Cooking Forum
This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!
Admin??
- Thread starter jglass
- Start date
ChileFarmer
Moderator
Maybe, but I see we already have a poster hawking knives. Not sure about the new look will take sometime, to get used to. I had emailed spice place about 4 days ago asking for help. I am sure the change has nothing to do with me asking for help. I really hope it is better. CF
[admin note]
If your Bill, yes. Please contact us if something is amis.
As for spam posts, I wrote about it below. Essentially, that's what the forum is, a place to post messages. Can't automatically determine all spam, although there is a spam filter. The trouble with filters is the spammers get them, and figure out how to get around them. The only thing to do is to delete them is quick as possible and ban the user.
[admin note]
If your Bill, yes. Please contact us if something is amis.
As for spam posts, I wrote about it below. Essentially, that's what the forum is, a place to post messages. Can't automatically determine all spam, although there is a spam filter. The trouble with filters is the spammers get them, and figure out how to get around them. The only thing to do is to delete them is quick as possible and ban the user.
Last edited by a moderator:
chubbyalaskagriz
New member
I really hope the site Admin. takes Janie's question seriously and provides a favorable answer.
I'm finding the new changes cumbersome and awkward but if the issues Janie brought up have indeed been tackled- then I'm all for change.
If not- then I won't put myself through it. This'll be the best logical place for me to jump ship.
So- I'll be patiently waiting for Janie's question to be addressed.
I'm finding the new changes cumbersome and awkward but if the issues Janie brought up have indeed been tackled- then I'm all for change.
If not- then I won't put myself through it. This'll be the best logical place for me to jump ship.
So- I'll be patiently waiting for Janie's question to be addressed.
jglass
New member
I even sent a PM to the ADMIN when I saw they were logged on and got no reply what so ever.
[admin note]
I was probably working on the back end, and that would still show you as loked in. The backend doesn't send notifications. There was lots of things to do after upgrading to the latest vbulletin. The whole process was about 10 hours. As you know, I answered you yesterday morning when I saw the message.
[admin note]
I was probably working on the back end, and that would still show you as loked in. The backend doesn't send notifications. There was lots of things to do after upgrading to the latest vbulletin. The whole process was about 10 hours. As you know, I answered you yesterday morning when I saw the message.
Last edited by a moderator:
Mama Mangia
Super Moderator
Admin has been working very hard with this new look and set-up. It's much "cleaner" looking and it will take a bit to get used to. The best part - there are some MAJOR changes that will effect new members and it will cut down on spammers at least 98% if not more. We may have an occasional jerk step in - but OMG - this is heaven for me!
Mama Mangia
Super Moderator
Janie I wouldn't care if it were neon polka dots and strips over herringbone!
This is the best thing that has happened in a long time - and I am so looking forward to normalcy here again.
You know what they say - if Mama ain't happy then no one is happy - well I am HAPPY and I hope everyone else is happy too!
Not just for me - but for the forum and all of us here that have been together through thick and thin!
This is the best thing that has happened in a long time - and I am so looking forward to normalcy here again.
You know what they say - if Mama ain't happy then no one is happy - well I am HAPPY and I hope everyone else is happy too!
Not just for me - but for the forum and all of us here that have been together through thick and thin!
ChileFarmer
Moderator
I to like the color, Maybe I am a little slow but will master the new format in a few days.
Mama, you happy then so am I. I know you were needing some help. It will be nice to have the forum back. I have learned so much just being here. And made many new friends. CF
Mama, you happy then so am I. I know you were needing some help. It will be nice to have the forum back. I have learned so much just being here. And made many new friends. CF
Mama Mangia
Super Moderator
This is a great site - and I am not saying that because I moderate it.
There are mighty fine people here - we have become a family.
And I just want our family back again!
There are mighty fine people here - we have become a family.
And I just want our family back again!
ChileFarmer
Moderator
Mama, I agree. Although I am kinda new member, I sure enjoy being here. CF
Hi Folks!
So I've upgrade to the latest version of vbulletin, which should have some security fixes. The 4.0 series has been out for some time, yet it was a major change so I delayed upgrading until others had time to find all of the newly added bugs. I would guess there were a few because the used to always provide an upgrade for even the easiest fixes and now they are providing patches. That keeps them from having to bump the version numbers up and muddies the waters, so to say,
So the most major change I made was to user registration. The image verification method re-captcha, that came out of digitizing books at Carnegie Mellon University and displayed words that the software there couldn't convert to text appears to be cracked. So spam bots were able to automatically register.
To stop that, I've changed two options. First, before upgrading, I had made new registered user be moderated. This is what lead me to see that bots were registering. The process was too fast and they were still registering. Second, after upgrading, I put in a Q&A human verification with my own dumb questions. The end result, 12 real people registered yesterday. All were spammers. Almost all from southern Asia (i.e. India, Bangladesh, and Vietnam).
Next I need to find or write a plug in to allow or block signups from a list of allowed countries. Fairly easy to write one. Would rather find one but while I've looked, I haven't found one yet. Once I have that, and see it's working, I ought to be able to turn off moderation of user registration.
Third, I'm watching the internet addresses of new registrations and blocking large chunk in Asia. This is really not a solution because there are so many, but until I have to country blocker in, this is a work around.
Forth, I'm pruning down the users by deleting those that haven't posted at all or haven't posted in a few months. Certainly this might hit a few legitimate people but will get rid of those spammers that sign up today to spam in October.
Fifth, I've removed the homepage property from the user profile statistics page. If you are legitimate, place such info in your signature and there is an add on already installed that uses ranking including length of registration and number of posts to keep spammers from using it.
Sixth, I installed an add in that automatically looks at information in the http data being sent to look for signatures of robots. I.e. the bots try to sent http headers acting like they are running IE4 or whatever to fool the software from detecting them. This plugin will block those bots and in the case of a false positive has a way for the real person to verify they are human and get through. Also it uses a central database of known bot internet addresses and blocks those, but as I've said there are so many Ips, that's like trying to plug holes in a sieve. But it will block someone running a central bot host. Don't think it will help it the bots are compromised computers. But adding all of these steps will make it harder for bots to register.
Last, as far as posting spam, the posting is a basic function of the board. So if a legitimate user joins, makes a couple real posts, and then posts spam, there isn't anything that can be done automatically to stop it other than moderating all posts. So rather than trying to do that, if any of you here that have been here a while and want to be a moderator, let me know. I'll get with Mama to get her opinion on the final list. Then when one of you see spam, you click a check box and then push a moderate button. Poof.
Thanks for bearing with us as we try to stop these evil doers.
Matt
So I've upgrade to the latest version of vbulletin, which should have some security fixes. The 4.0 series has been out for some time, yet it was a major change so I delayed upgrading until others had time to find all of the newly added bugs. I would guess there were a few because the used to always provide an upgrade for even the easiest fixes and now they are providing patches. That keeps them from having to bump the version numbers up and muddies the waters, so to say,
So the most major change I made was to user registration. The image verification method re-captcha, that came out of digitizing books at Carnegie Mellon University and displayed words that the software there couldn't convert to text appears to be cracked. So spam bots were able to automatically register.
To stop that, I've changed two options. First, before upgrading, I had made new registered user be moderated. This is what lead me to see that bots were registering. The process was too fast and they were still registering. Second, after upgrading, I put in a Q&A human verification with my own dumb questions. The end result, 12 real people registered yesterday. All were spammers. Almost all from southern Asia (i.e. India, Bangladesh, and Vietnam).
Next I need to find or write a plug in to allow or block signups from a list of allowed countries. Fairly easy to write one. Would rather find one but while I've looked, I haven't found one yet. Once I have that, and see it's working, I ought to be able to turn off moderation of user registration.
Third, I'm watching the internet addresses of new registrations and blocking large chunk in Asia. This is really not a solution because there are so many, but until I have to country blocker in, this is a work around.
Forth, I'm pruning down the users by deleting those that haven't posted at all or haven't posted in a few months. Certainly this might hit a few legitimate people but will get rid of those spammers that sign up today to spam in October.
Fifth, I've removed the homepage property from the user profile statistics page. If you are legitimate, place such info in your signature and there is an add on already installed that uses ranking including length of registration and number of posts to keep spammers from using it.
Sixth, I installed an add in that automatically looks at information in the http data being sent to look for signatures of robots. I.e. the bots try to sent http headers acting like they are running IE4 or whatever to fool the software from detecting them. This plugin will block those bots and in the case of a false positive has a way for the real person to verify they are human and get through. Also it uses a central database of known bot internet addresses and blocks those, but as I've said there are so many Ips, that's like trying to plug holes in a sieve. But it will block someone running a central bot host. Don't think it will help it the bots are compromised computers. But adding all of these steps will make it harder for bots to register.
Last, as far as posting spam, the posting is a basic function of the board. So if a legitimate user joins, makes a couple real posts, and then posts spam, there isn't anything that can be done automatically to stop it other than moderating all posts. So rather than trying to do that, if any of you here that have been here a while and want to be a moderator, let me know. I'll get with Mama to get her opinion on the final list. Then when one of you see spam, you click a check box and then push a moderate button. Poof.
Thanks for bearing with us as we try to stop these evil doers.
Matt
Oh, one last thing, this version of Vbulletin supports https: so you can browse securely and protect your password. I'll have to look for a setting to secure the password page, in the meantime, you have just add an s after http in your address i.e. https://www.spiceplace.com/forums/ and you'll be using ssl and the data is encrypted. I'll look for that setting this evening.
Matt
Matt
jglass
New member
As I was not privy to that information at the time I had no way of knowing. I did appreciate your reply to my message when I received it. I am very glad to see upgrading done to the site to make things easier for Mama. She has been working like a dog to keep this place going since your last visit a long time past. We have lost so many members who left because they felt this forum was no longer secure. I really hope they return. I have made a lot of wonderful friends here from all over the globe and will always be grateful for that.
Mama Mangia
Super Moderator
I am so happy!!(as I walk around with a Chesshire cat grin wrapped around my head!)
Before I upgraded I had to set up another server, install all of the software and databases there. Then I applied the upgrade there to make sure everything worked. Then backuped everything on the live server, etc, etc, etc. I started Friday evening, and didn't really finish until Sunday @ 11am. Plus still things to do in the 'Home' tab, which I'll try to get to tonight. In case anyone missed it, there is a useful, "what's new" on right side of the home page.
Mama's going to write up a newsletter and we'll email a link to everyone. Hopefully that will spread the news.
BTW: The forum was secure, it was at the latest VB3 patch level. And VB3 is still supported by Jelsoft.
It's just evil people wanted back links from our website, thinking it would help their ranking in Google (called SEO - Search Engine Optimization). They didn't expect anyone here to click on them (i.e. they weren't ads), they just want a link pointing too them. This is what the bad guys (blackhats) do for SEO. Try Googling 'FORUM POST SEO'. In most cases it won't do any good for them because Google applies other criteria such as relevance because they are aware of this threat to their ranking methods. Our site is about food. If they're linking to TVs, it's not relevant. Besides the links are tagged for Search Engines to not follow. But to evil spammers, they don't care. It's too much work to figure who to post to, they're using programs to do it, and so they just post, post, post. The same thing is done to blogs and newspaper website comments.
Looks like the fixes are working well for now.
Matt
Mama's going to write up a newsletter and we'll email a link to everyone. Hopefully that will spread the news.
BTW: The forum was secure, it was at the latest VB3 patch level. And VB3 is still supported by Jelsoft.
It's just evil people wanted back links from our website, thinking it would help their ranking in Google (called SEO - Search Engine Optimization). They didn't expect anyone here to click on them (i.e. they weren't ads), they just want a link pointing too them. This is what the bad guys (blackhats) do for SEO. Try Googling 'FORUM POST SEO'. In most cases it won't do any good for them because Google applies other criteria such as relevance because they are aware of this threat to their ranking methods. Our site is about food. If they're linking to TVs, it's not relevant. Besides the links are tagged for Search Engines to not follow. But to evil spammers, they don't care. It's too much work to figure who to post to, they're using programs to do it, and so they just post, post, post. The same thing is done to blogs and newspaper website comments.
Looks like the fixes are working well for now.
Matt
ChileFarmer
Moderator
Matt, thanks so much for taking action. This is one of the best forums on the net. True we have become a family. Mama, is our leader and mentor. looking forward to the news letter. I hope the members that have left will return. CF
Mama Mangia
Super Moderator
We all know that there is no way to keep all spammers out completely - an occasional one can be easily handled and should not interfere with the good thing we've got going here.
Matt may wtill have a bit of tweaking to do - but I am really looking forward to having our old site back!
OOPS "STILL" not wtill - I'm so excited I'm typing with a lisp! LOL
Matt may wtill have a bit of tweaking to do - but I am really looking forward to having our old site back!
OOPS "STILL" not wtill - I'm so excited I'm typing with a lisp! LOL