search

fiddur / some-comments

DEPRECATED: See Oratorium
https://github.com/fiddur/oratorium
GNU Affero General Public License v3.0
42 stars 7 forks source link

Anonymous comments too easy to spam #5

Open ctrlcctrlv opened 9 years ago

ctrlcctrlv commented 9 years ago

Will you accept a PR with optional CAPTCHA for anon. commenters?

fiddur commented 9 years ago

Yes. I guess it need to be plugged into the anonymous authentication and login view…

What kind of captcha are you thinking of? I would prefer a local captcha before a hosted one (like reCaptcha), or making it optional.

Could it be autotested? At least testing that it doesn't show up if not configured to do so.

ctrlcctrlv commented 9 years ago

Yeah, I was going to look for existing NPM libraries

Autotesting should be no problem. I'll try to get around to this soon :)

fiddur commented 9 years ago

I'm curious; have you actually received any spam on some comments? It wouldn't be hard to write a spam-bot to work it's way through some comments, but since so few use it, I doubt anyone would give a second thought, and I doubt that any generic spam bot would get through…

ctrlcctrlv commented 9 years ago

Well, I was going to set up Ghost for my site (8ch.net) and have a status blog, maybe a "what we're working on", or "here's why the site went down", or hopefully not "why we're filing for bankruptcy" (just kidding :wink: ) but I can't just use Disqus because the whole purpose of 8chan is anonymous comments.

I just know from experience (unfortunately) that even if I launch the blog and at first there is no spam from anonymous commenters, it will happen, so I can't use a commenting system without a good antispam system.

It's trivial to write scripts to do this sort of thing, and if the commenting system becomes popular, they'll soon become part of suites that black hat SEO types use.

For comparison, 8chan receives over 4000 posts per hour at peak period (9PM in the USA), and over 3800 of them are posted anonymously. The other 200 are posted with names or tripcodes, which are sort of like accounts. To post you must fill out a CAPTCHA which whitelists your IP for either 75 posts or 24 hours, whatever comes first.

fiddur commented 9 years ago

Ok, I never thought it would be so early adopted by a larger site :) Well, just go ahead and add the captcha then :+1:

fiddur commented 9 years ago

@ctrlcctrlv Are you working on this now? There'll be some restructuring in the code and more development in the coming weeks, so long hanging forks might be hard to merge. If you're not working on it I might give it a go at the same time I'm adding the possibility for anonymous commenters to chose an alias…

ctrlcctrlv commented 9 years ago

Nope, I haven't started yet. Please feel free. I've been sidetracked by other things.