuff taking time. But I surely hope they'll set registration restrictions rather sooner than later. Must be annoying for them to get all the reports about spammers.
Get to it, guys!
Wish there wasn't a 20 second timeout between reports. That's only 3 reports a minute.
Maybe they do that because otherwise someone may cause a barrage of reports and spam thus. But indeed, sometimes it's annoying to have to wait to send in a next report.
Quote from: Dune on October 28, 2021, 09:11:12 AMMaybe they do that because otherwise someone may cause a barrage of reports and spam thus. But indeed, sometimes it's annoying to have to wait to send in a next report.
Yeah. Especially when your 20 seconds isn't exact and gotta wait another 20.
I'm a little bit confused. Does anyone of the Planetside staff read this? We're happily reporting spammers the whole time, and there is absolutely no official comment to this very justified thread.
Maybe a tutorial will help know exactly what to change and where?
https://www.fastcomet.com/tutorials/smf/security
PS; I don't mean this sarcastically. I'm realistically trying to just help get this done. It's terrifying they are like using quoted text form sites you have just visited and linking to malware.
Honestly, this is not funny anymore. Spammers conquering almost every category of this forum yesterday.
And not even one single statement of the staff about this here in this thread. I'd really appreciate at least a little sign that you're aware of that, and might try to solve the problem.
Agreed!
Seriously. I thought Crisb was here to help manage the forums?
If you guys need help give me limited mod access. I'll sign a contract and NDA if need be. I've been using SMF since I was forced to when YaBB shutdown in like 2005 or something, not to mention have been simply managing forums (I used to develop for IP.Board) since I was a kid.
I am on the forums every day, checking in all day until bed.
Apologies for not commenting on this sooner.
We have a number of anti-spam measures enabled, and used to have ReCAPTCHA as well. Last year it started producing many false positives that preventing lots of people from signing up. The SMF forum software needed to be updated to fix this issue, but the fix wasn't available for some time. While waiting for SMF to release a fix, we temporarily disabled it, and decided to manage the spam manually until we were able to install a fix.
It looks as though the problem has been corrected in SMF 2.1 RC3, and RC4 is now available. We'll try to update to one of these versions soon, and if all goes well we should be able to reenable ReCAPTCHA.
When this issue first came up, I was looking for fixes quite frequently, but I haven't kept an eye on it recently, so this has gone on longer than it should have. One of the reasons this became lower priority is that for quite some time now we have been considering moving to different forum software, and were weighing up the time needed to migrate to new software vs. continue updating SMF and continuing with its various quirks and difficulties. However, given that a lot of time has passed since this ReCAPTCHA issue first came up and we haven't migrated to another solution yet, I think it's best that we update SMF again and try to get this fixed.
Apologies for the inconvenience this has caused, and thank you for reporting spam to us whenever you saw it.
Matt
Great, looking forward to a clean forum! Thanks, Matt.
HumHub would be awesome. :P Really though its really cool sleek modern software. Everyone would have their own pages to upload art too. Staff could make spaces like an art share space, updates space, find tg work/post pitches space, etc.
Thanks Matt!
Good to hear from you!! :) :) :)