Spambots(I assume) and view counts. Spambots(I assume) and view counts.
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Spambots(I assume) and view counts.

Started by Johnfromhere, August 27, 2012, 05:46:50 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Johnfromhere

I have had 'Comments' on my Gallery from what I assume are Spambots, advertising websites I wouldn't touch with a barge pole.

They are in the form
Quotequite astonishing photographs.(website link here)\r\nHere is my blog post ... (website link here)

This is despite having a 6 character ReCaptcha string.

I assume that I have to put up with the mindless cretins who do this, however, the point of my posting is to ask if someone can confirm that such 'visits' are not counted as either Album views or File views, as they don't appear to be registering as either.

Many thanks.

John.

Johnfromhere

Sorry, I forgot to give the URL:-

www.jjsphotos.co.uk


Brooklyn

No form of captcha is effective against spambots. The dev team here really should move way from captcha use and implement "question and answer" for both registration and guest comments.

Spambots do not load static files; they don't even load your image(s). They are programmed to send a POST request to the specific file that writes to the database. Review your raw server access logs. You'll find they load only two to four files.

I would suggest disallowing guest writing to your gallery.

Joe Carver

Quote from: Johnfromhere on August 27, 2012, 05:46:50 PM
... that such 'visits' are not counted as either Album views or File views, as they don't appear to be registering as either.

Yes, they would have to load the entire displayimage.php page for the image view counter. As the last poster said, most attempts are made directly at the submit buttons in forms.

Quote from: Johnfromhere on August 27, 2012, 05:46:50 PM
I assume that I have to put up with the mindless cretins who do this...

Yes, because the cretins are paying people to mindlessly solve captchas in bulk. Any captcha must be solvable by a human. Search for "captcha solving service" as one example.

Not all spam can always be stopped (ask the moderators of this forum), but you can increase the degree of difficulty and slow things down a bit.

Spammers want to leave links.
    - Don't allow bbcode to create links
    - The function make_clickable can be disabled by theming or plugin
    - Add *www* and *http* to the list of $lang_bad_words in your language file
    (as a hack to turn off make_clickable
    - Keep the word and comment length low in Config >> Comments
   
I also use reCaptcha that loads the image via AJAX from the Google server. Another thing I am trying is rejecting comments with urls...but that has not stopped the cretins, only slowed them down.


Brooklyn

Joe, you're partially incorrect. The latest versions of both I-am-a-moron-because-I-tried-to-spam-with-the-word-X-R-u-m-e-r- and Scrapebox both have built-in captcha solving capability. I highly suggest considering my opinion in moving away from captcha in favor of user-defined question and answer.

At this time, only Q & A is unbreakable by the top two Russian-made spam programs. These are the top two spamming software utilities currently wreaking havoc on all phpBB, SMF, Word Press, etc forums. They also do not discriminate where php driven galleries are concerned. Both CPG and Menalto are the highest targeted galleries, and both I-am-a-moron-because-I-tried-to-spam-with-the-word-X-R-u-m-e-r- and Scrapebox have automated back-pathing capabilities.

Human spammers equate to less than 1% of all php-based spam. The object is to defeat and defend against automated spam software. Toward that end, captcha is useless and ineffective.

Johnfromhere

Thanks for the information folks.  I'll now mark this topic 'solved'.

Cheers.

John.