#11556 closed enhancement (wontfix)
just some interesting ideas from other spam fighting projects
Reported by: | hpvd | Owned by: | Dirk Stöcker |
---|---|---|---|
Priority: | normal | Milestone: | |
Component: | plugin/spamfilter | Version: | |
Severity: | normal | Keywords: | |
Cc: | Branch: | ||
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description
you already use lots of spam fighting methods but there may be some easy to implement ideas in other projects…
all without having a bad experience for ticket writers / bug reporters / comment writer etc.
In the area of Typo3 there are two (very similar working) extensions which have optimized the way to fight spam. And they don't even use captchas..
Its using (sorry its german):
1) Java-Script check … die meisten Bots verstehen kein Javascript
2) Honey-Pot … Im Formular werden Felder per CSS versteckt. Die meisten bots füllen auch diese für Menschen unsichtbaren Felder
3) Session Check … manche bots senden Form-Daten ohne die Seite selbst zu laden
4) Session Min-Time Check … manche Bots füllen Formulare sehr schnell
5) Session Max-Time Check … manche Bots sind auch "langsam" bzw. verwenden eine alte session
6) Unique Check … Bots geben gerne Information doppelt ein. Z.B. Name = Land
7) Form-Input Renaming … Alle input Felder im Formular werden umbenannt. So wird es für Bots nahezu unmöglich herauszufinden in welches Feld wie sie die Felder füllen solln. So greifen dann die normalen Eingabe-Wert Prüffunktionen auch gegen Spam. Besonders die Honey Pot Felder werden so besser versteckt.
from: http://www.typo3.net/forum/beitraege/diverse_sonstige_module/86222/
You can found the typo3 extension and its English documentation: https://typo3.org/extensions/repository/view/spamshield
Attachments (0)
Change History (4)
comment:1 by , 11 years ago
Component: | general → plugin/spamfilter |
---|---|
Milestone: | → plugin - spam-filter |
Owner: | set to |
comment:2 by , 11 years ago
comment:3 by , 10 years ago
Resolution: | → wontfix |
---|---|
Status: | new → closed |
Wont implement a Javascript test.
comment:4 by , 10 years ago
Milestone: | plugin - spam-filter |
---|
Milestone unset per TracTicketTriage#Milestone.
2 and 3 are already done and very effective.
1, 4 and 5 could probably be added and 1 maybe could help a bit to reduce rejection rate for valid users - 4 and 5 I don't see much potential.
6 and 7 don't fit in the infrastructure very well and I don't see a benefit thus.
Trac data is a bit different from wiki and cms, so some of the tests based on the data don't work well for Trac.
I'll think about a javascript test thought.