geo/geo-coop
geo/geo-coop
7
1
Fork 0
Code Issues 55 Pull requests Projects Releases Packages Wiki Activity Actions

Getting lots of comment and email spam for the last two days #122

New issue
Closed
opened 2024-02-07 14:37:19 +00:00 by joshua_davis · 9 comments
joshua_davis commented 2024-02-07 14:37:19 +00:00 (Migrated from gitlab.com)
Copy link

We've been getting a large influx of comment spam, as well as getting some email spam through our website contact form. Anything you can do?

We've been getting a large influx of comment spam, as well as getting some email spam through our website contact form. Anything you can do?
joshua_davis commented 2024-02-07 14:37:19 +00:00 (Migrated from gitlab.com)
Copy link

changed due date to February 14, 2024

changed due date to February 14, 2024
joshua_davis commented 2024-02-07 14:37:20 +00:00 (Migrated from gitlab.com)
Copy link

assigned to @mlncn

assigned to @mlncn
mlncn commented 2024-02-13 02:39:02 +00:00 (Migrated from gitlab.com)
Copy link

marked this issue as related to #105

marked this issue as related to #105
mlncn commented 2024-02-13 02:39:02 +00:00 (Migrated from gitlab.com)
Copy link

@joshua_davis a few days late but i noticed that myself, and mentioned to @MegaKeegMan and @lelkneralfaro who are doing some upgrade work on the site to take a look at that.

Unfortunately the two reliable modules for blocking automated spam without bothering people are already installed.

The usual next step is a CAPTCHA. We have found that a plain text question that any human can answer in a couple tries at most is shockingly effective, and far less annoying and accessibility-impairing than image CAPTCHAs and such, which have not been true bot filters for a few years anyway.

Something like: "What does GEO cover?" and accept "grassroots", "economic", "organizing", "grassroots economic organizing", and any other keywords you want to accept that are specific enough to GEO to stymie bots (so probably not "news").

Could you craft the question(s) and answers you would want to accept as a thinking human, or at least a decently well-read bot?

@joshua_davis a few days late but i noticed that myself, and mentioned to @MegaKeegMan and @lelkneralfaro who are doing some upgrade work on the site to take a look at that. Unfortunately the two reliable modules for blocking automated spam without bothering people are already installed. The usual next step is a CAPTCHA. We have found that a plain text question that any human can answer in a couple tries at most is shockingly effective, and far less annoying and accessibility-impairing than image CAPTCHAs and such, which have not been true bot filters for a few years anyway. Something like: "What does GEO cover?" and accept "grassroots", "economic", "organizing", "grassroots economic organizing", and any other keywords you want to accept that are specific enough to GEO to stymie bots (so probably not "news"). Could you craft the question(s) and answers you would want to accept as a thinking human, or at least a decently well-read bot?
joshua_davis commented 2024-02-20 17:42:43 +00:00 (Migrated from gitlab.com)
Copy link

Let's use this: "What does the G in GEO stand for?" Acceptable answers:
Grassroots, grassroots

Does that work?

Josh Davis
Content Manager
Grassroots Economic Organizing
geo.coop
406-274-3214

...

On 2/12/24 7:39 PM, benjamin melançon (@mlncn) wrote:

GitLab

benjamin melançon https://gitlab.com/mlncn commented
https://gitlab.com/agaric/sites/geo/-/issues/122#note_1769969073:

@joshua_davis https://gitlab.com/joshua_davis a few days late but i
noticed that myself, and mentioned to @MegaKeegMan
https://gitlab.com/MegaKeegMan and @lelkneralfaro
https://gitlab.com/lelkneralfaro who are doing some upgrade work on
the site to take a look at that.

Unfortunately the two reliable modules for blocking automated spam
without bothering people are already installed.

The usual next step is a CAPTCHA. We have found that a plain text
question that any human can answer in a couple tries at most is
shockingly effective, and far less annoying and
accessibility-impairing than image CAPTCHAs and such, which have not
been true bot filters for a few years anyway.

Something like: "What does GEO cover?" and accept "grassroots",
"economic", "organizing", "grassroots economic organizing", and any
other keywords you want to accept that are specific enough to GEO to
stymie bots (so probably not "news").

Could you craft the question(s) and answers you would want to accept
as a thinking human, or at least a decently well-read bot?


Reply to this email directly or view it on GitLab
https://gitlab.com/agaric/sites/geo/-/issues/122#note_1769969073.
You're receiving this email because you have been mentioned on
gitlab.com https://gitlab.com. Unsubscribe
https://gitlab.com/-/sent_notifications/REDACTED/unsubscribe
from this thread · Manage all notifications
https://gitlab.com/-/profile/notifications · Help
https://gitlab.com/help

Let's use this: "What does the G in GEO stand for?" Acceptable answers: Grassroots, grassroots Does that work? Josh Davis Content Manager Grassroots Economic Organizing geo.coop 406-274-3214 <details><summary>...</summary> On 2/12/24 7:39 PM, benjamin melançon (@mlncn) wrote: > GitLab > > benjamin melançon <https://gitlab.com/mlncn> commented > <https://gitlab.com/agaric/sites/geo/-/issues/122#note_1769969073>: > > @joshua_davis <https://gitlab.com/joshua_davis> a few days late but i > noticed that myself, and mentioned to @MegaKeegMan > <https://gitlab.com/MegaKeegMan> and @lelkneralfaro > <https://gitlab.com/lelkneralfaro> who are doing some upgrade work on > the site to take a look at that. > > Unfortunately the two reliable modules for blocking automated spam > without bothering people are already installed. > > The usual next step is a CAPTCHA. We have found that a plain text > question that any human can answer in a couple tries at most is > shockingly effective, and far less annoying and > accessibility-impairing than image CAPTCHAs and such, which have not > been true bot filters for a few years anyway. > > Something like: "What does GEO cover?" and accept "grassroots", > "economic", "organizing", "grassroots economic organizing", and any > other keywords you want to accept that are specific enough to GEO to > stymie bots (so probably not "news"). > > Could you craft the question(s) and answers you would want to accept > as a thinking human, or at least a decently well-read bot? > > — > Reply to this email directly or view it on GitLab > <https://gitlab.com/agaric/sites/geo/-/issues/122#note_1769969073>. > You're receiving this email because you have been mentioned on > gitlab.com <https://gitlab.com>. Unsubscribe > <https://gitlab.com/-/sent_notifications/REDACTED/unsubscribe> > from this thread · Manage all notifications > <https://gitlab.com/-/profile/notifications> · Help > <https://gitlab.com/help> > </details>
mlncn commented 2024-02-20 21:12:43 +00:00 (Migrated from gitlab.com)
Copy link

@joshua_davis Yeah that's good! Always good to have a few more on standby (or in the rotation) in case bots figure one out. We can do each letter, heh.

@joshua_davis Yeah that's good! Always good to have a few more on standby (or in the rotation) in case bots figure one out. We can do each letter, heh.
mlncn commented 2024-02-20 21:28:18 +00:00 (Migrated from gitlab.com)
Copy link

And @MegaKeegMan has enabled that CAPTCHA question too.

Marking this issue confidential just so the question does not get ingested by "AI" bots that will then spit it back out for spam bots.

And @MegaKeegMan has enabled that CAPTCHA question too. Marking this issue confidential just so the question does not get ingested by "AI" bots that will then spit it back out for spam bots.
mlncn commented 2024-02-20 21:28:27 +00:00 (Migrated from gitlab.com)
Copy link

made the issue confidential

made the issue confidential
MegaKeegMan commented 2024-02-21 08:21:58 +00:00 (Migrated from gitlab.com)
Copy link

Relevant config updates in 56bcb1f0b4

Relevant config updates in 56bcb1f0b4fd01942937852401e63e1c0f7a80d6
mlncn closed this issue 2025-02-20 18:03:23 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
drupal10-rebased
drupal10
master
12-comments
old-aug-left-on-local
No results found.
Labels
Clear labels   
A11y

Accessibility-related issues

  
Automated Testing

   
Contributable

Issues with work that can (potentially) be contributed back to Drupal or other FLOSS projects.

  
Contributed

Tag issues where we have contributed work back to FLOSS projects (replace Contributable tag; the Contributed tag can be removed once the contribution is recorded in a blog or something.

  
Decision

An issue that requires a decision be made.

  
Design

Issues that should include a UX/design work or review.

  
Development

   
Drutopia

Issues related to Drutopia features or infrastructure, or are potential Drutopia enhancements (with tag Contributable).

  
IndieWeb

Anything related to interlinking web sites in a broadly IndieWeb fashion, see https://indieweb.org/

  
Infrastructure

   
Launch Critical

Issue that must be done in time for launch.

  
Marketing

   
Needs documentation

When an issue has uncovered something that should be documented in a user guide or the project wiki or anywhere else outside the issue queue.

  
Post-Launch

An issue that needs to be completed, but can happen after launch.

  
status
Abandoned
An issue that has been abandoned and will not be completed.

  
status
Blocked
An issue that is blocked for a reason outside Agaric's control.

  
status
Deploy
An issue that has been tested and is ready to be deployed.

  
status
Doing

  
status
Done

  
status
In Review
An issue that has been completed and is ready for a code and/or design review.

  
status
Needs Clarification

  
status
Test
An issue that has been completed and is ready to be tested.

  
status
To Do
An issue that is an agreed priority and has all information needed to be completed.

  
type
Bug

  
type
Task

  
type
User Story

No labels
A11y
Automated Testing
Contributable
Contributed
Decision
Design
Development
Drutopia
IndieWeb
Infrastructure
Launch Critical
Marketing
Needs documentation
Post-Launch
status
Abandoned
status
Blocked
status
Deploy
status
Doing
status
Done
status
In Review
status
Needs Clarification
status
Test
status
To Do
type
Bug
type
Task
type
User Story
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: geo/geo-coop#122
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?