[wp-forums] Support forum registration now has a re-captcha on it

James Huff james at automattic.com
Tue Jan 8 04:39:06 UTC 2013 

Not sure if I'm overstepping, but would some of our spam registration bits from WordPress.com help? Keeps spam on the forums to a vast minimum. 

Otto, you'd probably know better than I do. 

________
James Huff
http://macmanx.com
http://automattic.com


On Monday, January 7, 2013 at 8:23 PM, Drew wrote:

> > The one thing that comes to mind is changing bbPress to have the first
> 
> post require approval. That would stop the obvious spammers that we're
> missing anyway.
> 
> I like the concept, but a couple of questions about this approach:
> 
> - Would this go for both posts and topics?
> - Would they get cut off after the first post/topic pending approval?
> 
> 
> 
> On Mon, Jan 7, 2013 at 9:12 PM, Mika Epstein <ipstenu at ipstenu.org> wrote:
> 
> > Require a valid credit card at signup.... (Okay that's sarcasm).
> > 
> > I have a lot of thoughts on the matter, but it really boils down to a few
> > practical concerns.
> > 
> > * Putting barriers between the legit users and making accounts is bad.
> > * Captchas are broken (and not accessibility friendly)
> > * IP blocking/blacklists are imperfect
> > 
> > Akismet does things with the right idea, going by behavior among other
> > measurements, and I'm presuming we have an akismet check on the
> > registration page. (Don't we, Otto?) I don't really have an answer. I've
> > tried all sorts of things, and always ended up hurting real users, which
> > isn't acceptable to me :/
> > 
> > The one thing that comes to mind is changing bbPress to have the first
> > post require approval. That would stop the obvious spammers that we're
> > missing anyway.
> > 
> > On Jan 7, 2013, at 6:56 PM, Drew <xoodrew at gmail.com> wrote:
> > 
> > > @ozh has a pretty good "matching" captcha over on http://scr.im but I
> > think
> > > he told me it was proprietary when I asked about it one time.
> > > 
> > > A matching approach as opposed to typing in letters might be something
> > > worth looking at too.
> > > 
> > > 
> > > On Mon, Jan 7, 2013 at 7:05 PM, Aaron Nimocks <aaron_nimocks at yahoo.com
> > > wrote:
> > > 
> > > > > > On 1/8/13, Otto <otto at ottodestruct.com> wrote:
> > > > > > > I know, but dammit, this is ridiculous.
> > > > > > > 
> > > > > > > Alternative approach suggestions would be welcome.
> > > > > > > 
> > > > > > > Sorry for the brevity and typos, sent from my phone.
> > > > 
> > > > Well the best way to avoid these also takes some programming and might
> > be
> > > > kind of in depth depending on how the user system is done.
> > > > 
> > > > But the bots work by getting the name and ID of the fields to fill or
> > > > field position. So right now the user name is user_login which is
> > > > 
> > > 
> > 
> > pretty
> > > > easy. To make it harder you have to randomize these names and positions
> > > > each load.
> > > > 
> > > > So there are 11 fields to fill, you would randomize their position where
> > > > they are displayed.
> > > > 
> > > > Then the 11 fields you randomize the ID/NAME for each field with some 8
> > > > character random code. The hard part is when you submit the form all
> > > > 
> > > 
> > 
> > those
> > > > ID/NAMES need to match on the processing side. So this is where the
> > > 
> > 
> > time
> > > > consuming programming change would come in.
> > > > 
> > > > There's how you can avoid the majority of spam registrations. Too bad
> > it
> > > > isn't as simple to implement.
> > > > 
> > > > You can manually change some positions and the ID/NAME of user name to
> > see
> > > > how many less you get just to see if you think it is viable.
> > > > 
> > > > 
> > > > Aaron
> > > > _______________________________________________
> > > > wp-forums mailing list
> > > > wp-forums at lists.automattic.com
> > > > http://lists.automattic.com/mailman/listinfo/wp-forums
> > > > 
> > > 
> > > 
> > > 
> > > 
> > > --
> > > -- I've kinda got a thing for WordPress > http://www.drewapicture.com
> > > _______________________________________________
> > > wp-forums mailing list
> > > wp-forums at lists.automattic.com
> > > http://lists.automattic.com/mailman/listinfo/wp-forums
> > > 
> > 
> > _______________________________________________
> > wp-forums mailing list
> > wp-forums at lists.automattic.com
> > http://lists.automattic.com/mailman/listinfo/wp-forums
> > 
> 
> 
> 
> 
> -- 
> -- I've kinda got a thing for WordPress > http://www.drewapicture.com
> _______________________________________________
> wp-forums mailing list
> wp-forums at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-forums
> 
>

More information about the wp-forums mailing list