Hey Ben here are also a few more generic rules that could be added. These are similar to the ones I had implemented on a game a while ago:
Limit the number of posts that can be posted just after registration
Simple title analysis (removing numbers) will reveal the similarity percentage to be high (60%+) as the number is the way for them to make it unique.
Auto ban or disable posting when more than 5 articles are published in less than an hour
Check age of account vs post rate (this would need a bit of balance but someone who has created an account in past few days and is posting 10 message a day is a bit suspicious)
Could easily be done with numbers, random words from a dictionary, etc. Filtering out the numbers will not have any lasting effect.
For long term I had other suggestions on the list. There is never any perfect spam protection you always will have services like account creators and captcha bypassers and others. The goal is to mitigate to maximum current and future threats by taking into consideration past and possible attempts.
From what I see, it's mostly one post per account, so that won't help.
Sorry but I saw a few some single accounts with 24 posts in 10 minutes and their account was created on the same day.
I like to build cool things, work with nice people and help others where I can. Currently I'm an engineering manager for a fintech startup and historically a serial founder & freelancer software dev.
Location
München, Deutschland 🇩🇪
Education
The Open University
Work
Engineering Manager @ Deutsche Fintech Solutions GmbH
Captcha is the devil for accessibility so never ever add captcha anywhere... ever. There’s other ways to validate without bombing your application accessibility for users with access needs.
I like to build cool things, work with nice people and help others where I can. Currently I'm an engineering manager for a fintech startup and historically a serial founder & freelancer software dev.
Location
München, Deutschland 🇩🇪
Education
The Open University
Work
Engineering Manager @ Deutsche Fintech Solutions GmbH
Captcha is always in the top 10 issues users with access needs bring up, doesn’t matter the type of captcha. Captcha in its current form is a problem and not a solution. The users have spoken 🤷♂️
I like to build cool things, work with nice people and help others where I can. Currently I'm an engineering manager for a fintech startup and historically a serial founder & freelancer software dev.
Location
München, Deutschland 🇩🇪
Education
The Open University
Work
Engineering Manager @ Deutsche Fintech Solutions GmbH
Captcha has improved, but it’s not accessible to all users yet or even a plurality. Issues remain. Old versions in the wild. Etc.
There are valid captcha alternatives which solve many of captchas (all versions) issues but still captcha has improved as I said, it’s just not all the way there for users with access needs or those with privacy concerns.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hey Ben here are also a few more generic rules that could be added. These are similar to the ones I had implemented on a game a while ago:
Could easily be done with numbers, random words from a dictionary, etc. Filtering out the numbers will not have any lasting effect.
From what I see, it's mostly one post per account, so that won't help.
Allowing a new account to make a single post is enough; any limitation on top of that will mostly get in the way of legitimate users.
For long term I had other suggestions on the list. There is never any perfect spam protection you always will have services like account creators and captcha bypassers and others. The goal is to mitigate to maximum current and future threats by taking into consideration past and possible attempts.
Sorry but I saw a few some single accounts with 24 posts in 10 minutes and their account was created on the same day.
Captcha is the devil for accessibility so never ever add captcha anywhere... ever. There’s other ways to validate without bombing your application accessibility for users with access needs.
Otherwise good points overall.
I disagree totally there are now invisible captcha for example 😊
Which is inaccessible too.
Captcha is always in the top 10 issues users with access needs bring up, doesn’t matter the type of captcha. Captcha in its current form is a problem and not a solution. The users have spoken 🤷♂️
really? We have it on 13 of our commercial solutions and never had an issue with it so :/
let's agree to disagree.
Captcha has improved, but it’s not accessible to all users yet or even a plurality. Issues remain. Old versions in the wild. Etc.
There are valid captcha alternatives which solve many of captchas (all versions) issues but still captcha has improved as I said, it’s just not all the way there for users with access needs or those with privacy concerns.