- This topic has 6 replies, 3 voices, and was last updated 1 year, 10 months ago by
.
-
Posts
-
-
You know that annoying thing that wants you to verify that you’re a human?
Well, I’m testing that. I’ve gone with a very simple version that should cut down on the number of spam comments we get (y’all don’t see ’em but we do) and it should only appear to guest users. It’s really basic and should thwart the less sophisticated bots with relative ease.
Somewhere, there lies a happy middle. Figuring out how to deal with it now is probably a good idea.
This is subject to change. Feedback and testing welcome, but it’s pretty basic and appears to be effective. I really only want it (and have it displayed) on the comment and recover password pages. (For the latter, it’s a security thing.)
-
-
Yeah, it appears to have worked on one bot and there’s one person who appears to be manually posting with a Russian IP address.
https://geoiptool.com/en/?IP=5.188.210.7
I blocked that IP address – but that’s pretty stupid of me. LOL I know it’s dumb. They’ll just find a new proxy service and use that. I’ll then block that.
Yes, yes I am knowingly setting myself up for a cat and mouse game. I’ll probably end up trying a few different things out but we’re also getting attacked constantly. There have been 56 attacks this month. Most of which come from Russian IP addresses.
That doesn’t mean they’re Russians. I can flip a few settings and appear to be in Russia.
Edit: I also figured out the ads setting! We’re no longer getting them smeared across the page. Go me! They’re now down to a dull roar.
-
Hi all! Saw this post and thought I’d chime in. Two things I did (when I had a WordPress blog) was Install Jetpack as well as limit comments to only registered users and apply a captcha to the sign-up form. Also, it seems that you guys do not require users to confirm their email? That prevents a large portion of spam as well. Using Google is going to be the most efficient and easiest way. What you could do as well is isolate your forum form WordPress. For example:
domain.com (WordPress)
domain.com/forums (Forums)
Just trying to help.
-Thanks!-
PS: As a side note, I see you’re using SSL. Great decision.
-
Thanks for taking the time to respond. I’m avoiding both Jetpack and relying on Google’s CAPTCHA as they can be a pain in the ass. I’m avoiding Jetpack ’cause I already send their data to Google for ads, so I minimize that.
Anyone can comment and the get caught by Akismet pretty easily which is okay.
Registration just puts people in the subscriber role – which doesn’t actually send them anything. They can sign up for notifications, and that takes confirmation. Hmmm…
I will add confirmation, as a precaution, however. Better safe than sorry.
I’m a little confused on forum isolation? Can you elaborate? It *is* on /forums/, unless I’m missing something.
-
-
I’m a little confused on forum isolation? Can you elaborate? It *is* on /forums/, unless I’m missing something.
It is! However, it’s tied to WordPress. What I was talking about was running an isolated (I wasn’t very clear, I apologize) non-connected forum. Such as lets my PHPBB or MyBB separate from your WP install. But that’s just my opinion.
-
Ah, yeah, I considered that but didn’t want to add the complexity and figure I might just keep the updates and security all in one place. I also hate graphics and design, so making a theme was simply out of the questions!
I’m partially colorblind and have no patience for CSS or learning GIMP very well. You do not want to see my design efforts. No, no that’s not something you want to see. I’m pretty sure a third grader would do better than I do. Probably not even a very talented third grader.
I am pretty familiar with SMF and gave it some serious consideration. They call it ‘bridging’ and I pondered it – probably for a total of 20 or 30 minutes. Then, I came to my senses and realized how ugly it’d end up being. It’d be even worse than this!
This site *is* pretty much my best effort! 😉
It’s too late to change now! I’m never gonna master SQL enough to move the comments and topics. Though there aren’t many, I’m kinda partial to ’em. (Also, I’m pretty verbose, if you’ve not noticed.)
-
-
- You must be logged in to reply to this topic.