forum.coppermine-gallery.net

Support => cpg1.5.x Support => cpg1.5 plugins => Topic started by: metropolis2003 on November 06, 2012, 05:42:24 pm

Title: SPAM flood despite the use of reCAPTCHA plugin
Post by: metropolis2003 on November 06, 2012, 05:42:24 pm
I am running various instances of Coppermine on different websites.

The unregistered group is (was) allowed to post comments and I protected posting with the reCAPTACHA plugin.

But all of the galleries are flooded with SPAM each and every day now, the captcha challenge seems to be completely useless.

Is this a bug in Coppermine, the reCAPTCHA module or is reCAPTCHA not to be used anyway anymore because it has been cracked?

Are there any alternatives to avoid spam?
Title: Re: SPAM flood despite the use of reCAPTCHA plugin
Post by: Joe Carver on November 07, 2012, 12:46:12 am
Which version of the plugin are you running? Posting a link to your Coppermine Gallery would not only be helpful,
it is one of the board rules...

How many spams per day / per gallery are you seeing?

Also, try to understand that no captcha system can stop human spammers. Search here
and on the web for the topic and you will find that people are paid to solve captchas.

Title: Re: SPAM flood despite the use of reCAPTCHA plugin
Post by: metropolis2003 on November 07, 2012, 12:54:23 pm
I am using AJAX reCaptcha (recaptcha): v2.0 in Coppermine 1.5.20.

You may have a look at http://www.schloss-einstein-girls.info/cpg (http://www.schloss-einstein-girls.info/cpg) but currently I disabled posting for Guests as this was the only way to stop spamming.

I was getting about 25-50 posts per day and they came in in "waves" (i.e. six - eight posts within a few secondes, then peace and then the same a few hours later).

While I know that there may be paid spammers, I more believe that automated bots are working here because of the "waves" with some posts within a very short time period.

I am surprised that nobody else seem to have this problem as I have it on some websites that are all independent from each other.
Title: Re: SPAM flood despite the use of reCAPTCHA plugin
Post by: Joe Carver on November 08, 2012, 03:07:11 am
The opinions on reCaptcha Groups on Google is that it is mainly human solvers
filling in captchas for robot generated spam.

See this post where someone has tried a different captcha, having not seen it,
I can't say how well it works. I have also posted some other suggestions here in this forum.

http://forum.coppermine-gallery.net/index.php/topic,75376.0.html
Title: Re: SPAM flood despite the use of reCAPTCHA plugin
Post by: Craig Walsh on July 20, 2013, 06:35:27 pm
I just had semi-monthly session deleting hundreds of spam messages.  They seem to be the work of human spammers because each one makes a brief (and often amusingly ungrammatical) comment about the particular image, and then tries to sell fake Vuitton handbags or the other things that spammers "sell."

The comments have one thing in common -- they all include a URL.  That is, I suppose, the whole point of the exercise for the human spammers.  There's no point paying someone to add facetious comments to our Coppermine site if not to direct or increase traffic to their own site.

Is there a way, therefore, of stopping human spammers from including a web address (clickable or otherwise) in their comment?  I use the bad word filter -- similarly, is there a plug in or filter that would stop web addresses or e-mail addresses?

Our CPG site does not allow registration, and I have periodically shut off the ability for anyone to post comments in the hope that the human spammers would go away.  But when I re-enable comments, they soon come back.

In my perfect world, I'd love to have the ability for folks to add comments -- but comments that do not include web addresses.

We have a CMS site at www.poico.com -- lots of nice comments on the various pages, but folks can't post clickable URL's -- so virtually no spam comments. 

Any suggestions most welcome.  Our CPG site is www.bark.ch.

Thanks,

Craig
Title: Re: SPAM flood despite the use of reCAPTCHA plugin
Post by: Αndré on August 20, 2013, 05:06:55 pm
What's your preferred solution? Disable the clickable URLs, automatically remove them or deny comments with URLs?
Title: Re: Re: SPAM flood despite the use of reCAPTCHA plugin
Post by: scifiguy on August 25, 2013, 07:30:03 pm
What's your preferred solution? Disable the clickable URLs, automatically remove them or deny comments with URLs?
It would be nice if those options were choosable in the adming but if I have to pick one I'd deny comments with URL's.
Title: Re: SPAM flood despite the use of reCAPTCHA plugin
Post by: Αndré on September 03, 2013, 12:07:51 pm
Open db_input.php, find
Code: [Select]
$akismet_approval_needed = 0;and above, add
Code: [Select]
    if ($msg_body != make_clickable($msg_body)) {
        cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
    }

Feel free to adjust the error message.
Title: Re: SPAM flood despite the use of reCAPTCHA plugin
Post by: Joe Carver on October 08, 2013, 12:56:02 am
Is this a bug in Coppermine, the reCAPTCHA module or is reCAPTCHA not to be used anyway anymore because it has been cracked?

Something has gone very wrong with reCaptcha recently - I too am getting a lot of spam through since about a few weeks to one month ago.
Title: Re: SPAM flood despite the use of reCAPTCHA plugin
Post by: Αndré on October 08, 2013, 09:09:36 am
That's maybe an issue at reCAPTCHA rather than the plugin. If it rejects your input if you enter wrong/no captcha code, it works as expected.
Title: Re: SPAM flood despite the use of reCAPTCHA plugin
Post by: Αndré on October 09, 2013, 10:37:30 am
For your information, I just released a new CAPTCHA plugin: http://forum.coppermine-gallery.net/index.php/topic,76723.0.html