Admin plz stop those Korean SPAM


#22

Agreed, please stop this shitflow.


#23

@shawn, @paige, other admins/moderators, PLEASE grant mod privs to some of us who are on here late at night US time!!! please please please!


#24

That does not resolve the problem. There will just be more people working on removing spam.


#25

Blocking posts and edits with Korean characters in the subject line might be one avenue, another one could be to have a captcha for new users when posting or editing. If they can figure out the captcha then just let them CPU-mine a bit of Equihash for you and let them through after 2-3 Sols...


#26

well at least until there are better automated defenses the problem would be mitigated in the meantime!


#27

$ iptables -A INPUT -s 123.456.789.123/24 -j DROP

Just block the whole country.

#sarcasm


#28

I am working on it again :unamused: . One of the difficulties is Discourse does not give Mods any incoming traffic administrator rights, and I don't know that Admins really have the controls needed to say block an entire IP range.

All I can do is react, and I have the power to promote some users to Leader level but that level can only hide the posts, it does nothing for IP or user Banning. And as you guys mentioned, it does nothing to actually stop the problem.

Someone with server side privileges needs to make some rules to block this traffic, until then we are just treading water.


#29

Go to Admin -> Logs -> Screened IPs

There you can add single IPs, or subnets.

Here you can find whole IP blocks for each country, which is quite a lot.
Or just calculate the closest subnet to each of the spammers.

Free IP2Location Firewall List by Country
Source: http://www.ip2location.com/free/visitor-blocker


#30

@Shawn what kind of spam control are you guys running? Seems like you could run something like Akismet? https://github.com/discourse/discourse-akismet Looks like there's also discussion here: https://meta.discourse.org/t/our-forum-is-getting-bamwar-spam/31566/32 block first post regex of \p{Hangul}{3} looks like a pretty fruitful path.

Here's what another community used for fixes as well: https://discourse.stonehearth.net/t/september-spam-attack/25214


#31

We have Akismet, and the IP banning is also ineffective because they are rotating through different countries.

Thank you for your patience, we are working on the issue.


#32

@radix42 made you mod. I need to step out for a bit so your help is appreciated here!


#33

this spam :dizzy_face:


#34

Maybe a cloudflare ? they have also some anti hack/spam tools, or you can configure a WAF on your server


#35

@ageis is reaching out to Discourse since that's where the forum is hosted. Perhaps we can migrate the forum to Zcash servers if they can't help us so we can look into integrating something ourselves.

Will keep y'all posted!


#36

Thanks, we'll see how much get's through tonight against whatever level the automated defenses are upgraded to!