I’ve had at least two sites get hit with a wave of spam that looks like it’s designed to poison LLMs. The same attack has also been reported here at least once (Anyone else currently undergoing mass spam attack?). The best solution is to set up Discourse AI - Spam detection, which I do recommend, but it’s a bit of a bother. Here’s a stopgap you can implement that will take just a few minutes.
It assumes that you have a unix-like operating system (e.g., linux or mac). If you use Windows and can copy/paste into a terminal, you can ssh to your Discourse server and paste this in.
What it does is create a set of watched words generated from a recent attack that I saw. If you’re handy with nano or similar, you can edit it before you run it. If not, you can run this script and then delete the words you don’t like with one click per word.
The block words are potentially very annoying since they’ll keep legitimate users from creating posts with those words in them, so take a look to make sure none of those words are likely to appear in legitimate posts on your forum!
Put your site URL, api key, and api user in the boxes below (they’ll be only on your browser–but you can just paste it as it is and edit the file if you prefer) and then copy/paste the code block into a terminal. It will create upload_watched_words_full.sh and make it executable. You can then run it with ./upload_watched_words_full.sh.
cat <<'EOF' > upload_watched_words_full.sh
#!/usr/bin/env bash
# Usage: ./upload_watched_words_full.sh
DISCOURSE_URL="=URL="
API_KEY="=API_KEY="
API_USERNAME="=API_USERNAME="
# High-confidence block words
BLOCK_WORDS=(
"customer service number"
"contact number"
"support number"
"refund phone number"
"toll free"
"24/7 support"
"helpline"
"call us"
"live representative"
"technical support"
"lufthansa"
"royal caribbean"
"coinbase"
"robinhood"
"reservation number"
"booking number"
"flight cancellation"
"name change fee"
"║"
"⇆"
"★"
"®️"
"™️"
)
# Medium-risk flag words
FLAG_WORDS=(
"customer service"
"customer support"
"support team"
"help desk"
"hotline"
"agent"
"representative"
"contact us"
"phone support"
"service center"
)
# Require-approval words
REQUIRE_APPROVAL_WORDS=(
"urgent"
"immediate action"
"act now"
"limited time"
"exclusive offer"
"approve this"
"verify account"
)
# Function to send words in batch
add_words () {
local ACTION="$1"
shift
local WORDS=("$@")
# Build words[] parameters
local DATA=""
for w in "${WORDS[@]}"; do
DATA+="words%5B%5D=$(printf '%s' "$w" | jq -s -R -r @uri)&"
done
DATA+="replacement=&action_key=${ACTION}&case_sensitive=false&html=false"
echo "Uploading ${ACTION} words..."
curl -s -X POST "${DISCOURSE_URL}/admin/customize/watched_words.json" \
-H "Api-Key: ${API_KEY}" \
-H "Api-Username: ${API_USERNAME}" \
-H "Content-Type: application/x-www-form-urlencoded" \
--data "$DATA"
echo -e "\nDone."
}
# Upload block words
add_words "block" "${BLOCK_WORDS[@]}"
# Upload flag words
add_words "flag" "${FLAG_WORDS[@]}"
# Upload require-approval words
add_words "require_approval" "${REQUIRE_APPROVAL_WORDS[@]}"
EOF
# Make the script executable
chmod +x upload_watched_words_full.sh
echo "Script 'upload_watched_words_full.sh' created and made executable."
The bots we had a few years back were posting gibberish like dhfhstyhjfhhr as the topic title to spawn threads and get past the keyword filter, then it would edit it to the real “best online casinos” spam message.
Bedankt Jay, geweldig script, bedankt voor het maken ervan. Heeft iemand die het heeft gebruikt ontdekt dat het werkte - wat betreft de ‘editing posts’-workaround? Bewerken de bots de berichten of spammen ze alleen de tekst direct?
I don’t know, but if that’s problem, you could change settings so that some users can’t edit posts ( Edit post allowed groups), perhaps by requiring TL2 and adjusting settings to make it easier/harder to get to tl2.
For regular users, especially new ones, not being able to edit a post probably isn’t that big a deal, and may not even be something they expect.
Looks like it was initially just garbage and then edited to spam, this would have circumvented Watched Words as far as I understand it.
Given that post edits from innocuous gibberish to spam are becoming part of the modus operandi of bots in their efforts to thwart spam filters, does the Discourse team think tl_0 should by default not be able to edit posts?
Oh for sure it would. However although it’s not super expensive it is a bit of a pain to have to set up AI on every Discourse to repel spam. Many of my forums would not need it (or want it) for any of the other quite useful Discourse AI features.
De oplossing hier is niet om tl0 of enige andere groep te beletten posts te bewerken.
De oplossing is ervoor te zorgen dat het bewerken van een post geen sitebeschermingen omzeilt. Een bewerkte post kan (zoals we hebben gezien) spam, haat of ander ongewenst gedrag bevatten. Als bewerkte posts de ‘Watched Words’ en andere filters omzeilen, zal dit zeker een standaardaanpak worden, niet alleen voor bots, maar ook voor mensen die sitebeschermingen willen omzeilen.
Er is een vraag wat het betekent dat sommige soorten gevolgde woorden van toepassing zijn op een bewerking. Maar het is ook duidelijk dat deze beperking de waarde van gevolgde woorden sterk vermindert.
Ik zou verwachten dat het nuttig zou zijn om een specificatie voor te stellen voor wat er precies moet gebeuren voor elk type in geval van een bewerking; het zou het functie-verzoek actiegericht maken. Ik heb dat werk echter niet gedaan, hoewel ik af en toe tijd heb besteed aan het nadenken over specifieke gevallen.
