Home | Rules and Guide | Sign In/Create Account | Write a Post | Reddit | #LD48 | #ludumdare on irc.afternet.org (Info)

Ludum Dare 31 — Coming December 5th-8th 2014! — Join the Mailing List!
  • October Ends: in 31 days, 13 hours, 58 minutes, 57 seconds
  • Ludum Dare 31 begins: in 66 days, 14 hours, 46 minutes, 57 seconds
  • (FYI: Clock might be off) | Ludum Dare 31: Real World Gatherings (Now Open!) | October Challenge 2014!


    Spam Spam Spam

    Posted by (twitter: @mikekasprzak)
    March 15th, 2014 12:57 am

    Hey folks! Apologies for the frontpage spam. We’ve been running anti-spam plugins for several years now, and they’re still catching thousands of attempts, but there’s this really ugly onslaught going on now that none of them can stop. Anyone following the RSS would be wise to discontinue for the time being. We’re deleting the users manually as we see them, but regrettably these bots are way more persistent than us.

    I definitely plan to resolve this, even if that means writing a custom anti-spam plugin. Alas I’m away at GDC this week, so I will not get a chance until I return. Soon though, soon.

    Thank you for your patience.

    More info: The main problem with whats been going on is that anti-spam plugins are for comments typically. It’s very rare to find plugins for stopping signups and bad posts. We have a catchpa, but lately I’ve started running a new plugin that is supposed to catch user post spam (CleanTalk), but you’ve seen the results. *sigh*, looks like we need to take more drastic measures.

    If anyone decides to write a clever new anti-spam plugin while I’m away, please get in touch. ;)

    10 Responses to “Spam Spam Spam”

    1. pythong says:

      how about something like a “report as spam” button? Like the like-heart in the bottom right corner of each post. That’s how they deal with spam in other forums
      In the end, all a moderator needs to do is check every now and then the posts with the most spam counts (though 1 would be sufficient, but who knows about the trolls…)

      • sorceress says:

        There is no problem with us detecting+deleting spam. It’s really quite easy for us to hit the “delete post” or “delete user+posts” buttons when we see spam bots. A report button would not speed this up, and might actually slow us down with inevitable false reports and having to separately manage this list of reported posts.

        The difference with forum communities is structure: that posts there are made to sub-forums, which are not immediately visible from the front page. A report button helps in that instance because it saves moderators trawling through each and every sub-forum.

        The problem for us is:
        1. We can’t be on patrol 24/7, so there will always be a delay between spam being posted and it being deleted.
        2. When a bot strikes, it can fill the front page within minutes.
        3. Spam posts may still get added to the RSS feed, even if we delete them from here.
        4. We shouldn’t need to be manually deleting spam, if algorithms to detect it are actually doing what they’re supposed to do.

        What we need is to identify how the bots are getting past the spam-detecting algorithms we have in place, and adapting.

        • udo says:

          A flag button would do exactly that. You could set it so a post vanishes and gets marked for review only after a certain number of known users click on it. Want to make extra sure? Show the button only to people who have published at least one LD entry by default. The trick here is to make it run automatically.

          > Spam posts may still get added to the RSS feed, even if we delete them from here.

          Institute a small delay before publishing an entry to RSS, to give people a chance to flag it.

          > When a bot strikes, it can fill the front page within minutes.

          How about a post quota? There is no reason for legit user to post to the front page more than twice within a few minutes.

          > We shouldn’t need to be manually deleting spam, if algorithms to detect it are actually doing what they’re supposed to do.

          You can’t completely rely on an algorithm, but together with LD users you can make a system that has an immune response tp to spam and abuse – with the added benefit of needing much less mod intervention.

    2. Osgeld says:

      I forget how wordpress handles it, but on a few forums I help moderate the thing that drives me bonkers is when people reply to the spam posts.

      Its like great there is 10 spam posts all made by one bot in ten seconds, I could clear that up with one button click, but some dingbat user went in and replied “REPORTED” on every single one of them. So now I got to go manually delete dingbats posts, and then the thread *10 and it takes for ever.

      The best thing a community can do is just let the admins and mods do their job, although a report button might be wise if a sneaky one happens to slip by in the night

    3. Will Edwards says:

      How about you can only post if you’ve entered at least one LD or miniLD?

      We all like the ‘I’m in! It’ll be my first time!” comments, so maybe this rule can be disabled by the mods in the few days before an LD, where so many more mod eyes are watching to zap the spam.

    4. drakesword says:

      Captcha + flood detection

    5. DrStahlbart says:

      How about something like “You can’t post without a profile picture!”?
      That’s maybe the easiest way to get ride of all the spam until they update their botsoftware (what hopefully will never happen).
      I mean, no spambot has a picture and uploading an image takes < 1 minute.

    6. TooMuchPete says:

      Why not just make new users “contributors” instead of “authors”, meaning that you’ll need editors to approve legit first posts.

      Once someone’s first post is validated, you can move them to Author.

      That seems a lot less annoying than having to stop reading the LD blog until you sort out some new anti-spam plugin.

    7. Suese says:

      Just go ape-crazy. It’s okay you’ve earned it.

    Leave a Reply

    You must be logged in to post a comment.


    All posts, images, and comments are owned by their creators.

    [cache: storing page]