Spam...?!

A couple of weeks ago I installed esoTalk on a Raspberry Pi just for fun so I could play with it. It’s not very powerful wrt admin features, not sure how much extra vex has added in the way of plugins and firewalls but the core forum software has very few features to help with these spam attacks.

Thanks for helping to clear out the spam @jpearman

It’s easy to do during the day when I’m working, but the earlier attack happened when I was away from the computer for an hour or so, when I came back the forum was a mess. If an attack happens during a time when mods or admins are not watching… well, not something I want to think about.

James puts the whole forum on his back. :slight_smile:

there is a captcha plugin for EsoTalk here https://github.com/tvb/reCAPTCHA it shouldnt be too hard to install, eventually you will run into captcha farms which a simple question system would keep out (i cant find a plugin for this)
also a honeypot helps https://github.com/ciruz/esoTalk-Honeypot

another one down.

I saw. Can’t you disable their account?

I did. Then another account is created and it starts over. Admins really need to suspend the creation of new accounts until a fix is found or manually approve each one.

I really hope we see a sweeping change by VEX like this or something similar to solve the problem.

Yay! Another spammer!

wbvcfg25

This is actually getting a little silly. I assume the attack is all from the same domain, the messages are all similar (and unreadable). I emailed Dillon a couple of hours ago but no response, registration needs to be closed at this point.

When I went into one of the ones before, Google said it was in Korean and then translated it for me and it said something about a casino. I’ll translate another if one comes up

Agreed

Wow a big batch just hit. When I translated it it says “888Won.com casino sites”

Also I went to the site and it is a game called World Casino

Go to dinner, see what happens. I emailed Dillon and Karthik again but I won’t be around now for a couple of hours so the spam will probably continue.

thers anonther one

Isn’t he getting bored of this!!!

Do you mean me? There is no one person behind the spam, it’s all “bots” they never get tired.

Never Mind =P

You are right about that, but there must be a human behind it. Somebody had written a code to circumvent esoTalk’s honeypot or any other protections.

Somehow, I wouldn’t be surprised if there is a script-kiddie or two reading this thread and enjoying watching us scramble.

Now, we have many very talented young people here who are smart, hard working, and dedicated to robotics. If even 5% of them decide to learn how to write php plugins for esoTalk, I am sure we could have very well protected forum in a very short period of time. :slight_smile: