Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
Svyatoslav Nemato2016-08-08 15:06:30
PHP
Svyatoslav Nemato, 2016-08-08 15:06:30

How to kick bots out of anonymous chat?

There is an anonymous chat.
Anyone can write there, without registration.
But chat got into the habit of bots, moreover, written specifically for this chat.

What protection is there now:
1. The chat administrator, but it can not always be 24/7
2. The chat is Russian-speaking, so if someone writes more than 2 English words in a row, the message is deleted (English-speaking bots have disappeared once).
3. If someone writes a message more than a given number of letters, gets banned. (easy to get around)
4. If someone writes the same messages or writes messages too often, you are prompted to enter a captcha code (writing different messages from different ip is also costly)
5. When sending a message, a hash sum of the request is generated, which is checked on the server side . (also not hard to get around)
6. All traffic goes through a proxy server, bots with bad headers or without them fly off immediately, even at the stage of passing through the proxy.

Question: How else can I spoil the blood of programmers who write bots for my chat?

Addendum 1.
Administrator rights cannot be transferred to users. Participants are companies, and with administrator rights, they will simply crush competitors.
A lot of comments about registering, this is excluded. Due to the specifics of the chat, no one will be registered.
I liked the idea of ​​tracking which words are most commonly used by spammers and triggering a captcha when they are used.
Sometimes bots just insert text from wikipedia or other sites, without links and emails, to spam the chat. tricks of competitors.
Maybe someone else has ideas?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
L
landergate, 2016-08-08
@makklovskiy

If the behavior patterns are predictable (intervals, phrases, presence of links) - automatically block on detection, but you already kind of do it.
If the patterns are unpredictable, there are few options:

  • Manual moderation. Add more operators to the chat among the guests.
  • Track connection source. It is possible that bots are launched from the same networks. You can block their access to the chat.
  • Minimum entry captcha. It doesn't have to be over-complicated.
  • Block connections to hosts from DNSBL lists and Tor-exit nodes.

Report
X
xmoonlight, 2016-08-08
@xmoonlight

All clearly said landergate !
I'll add to his answer:
1. Make a "spam" button (icon + confirmation dialog box) next to each user message in the chat.
2. If the user received 50% or more votes from other users (to calculate the percentage, we fix the number of users in the chat at the time the user entered the chat room), that he is a spammer, we add this IP to the ban list for 1 hour and we fix the IP and the number of fines in the database.
3. If you get the same IP again: ban for a day, then (with the next fine) - for a month, for 3, for half a year and permanent.

Report
M
Maxim Timofeev, 2016-08-08
@webinar

Do it like on a toaster, let users moderate it themselves. For example the spam button. Received 3 spam messages - deleted
But the most correct way is authorization through social networks. And through those where it is not easy to create a new account.

Report
I
Ivan, 2016-08-08
@LiguidCool

Nothing better than captcha (on first login and beyond) and registration (easily bypassed).
The most effective IMHO is SMS authorization, but this is the risk of being left without users.

Report
S
Svyatoslav Nemato, 2016-08-08
@makklovskiy

Thank you all very much for your replies.
But frail bots are eliminated at the proxy server stage, through which all my traffic goes. He also saves from DDOS attacks (this year he beat off 3 pcs.)
We are talking about bots that completely simulate the user's work.
With good titles.
They write messages with a random interval of 5-15 minutes.
There are no links in the messages, only emails.
Selling socks write [email protected]
What this bot says is about its activity 24/7
Ordinary users also give their mail, so banning on soap is not an option.
There is a recaptcha, but as mentioned above, it appears if the messages are written often or the same.
Constantly entering captcha will infuriate users.
People register at will. To statistics in the chat 1000 guests and 50 users.

Similar questions
M
Mikhail Potapenkov2016-06-13 18:20:30
On initial startup, the OS issues a blue screen 0x0000007B. What does it mean? 4Reply
E
Evgeny Samsonov2015-04-05 17:45:37
What is the name of the USB device? 3Reply
H
Healis2022-01-16 18:03:19
How to apply a gradient to an image so that the gradient does not go beyond the edges? 2Reply
P
paaaffka2020-09-29 10:59:01
Is there a subscription plugin? 1Reply
T
thehighhomie2018-11-30 12:28:13
Plugin to generate PDF from JavaScript? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question