Spam attack overnight

[Cannon]

There was a spam attack overnight and I'm cleaning it up now. It will all be gone shortly. Thank you to the members who reported the content, that is the best thing to do! 

This will happen from time to time on the cloud server. There are many advantages (including that the GripBoard could continue existing) but one disadvantage is the cloud-based server is more susceptible to these attacks. 

[Cannon]

I believe this is mostly cleaned up. This was a coordinated attack by about 25 accounts/bots. 

I made a change on the back-end which should help protect against this even better. Basically flood control so even if they get through, they cannot post 50 times.  

Sorry for the disruption but it's a fact of life 

[climber511]

Thanks for all you do

 

[Cannon]

They got us again! I apologize for the disruption. 

The flood control only kind of worked. Any given bot/spammer could only post a few times, but then it seems they just registered more accounts instead.  

I am working with Invision support to better understand their spam detection. During this attack, the software recognized three of the accounts were spammers and did not allow them to register. That's how it's supposed to work. But 3 out of 30 is not that good. 

There are additional registration steps we can use, including ones that are foolproof, but it becomes very manual and really slows down registration. I am working on the right recipe where we catch the bots but also feel like a welcoming community to real people. 

Again, I apologize for the disruption. It's not fun to come here and see all our grip nerd stuff buried in cryptocurrency ads. 

We will win!  

[Blacksmith513]

Thank you for all the hard work 

@Cannonfighting off spammers

 

[Alawadhi]

Thanks for the work @Cannon. I saw few of their crypto wallet spams. Crazy!

[Cannon]

In working with Invision on this, they mentioned THEIR OWN forum was attacked as well. They had the same morning cleaning up a rather large mess. But they did give me some recommendations to strengthen. 

[DrBartlebee]

Wild. Maybe we'll have to start using Captchas or something. You'd think a forum about squeezing stuff really hard would fly under the spammer radar.

[Cannon]

2 minutes ago, DrBartlebee said:

Maybe we'll have to start using Captchas or something.

We do, but they recommended that I switch from reCaptcha to hCaptcha and that change is made! 

[DrBartlebee]

Nice, I hadn't heard of hCaptcha. Thanks for dealing with all that, it sounds annoying 

[Busa]

Thanks again.

The ironhistory uses the approval system did not find an issue with it. Unsure how many people join in a week.

[Cannon]

Just now, Busa said:

Thanks again.

The ironhistory uses the approval system did not find an issue with it. Unsure how many people join in a week.

Yes, that is another option which is under consideration. Iron History members also have to register with their real name so it's a different vibe over there in general. Manual approval would not be unmanageable over here, but it is one more thing which requires time sensitive action and I'm trying to spread myself only as thin as needed. 

[PinchByPinch]

Uh oh 

 

[Cannon]

They're taking advantage of my weakness that I like to sleep! 

Well, additional methods deployed. Failsafe, but more manual ones. 

[Lennix]

9 minutes ago, Cannon said:

They're taking advantage of my weakness that I like to sleep! 

Well, additional methods deployed. Failsafe, but more manual ones. 

Get some European mod ;D I was sitting here watching this and feeling damn Cannon will have alot of cleaning to do when he wakes up xD

[Blacksmith513]

4 minutes ago, Lennix said:

Get some European mod ;D I was sitting here watching this and feeling damn Cannon will have alot of cleaning to do when he wakes up xD

Theres probably some Nigeran prince who'd love to moderate this forum.. All he needs  is a large sum of money first. 

 

Seriously, I hope @Cannon can get this straightened out soon. It must be a lousy thing to have to deal with every morning. 

 

Edited December 19, 2023 by Blacksmith513

[Cannon]

2 minutes ago, Lennix said:

Get some European mod ;D I was sitting here watching this and feeling damn Cannon will have alot of cleaning to do when he wakes up xD

As far as I can tell, @Alex K is a robot and doesn't sleep. We could have robots fighting robots. HAHAHA

Short-term, this should be licked. I'm still working with Invision on strengthening the auto-protection. But with an added manual one, we'll at least get a break. 

[Cannon]

7 minutes ago, Blacksmith513 said:

Seriously, I hope @Cannon can get this straightened out soon. It must be a lousy thing to have to deal with every morning. 

As above, I was really trying to solve with automated solutions. Not only is it a learning experience for me, but it has helped get me up to speed on what is possible. I have added a manual failsafe for the time being so we can have a break and maybe signal to spammers we're not so easy. Maybe they'll move on and bug another forum like the SyTy registry or something.  

[Lennix]

Also, I dont see who is liking/reacting to my posts anymore. Is it just me or is it something to do with the cloud update? 

[Cannon]

2 minutes ago, Lennix said:

Also, I dont see who is liking/reacting to my posts anymore. Is it just me or is it something to do with the cloud update? 

https://www.gripboard.com/topic/65107-reactions-back-by-popular-demand

[Bill Piche]

39 minutes ago, Cannon said:

As above, I was really trying to solve with automated solutions. Not only is it a learning experience for me, but it has helped get me up to speed on what is possible. I have added a manual failsafe for the time being so we can have a break and maybe signal to spammers we're not so easy. Maybe they'll move on and bug another forum like the SyTy registry or something.  

It really does not take that long to manually review as they will use some stupid username that is obvious.  Checking IP address at a glance too.  But, I had said that before and you are the boss now.  

I let you feel the pain this morning on purpose so as to not rob you of the learning experience.  

[Cannon]

16 minutes ago, Bill Piche said:

It really does not take that long to manually review as they will use some stupid username that is obvious.  Checking IP address at a glance too.  But, I had said that before and you are the boss now.  

I let you feel the pain this morning on purpose so as to not rob you of the learning experience.  

There is no doubt, you did tell me 

I just really want the auto-protections to work and the learning experience is good for me. I will keep trying to make them better. 

[anwnate]

20 minutes ago, Bill Piche said:

It really does not take that long to manually review as they will use some stupid username that is obvious.  Checking IP address at a glance too.  But, I had said that before and you are the boss now.  

I let you feel the pain this morning on purpose so as to not rob you of the learning experience.  

Ahhh...tough love. It's ok Matt...family Disney trip is still on.

[Vinnie]

2 hours ago, Blacksmith513 said:

Theres probably some Nigeran prince who'd love to moderate this forum.. All he needs  is a large sum of money first. 

 

Seriously, I hope @Cannon can get this straightened out soon. It must be a lousy thing to have to deal with every morning. 

 

Ah, young Padawan, I remember when the Nigerian Prince letters came in the U.S. mail!  

[odin]

Thanks for all your diligence and hard work Matt. I'm confident you'll find the best possible defense from this infestation.