Jump to content

Search the Community

Showing results for tags 'Spam'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to ProcessWire
    • News & Announcements
    • Showcase
    • Wishlist & Roadmap
  • Community Support
    • Getting Started
    • Tutorials
    • FAQs
    • General Support
    • API & Templates
    • Modules/Plugins
    • Themes and Profiles
    • Multi-Language Support
    • Security
    • Jobs
  • Off Topic
    • Pub
    • Dev Talk

Product Groups

  • Form Builder
  • ProFields
  • ProCache
  • ProMailer
  • Login Register Pro
  • ProDrafts
  • ListerPro
  • ProDevTools
  • Likes
  • Custom Development

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 5 results

  1. For the last week or so, a number of accouts have started to post status updates with (mostly) unrelated content. I've checked out the submission histories of ~20 of them, and none of them has a recent post. They were registered long time ago and made several status updates over time. I started noticing them after the last week's forum update. Something about it allowed these status updates to surface, and now around ~10-15 updates are posted daily, which is enough to flood the activity stream. Is anyone else bothered by this? These are from the last 24 hours
  2. I was put on to Mandrill by Pete (thank you Pete). In my experience if your website sends emails to people, for example you have a booking app and people get confirmations, then the confirmation emails may, sometimes, get rejected as spam, regardless of the fact that they're not. TL;DR Whenever in the PW admin there is a field to do with delivery of email from PW, there ought to be a note / link to an article about the benefits of sending email via Mandrill (or similar service) rather than direct. Boring rant version I had tried to solve this lack of 100% reliable email delivery with DKIM and SPF records (good things in their own right) tuning the content of the email so perhaps it would be less likely to apparently trigger some spam pattern recognition code (for example having few(er) HTML links banging my head shouting Nothing worked. I would appear to have a period of reliability where all emails were getting through, relax... Then BAM! Another spam rejection. The only variance? The receiving email systems. As visitors to the site were many and varied so were their email systems and some of those email systems spam detection algorithms were simply too sensitive for their own good. So it was not my fault but nevertheless my client whose website used the booking system kept gettings infrequent but repeated 'lost' email confirmations. So I made one other change, I sent email via SMTP to Mandrill rather than directly to the client. Mandrill then sent it to the client. This resulted in an unprecedented (and continuing) period of 100% success—zero false positive spam rejections. The reason is simple: my client's domain (or your client's domain) has a reputation as a source of email. It is probably average or good. Whereas Mandrill, who send (Mandrill is part of MailChimp and these are the overall numbers) with this many emails have to have an exceptional reputation, and they do. Nothing I can do on a domain or in DNS can compete with this firehose of good reputation provided by Mandrill. Recommendation If I were a newbie to emailing from PW to people then I could well go through this learning curve myself. To help others I would like to suggest that perhaps wherever there is a field in PW that is responsible for sending email that one of those helpful 'Notes' be auto populated with a link to an article on on the benefits of sending email via an intermediary such as Mandrill.
  3. I have a template that list emails. I'm hiding emails with javascript (I could use Soma's EmailObfuscator), but javascript is no longer sufficient since bots execute javascript. I was thinking about captcha solution so that before the page is shown human "presence" is required. How could I do that? What are your solutions? Matjaž
  4. Hi there! I'm quite new to processwire and I like it! I'm coming from Contao CMS with which I worked for years but I didn't like some of the recent directions Contao CMS went. But there are some very convenient features in Contao I miss in PW. One is email-spam-protection. Contao automatically converts email-links set in rich text editors to unicode encoded links. This may not be a hardcore spam-protection measure, but it still seems to work quite well. (see http://www.pinnacledisplays.com/unicode-converter.htm). It's not that tragic that Processwire doesn't convert mail-links into unicode out of the box, but now I'm struggling with the fact, that PW does it exacty the other way around. When I want to write unicode in the HTML-view of TinyMCE inside Processwire it's immediately converted into human- and spambot-readable code... How can I do this in Processwire? Or is there a completely different way to protect emails from being fetched from spambots in PW? Thanks in advance! Jonas
  5. I stumbled across bad-behavior spam blocker today and I'm trying to port it to Processwire. It looks like a decent service which is natively used in some other cms's and php apps. out of the box, this service is supposed to work by downloading and unzipping the files to somewhere accessible, then adding require_once("/path/to/Bad-Behavior/bad-behavior-generic.php"); To your pages. I added it at the top of PW's index.php. So, its supposed to be working (although I can't yet tell ). However, its supposed to work even better if you can give it a database to enable logging. To do this, one has to add the mysql hooks into the bad-behavior-generic.php file. I think these are the lines that need to be modified: // Bad Behavior callback functions. // Return current time in the format preferred by your database. function bb2_db_date() { return gmdate('Y-m-d H:i:s'); // Example is MySQL format } // Return affected rows from most recent query. function bb2_db_affected_rows() { return false; } // Escape a string for database usage function bb2_db_escape($string) { // return mysql_real_escape_string($string); return $string; // No-op when database not in use. } // Return the number of rows in a particular query. function bb2_db_num_rows($result) { if ($result !== FALSE) return count($result); return 0; } // Run a query and return the results, if any. // Should return FALSE if an error occurred. // Bad Behavior will use the return value here in other callbacks. function bb2_db_query($query) { return FALSE; } // Return all rows in a particular query. // Should contain an array of all rows generated by calling mysql_fetch_assoc() // or equivalent and appending the result of each call to an array. function bb2_db_rows($result) { return $result; } // Create the SQL query for inserting a record in the database. // See example for MySQL elsewhere. function bb2_insert($settings, $package, $key) { return "--"; } // Return emergency contact email address. function bb2_email() { return "example@example.com"; // You need to change this. } // retrieve whitelist function bb2_read_whitelist() { return @parse_ini_file(dirname(BB2_CORE) . "/whitelist.ini"); } // retrieve settings from database // Settings are hard-coded for non-database use function bb2_read_settings() { global $bb2_settings_defaults; $settings = @parse_ini_file(dirname(__FILE__) . "/settings.ini"); if (!$settings) $settings = array(); return @array_merge($bb2_settings_defaults, $settings); } // write settings to database function bb2_write_settings($settings) { return false; } // installation function bb2_install() { return false; } but I couldnt tell how to call the PW mysql hooks. For reference, the sample version for wordpress (bad-behavior-wordpress.php) looked like: <?php /* Plugin Name: Bad Behavior Version: 2.2.3 Description: Deny automated spambots access to your PHP-based Web site. Plugin URI: http://bad-behavior.ioerror.us/ Author: Michael Hampton Author URI: http://bad-behavior.ioerror.us/ License: LGPLv3 Bad Behavior - detects and blocks unwanted Web accesses Copyright (C) 2005,2006,2007,2008,2009,2010,2011,2012 Michael Hampton Bad Behavior is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. Please report any problems to bad . bots AT ioerror DOT us http://www.bad-behavior.ioerror.us/ */ ############################################################################### ############################################################################### if (!defined('ABSPATH')) die("No cheating!"); global $bb2_result; $bb2_mtime = explode(" ", microtime()); $bb2_timer_start = $bb2_mtime[1] + $bb2_mtime[0]; define('BB2_CWD', dirname(__FILE__)); // Bad Behavior callback functions. require_once("bad-behavior-mysql.php"); // Return current time in the format preferred by your database. function bb2_db_date() { return get_gmt_from_date(current_time('mysql')); } // Return affected rows from most recent query. function bb2_db_affected_rows() { global $wpdb; return $wpdb->rows_affected; } // Escape a string for database usage function bb2_db_escape($string) { global $wpdb; return $wpdb->escape($string); } // Return the number of rows in a particular query. function bb2_db_num_rows($result) { if ($result !== FALSE) return count($result); return 0; } // Run a query and return the results, if any. // Should return FALSE if an error occurred. // Bad Behavior will use the return value here in other callbacks. function bb2_db_query($query) { global $wpdb; $wpdb->hide_errors(); $result = $wpdb->get_results($query, ARRAY_A); if ( defined('WP_DEBUG') and WP_DEBUG == true ) $wpdb->show_errors(); if (mysql_error()) { return FALSE; } return $result; } // Return all rows in a particular query. // Should contain an array of all rows generated by calling mysql_fetch_assoc() // or equivalent and appending the result of each call to an array. // For WP this is pretty much a no-op. function bb2_db_rows($result) { return $result; } // Return emergency contact email address. function bb2_email() { return get_bloginfo('admin_email'); } // retrieve whitelist function bb2_read_whitelist() { return get_option('bad_behavior_whitelist'); } // retrieve settings from database function bb2_read_settings() { global $wpdb; // Add in default settings when they aren't yet present in WP $settings = get_option('bad_behavior_settings'); if (!$settings) $settings = array(); return array_merge(array('log_table' => $wpdb->prefix . 'bad_behavior', 'display_stats' => true, 'strict' => false, 'verbose' => false, 'logging' => true, 'httpbl_key' => '', 'httpbl_threat' => '25', 'httpbl_maxage' => '30', 'offsite_forms' => false, 'reverse_proxy' => false, 'reverse_proxy_header' => 'X-Forwarded-For', 'reverse_proxy_addresses' => array(),), $settings); } // write settings to database function bb2_write_settings($settings) { update_option('bad_behavior_settings', $settings); } // installation function bb2_install() { $settings = bb2_read_settings(); if (!$settings['logging']) return; bb2_db_query(bb2_table_structure($settings['log_table'])); } // Cute timer display; screener function bb2_insert_head() { global $bb2_timer_total; global $bb2_javascript; echo "\n<!-- Bad Behavior " . BB2_VERSION . " run time: " . number_format(1000 * $bb2_timer_total, 3) . " ms -->\n"; echo $bb2_javascript; } function bb2_approved_callback($settings, $package) { global $bb2_package; // Save package for possible later use $bb2_package = $package; } // Capture missed spam and log it function bb2_capture_spam($id, $comment) { global $bb2_package; // Capture only spam if ('spam' != $comment->comment_approved) return; // Don't capture if HTTP request no longer active if (array_key_exists("request_entity", $bb2_package) && array_key_exists("author", $bb2_package['request_entity']) && $bb2_package['request_entity']['author'] == $comment->comment_author) { bb2_db_query(bb2_insert(bb2_read_settings(), $bb2_package, "00000000")); } } // Display stats? function bb2_insert_stats($force = false) { global $bb2_result; $settings = bb2_read_settings(); if ($force || $settings['display_stats']) { $blocked = bb2_db_query("SELECT COUNT(*) FROM " . $settings['log_table'] . " WHERE `key` NOT LIKE '00000000'"); if ($blocked !== FALSE) { echo sprintf('<p><a href="http://www.bad-behavior.ioerror.us/">%1$s</a> %2$s <strong>%3$s</strong> %4$s</p>', __('Bad Behavior'), __('has blocked'), $blocked[0]["COUNT(*)"], __('access attempts in the last 7 days.')); } } if (@!empty($bb2_result)) { echo sprintf("\n<!-- Bad Behavior result was %s! This request would have been blocked. -->\n", $bb2_result); unset($bb2_result); } } // Return the top-level relative path of wherever we are (for cookies) function bb2_relative_path() { $url = parse_url(get_bloginfo('url')); if (array_key_exists('path', $url)) { return $url['path'] . '/'; } return '/'; } // FIXME: figure out what's wrong on 2.0 that this doesn't work // register_activation_hook(__FILE__, 'bb2_install'); //add_action('activate_bb2/bad-behavior-wordpress.php', 'bb2_install'); add_action('wp_head', 'bb2_insert_head'); add_action('wp_footer', 'bb2_insert_stats'); add_action('wp_insert_comment', 'bb2_capture_spam', 99, 2); // Calls inward to Bad Behavor itself. require_once(BB2_CWD . "/bad-behavior/core.inc.php"); bb2_install(); // FIXME: see above if (is_admin() || strstr($_SERVER['PHP_SELF'], 'wp-admin/')) { // 1.5 kludge #wp_enqueue_script("admin-forms"); require_once(BB2_CWD . "/bad-behavior-wordpress-admin.php"); } $bb2_result = bb2_start(bb2_read_settings()); $bb2_mtime = explode(" ", microtime()); $bb2_timer_stop = $bb2_mtime[1] + $bb2_mtime[0]; $bb2_timer_total = $bb2_timer_stop - $bb2_timer_start; Thanks in advance!
×
×
  • Create New...