Solved What's up with not being able to post simple replies?

[GPGeorge]

I cannot remember the exact reasons why I chose 100 posts, but it might be due to hackers using old accounts for spamming. Most user accounts have less than 100 posts.

That makes sense. I also think that hackers/spammers can work in teams, setting up accounts that lie dormant for a while until they are exploited.

 

[Jon]

That makes sense. I also think that hackers/spammers can work in teams, setting up accounts that lie dormant for a while until they are exploited.

That is exactly what they do, because the dormant user doesn't notice posts that they didn't make.

 

[cheekybuddha]

I also think that hackers/spammers can work in teams,

It's more likely to be bots that they set up rather than actual people sitting there doing the posting.

It would be cleverer if you could whitelist internal links (www.access-programmers.co.uk/...) from the blocker though.

We often ask new posters not to tack on to old threads but start a new one and post a link back to the old one as reference - that gets the generic 'Oops!'

 

[GPGeorge]

It's more likely to be bots that they set up rather than actual people sitting there doing the posting.

It would be cleverer if you could whitelist internal links (www.access-programmers.co.uk/...) from the blocker though.

We often ask new posters not to tack on to old threads but start a new one and post a link back to the old one as reference - that gets the generic 'Oops!'

I'm going back a few years for that observation about teams of people. There may have been bots involved, but someone was keeping track of accounts set up for spamming. I suppose once the set up accounts were in place they could then automate the spamming. Gnarly Bastids they are.

 

[cheekybuddha]

Gnarly Bastids they are.

 

[Uncle Gizmo]

Sounds like a job for an AI Agent!!!

 

[Jon]

They often use a well knowing spamming bit of software called Xrumer. It automates everything.

 

[Isaac]

My previous response has disappeared so let me try one more time. As before, I was entering plain text in a new thread. Here is a copy from my Notepad:View attachment 119247

What in here is deserving of being blocked?

Probably the ldap that looks like a URL
Not that I'm defending it of course it's ridiculous that you're being blocked

 

[Jon]

OK, so it seems as if it is purely dependent on finding ://

Trying explicitly:
View attachment 119271
results in:
View attachment 119272

Whereas simply doing:
View attachment 119273
is OK:
View attachment 119274

Using a resource but without completing the double forward slash is also OK:
View attachment 119275
The post goes through:
View attachment 119276

Curiously, getting the colon and slashes back to front also triggers the blocker:
View attachment 119277
like so:
View attachment 119278


So, @HavingDatabaseRelations, it really isn't anything personal against you - it's a PITA for everyone!

Correct: The use of "://" is there to trap the urls and that would cause the Oops. There is not much we can do about that if we want to stop spammers dropping links.

Edit: It would be nice if the software had some method of informing the user what the issue was, although some would argue that doing so informs the spammers what to avoid and hence prefer to keept it opaque.

 

[cheekybuddha]

Still not sure why you can't whitelist links back to AWF.

 

[Jon]

Still not sure why you can't whitelist links back to AWF.

Here is the admin section that blocks certain phrases. No facilities to whitelist anything. What you see is just part of the phrases targeted.

 

[sonic8]

Here is the admin section that blocks certain phrases. No facilities to whitelist anything.

The first line looks like a Regular Expression to me. If this is correct, it should be possible to rewrite the "*//*" line to something that does not match links back to this site but every other occurrence of "//".

 

[Jon]

There is also "//".

 

[Jon]

There is an addon for this but it costs $45.

 

[Gasman]

Here is the admin section that blocks certain phrases. No facilities to whitelist anything. What you see is just part of the phrases targeted.

View attachment 119431

Shame it takes capitals into account.

 

[sonic8]

There is also "//".

Not sure what relevance that does bear.

It appears, it is possible to use RegExps to only reject links to other sites.
Here is a thread in the Xenforo community showing examples: https://xenforo.com/community/threads/spam-phrases-to-detect-external-links-moderate.199113/

 

[Jon]

Not sure what relevance that does bear.

It appears, it is possible to use RegExps to only reject links to other sites.
Here is a thread in the Xenforo community showing examples: https://xenforo.com/community/threads/spam-phrases-to-detect-external-links-moderate.199113/

Nice find. I ran it through ChatGPT and it suggests it will work, despite the poster on the end of that thread saying it doesn't.
I'm not sure of the implications because I put "//" in there because some spammers might have this kind of thing in their posts:

http: // myspamsite.com

I suppose it all depends on the frequency of that.

 

[The_Doc_Man]

Still not sure why you can't whitelist links back to AWF.

The question is whether Xenforo SUPPORTS the concept of a whitelist. If Jon's list shows exclusion filters rather than specific blacklist entries (which is what I see by context), then you would be asking for an anti-filter(?). I don't know if you can do that.

 

[cheekybuddha]

I don't know if you can do that.

Something like this should get you quite far:

/(([http|ftp|file|mailto|imap|tel|ldap]s?):\/\/(?!(www.)?access-programmers.co.uk)[\w\.\/\-=?#]+)/i

(based on the pattern in Philipp's link)

 

[cheekybuddha]

There is an addon for this but it costs $45.

I guess that might be the one I mentioned in Post #12

I thought if you were already using such an addon then you may have missed the whitelist capability - but now we know you're not using one.

All these always come with extra wallet pressure