We build. You grow.

Get best community software here

Start a social network, a fan-site, an education project with oxwall - free opensource community software

Watchdog Plugin - Watchdog | Forum

Stuart
Stuart Dec 20 '12
I did notice the watchdog plugin is stated as a work in progress.

So these are merely observations rather than criticisms.

I am being spammed so much that I have turned on mandatory confirmation.

The capture device in oxwall can't be much worth as I am sure these are bots that are hitting my site.
Maybe having a recaptcha option as an alternative might provide more protection.

Paul Cuaffe provides a free antispammer that at least with 1.4 seemed to provide better protection.

Saying that its a work in progress, so I just wondered that when you suspend an account could that IP be added to the list.
Also could registration IP's be recorded so that this could be used.

I think there is much that can be added from Pauls offering. If oxwall offer a plugin then I have a preference for the native developers. I do have high expectations and currently some work needs to be done to get to Pauls level.

If anyone has any idea's or methods to combat spam I would be most interested as it is a bit of a nightmare.

Stuart.
Purusothaman Ramanujam
No one likes spam.

Watchdog plugin is brand new and our ideas and suggestions only can make it better.
Stuart
Stuart Dec 20 '12
Does anyone else feel that they are being hit by bots?

I am just wondering if the current capture mechanism is strong enough.

Does anyone have any suggestions to the registration capture method?

Also I think its important to be able to capture IP addresses on registration.
Part of the approve / reject mechanism should allow admins to submit that IP to forumantispam with username and email.

Also a little current bug is when you add to the whitelist no record can be seen.
It might of been my 192.168.0.0/24 format I used for local lan.

I was hoping that I wouldn't have to place them individually
Alia Team
Alia Dec 21 '12
Stuart, thank you for creating this topic. Watchdog is a new plug in and we really appreciate any feedback.

Regarding CAPTCHA. Having several captcha plugins'  ( so that you can choose whichever you want) is a nice idea. We will keep this in mind when developing new plugins.

>>Also a little current bug is when you add to the whitelist no record can be seen.

You can search whitelisted IP using the search form.

>>It might of been my 192.168.0.0/24 format I used for local lan.

Currently Watchdog doesn't accept IPs in this format ( with /24).

Thank you for your suggestion regarding capturing IPs during registration. We will review them.
I will move this topic to "Watchdog" plugin's forum for now.
Alia Team
Alia Dec 21 '12
Topic was moved from General Questions.
Stuart
Stuart Dec 21 '12
Hope everything calms down for you after the release of 1.5.
Couple of mistakes in the nature of the release but think its a superb piece of software and really looking forward to its future direction.

I feel that developers especially good ones don't like to open development work due to its nature. I don't code any more but I feel I understand the development process.
Many initials attempts are scruffy hacks that need refining before release and I think many realise that alpha's and beta's are no indication of coding proficiency.

I feel that quite a few errors have occurred that could of been avoided by pre releasing to a wider audience who will understand the development cycle. The emphasis would be on functionality and bug checking rather than purity of design and aesthetics.

I always quote Raymonds
Guidelines for creating good open source software

There are 19 guidelines for creating good open source software listed in his essay[2]:

  1. Every good work of software starts by scratching a developer's personal itch.
  2. Good programmers know what to write. Great ones know what to rewrite (and reuse).
  3. Plan to throw one [version] away; you will, anyhow. (Copied from Frederick Brooks' The Mythical Man Month)
  4. If you have the right attitude, interesting problems will find you.
  5. When you lose interest in a program, your last duty to it is to hand it off to a competent successor.
  6. Treating your users as co-developers is your least-hassle route to rapid code improvement and effective debugging.
  7. Release early. Release often. And listen to your customers.
  8. Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix obvious to someone.
  9. Smart data structures and dumb code works a lot better than the other way around.
  10. If you treat your beta-testers as if they're your most valuable resource, they will respond by becoming your most valuable resource.
  11. The next best thing to having good ideas is recognizing good ideas from your users. Sometimes the latter is better.
  12. Often, the most striking and innovative solutions come from realizing that your concept of the problem was wrong.
  13. Perfection (in design) is achieved not when there is nothing more to add, but rather when there is nothing more to take away. (Attributed to Antoine de Saint-Exupéry)
  14. Any tool should be useful in the expected way, but a truly great tool lends itself to uses you never expected.
  15. When writing gateway software of any kind, take pains to disturb the data stream as little as possible—and never throw away information unless the recipient forces you to!
  16. When your language is nowhere near Turing-complete, syntactic sugar can be your friend.
  17. A security system is only as secure as its secret. Beware of pseudo-secrets.
  18. To solve an interesting problem, start by finding a problem that is interesting to you.
  19. Provided the development coordinator has a communications medium at least as good as the Internet, and knows how to lead without coercion, many heads are inevitably better than one.


Your software is of much value to us the community, the more open the more involvement the community can have. This way we can return value to you.


The guidelines in my opinion just provide a mutual beneficial working relationship between commercial entities and open source communities that provide efficient working methods for high value product.


The community can be your bug checkers, market research and not require anything in return but a mutually beneficial product.


Its no criticism apart from the guidelines are always a good reference point and in my opinion essential for any modern software product.


:) Stuart


 

 
The Forum post is edited by Stuart Dec 21 '12
MarkieMark67
MarkieMark67 Dec 26 '12
I agree antispammer by Paul did a better job. Now watchdog is a simple version of antispammer, and does what it is suppose to but it needs more work. Lets work with Paul to make antispammer the preferred  antispammer plugin. 
Stuart
Stuart Dec 27 '12
Guess we need to PM Paul and get his input.


Firstly the antispammer maybe needs to be enlarged into an antispam suite.


I think this area is hugely important purely from the amount of spam I receive.


The antispam suite needs to cover a few plugins firstly the capture on sign-up. This is just opinion but I am pretty sure my spammers are bots and the current capture device must be weak.


I would like to see the possibility to include 3rd party capture services such as recapture.

Maybe even the possibility for layered capture levels.


Also when it come to authentication emails where a url is given to check that the email is correct, can this be expanded?


I was wondering if multiple url's could be included that are numerically listed. Send a small image in the picture "how many fingers am I holding up" to "Count the houses windows"...


Then you have to reply on the correctly numbered url? Get it wrong get another email? Dunno just another antibot provider.

Maybe Oxwall could provide a community submission area for image / question / answer thay they could offer to all.


User management and deleting users and banning IP's. In the deletion section it would be great to allow for those IP's to be submitted to stopforumspam and automatically go to the black list. Having some sort of link between user management and antispam of registration ip would be of much use.


Anyway its just a couple of idea's. 



The Forum post is edited by Stuart Dec 28 '12
MarkieMark67
MarkieMark67 Dec 30 '12
Watchdog needs to watch out. Paul has just done an amazing job on an update for antispammer. Oxwall needs to work with  Paul...
Stuart
Stuart Dec 30 '12
I think the same, also paul should charge a bit of beer money for a truly outstanding effort.


Watchdog from the results I am currently getting is seriously inferior.

MarkieMark67
MarkieMark67 Dec 31 '12
I'll buy Paul Cuffe a beer anytime. Watchdog does a ok job. But I have to say Oxwall needs to give credit to Paul Cuffe. I think they need to work with him to improve antispammer, Watchdog isn't ready...
The Forum post is edited by MarkieMark67 Jan 1 '13
Stuart
Stuart Dec 31 '12
I think its a hard call for oxwall, much of oxwall's long term success will be in a plentiful supply of wide ranging 3rd party plugins.


Maybe on this one Paul has got the jump on oxwall and as a top notch developer maybe they should encourage this level of quality and not compete in this one area?

 

MarkieMark67
MarkieMark67 Jan 18 '13
I will stick with Anti Spammer. Time and Time again it has out performed watchdog. I have been very happy with it. Watchdog is good for it's first run. But still needs work....
Stuart
Stuart Jan 19 '13
I think what paul is doing with Anti-Spammer is far ahead of watch dog. Also what he is doing with an oxpot (Honeypot) spam details collection is a very important contribution to oxwall.


When it comes to spam and hacking diversity is the first weapon in the armory.


Pauls done such good work with Anti-Spammer that personally I have an allegiance to the product. I keep urging him to make it commercial or offer a lite and full version. Spam is always a war to combat and it needs resources is never static and it always has a cost.


What I will say from the amount of registered users that somehow manage to get past the "capture" input, the current "capture" is of little use.


Oxwall this really needs to come out of the core so that plugins can be made. Again capture diversity will do much to hinder the spammer.


Stuart 

MarkieMark67
MarkieMark67 Jan 20 '13
Stuart I agree 100% Paul has out done my suggestions. Oxwall needs to work with Paul and make the best out of it. 
Stuart
Stuart Jan 21 '13
I have posted this elsewhere but its wasn't my idea. Add a custom profile question and make it required for the signup.


Works a treat and has a drastic effect on them pesky spammers.


Also I have said this but the capture is really poor, needs to be taken out of the core so it can be a plugin. Diversity is the way to beat them.

Alia Team
Alia Feb 15 '13
Thank you for your feedback guys. Considering everything we have decided to develop another solution against spammers.

I guess what Den wrote hear http://www.oxwall.org/...um/topic/7533?page=1; helps a lot and I could have not rephrased it better:

"Different sites require different parameters for that both options. That's why Watch Dog uses a small spam database and updates it twice a day (less false positives, more effective for small communites), but AntiSpammer uses more antispam databases and has an option to perform online checks (more false positives, more effective for large communities). 

The best option to prevent spam activity is to combine the both. As this is the only way to catch automatic and human spam activity at the same time. That is what we are going to implement with the next update to make it allow catch the spam effectively."


You do not have permission to reply this topic