banner_jpg
Username/Email: Password:
News Article
Registration Closed (Temporarily)
Registration for new accounts has been temporarily closed due to the high amount of spam accounts in the last 2 days. We invite you to give suggestions on how to deal with this by commenting in this thread:
https://www.mangaupdates.com/showtopic.php?tid=60366
Posted by lambchopsil on 
September 21st 10:50pm
Comments ( 13 )  
[ View ]  [ Add ]

Comments (limited to first 100 replies)

» Nashnir on September 22nd, 2017, 3:18pm

There was one that got through.

Guess was registered earlier but was quiet.
https://www.mangaupdates.com/members.html?id=505330 biggrin

thread

» lambchopsil on September 22nd, 2017, 11:13pm

Thanks, took care of it

thread

» aneo9988 on September 29th, 2017, 7:33pm

thread

» lambchopsil on September 29th, 2017, 11:00pm

Dealt with

thread

» cecropiamoth on October 23rd, 2017, 11:01am

This keeps on, intermittently, as of Oct. 23. I wouldn't be surprised to learn that the Japanese manga industry has hired someone to do this in an effort to undermine scanlation.

thread

» residentgrigo on October 23rd, 2017, 1:38pm

A few torrent sites as Demonoid allow you to only register on specific times, which is what i would normally suggests but that would defeat the point of MU in the end.
Which brings me to my question. What if you could only unlock your account´s forum privileges on specific and set dates. All "new users" could only do so much spam damage that way, unless someone uses that time to set up multiple accounts and only employs them if the ones before get banned. Any other smart ideas?

thread

» gss93 on October 23rd, 2017, 6:05pm

Perhaps this is what residentgrigo was saying, but only allowing accounts older than x months to post might help.

thread

» residentgrigo on October 24th, 2017, 10:46am

Ok, this actually is a bot (army) as no human can post this fast. So how about limiting how fast one can post and trying to freezing out people who multiple times a minute automatically.

thread

» spiderbait on October 25th, 2017, 12:15pm

thread

» Suxinn on October 25th, 2017, 3:59pm

Quote from spiderbait

And, even more now...

https://www.mangaupdates.com/members.html?id=506400
https://www.mangaupdates.com/members.html?id=506404
https://www.mangaupdates.com/members.html?id=506401

Not sure if closing registration is the right way to solve this. Are all these accounts posting from the same IP?

thread

» chriseras on October 25th, 2017, 9:25pm

For starters, dynamically generate the names for the form fields names based off of a hash of the current server timestamp (needs to have millisecond resolution for the timestamp) rather than have a form field name that looks something like "username" or "password". Instead, you just check the form field names, which are hashes themselves, against your cached hash to see if it's a username or password. This prevent your run of the mill bots looking for form field names like "username", "password_1", "password_2", etc. It'll force them to have to rely on DOM structure patterns to navigate, which is a bit harder.

Also, recently Google recaptcha's been bypassed with 85% accuracy when bots use the audio option.

thread

» bhui on October 27th, 2017, 6:03pm

How about a reputation system? Does the user use the sites features? Ever interacted with Control panel features? Submitted releases? How long has the user been active on the site?

Maybe scaling back post-limits on inactive accounts (or notify mods / block accounts temporarily). This could also trigger on surpassing the average daily post-count of that account in the last week.

Putting nofollow on outgoing forum links seems workable too?

How about white-listing common outgoing forum links and notifying mods (and imposing temporary post timers) if a unknown link gets posted? This would maybe need some differentiation to apply even to URL-parts after the domain like reddit.com/r/manga/ on a white-list for example (because there are even spammy subreddits).

thread