We’re being raided by bots even the regulars have no control with spam flags what should be done.
3 Likes
Here are some posts that had to get multiple spam flags.
and tons of others.
This is a forum about a game and this is completely unrelated.
and it happened here but a spam scanner stopped it https://meta.discourse.org/t/khdjk-adfhkisdfyuihjnhsdakh-iyukjsdhjkhsadjkfhuiy/377141
this was on the meta
4 Likes
unfortunately, the admin is rarely on and no mods, tl3s, or tl4s are currently active
there is one active user who was a tl3 but just got demoted and the system just stopped unlisting everything
3 Likes
Oof, that is a rough situation to be in.
Unfortunately, a community simply needs to have an active admin to function.
You could consider reaching out to the more general email address and explain the situation hello@gimkit.com. Downside is that this risks the forum getting shut down as a “solution” to the problem.
10 Likes
Ouch. The first 8 topics I see are all spam. And more are appearing. These users need to be blocked and if possible, maybe IP banned. ATM if you don’t have an active admin, and no mods currently, the best you can do is to flag. Ideally, having a team of TL4s and mods from different timezones would allow the posts to be more efficiently dealt with.
At the same time, this might help:
5 Likes
FYI I recently got attacked by something very similar if not the same system/group/perpetrator a few days ago.
This is the first time that forum, live on one of my Discourse instances since 2017 has been hit by such a wave. (incredibly!)
Yes, you need an active admin who can jump on within a few hours max, if needed, especially if you are not prepared with settings.
I was hit by over 300 posts overnight, mostly about telephone numbers for airline support. But a few cheeky ones testing the waters and eventually some pretending to be genuine users posting content that was similar-ish to the site.
The attack was ongoing when I started to pay attention, so the problem was only getting bigger.
Here’s what I did:
-
temporarily disabled email (
disable_emails= non-staff)
then went through every post (300 overnight), deleted and blocked the user (including email and IP). This didn’t need to be done 300 times as some users were responsible for several posts. -
unblocked emails and set
must_approve_usersto true
reluctantly, then checked each one coming in that morning, if it did appear dodgy blocked the user (including email and IP) -
set
must_approve_usersback to false, but instead setapprove_post_countto 1
reviewed each new post, if dodgy, delete and block user (including email and IP).
Eventually their bot farm exhausted its bank of IP and email addresses and the forum is calm once again.
Here’s some stats:
IPs
emails:
7 Likes
This is the fundamental problem. I think the first thing on the list is:
Get a moderator / admin who cares enlisted, point them at this topic!
We have a ton of tools available to admins and mods to handle an onslaught of bots.
Discourse with stock settings + AI spam, can survive to a degree without active moderators. However, if the forum has been abandoned by administration, there is very little you can do short of teaming up together and flagging, which is tedious over time.
9 Likes
The tools are excellent.
We need to use them!
2 Likes
I Solved this enabling Super Fight Bot CF + hCaptcha Plugin Strictly Hard and an rule at cloudflare I’m using others solutions as Akismet to personal use and Perspective Plugin but you needs request.
At cloudflare create a rule Manager Challenger or JS for all countries, turn off toggle to Bots known and anything else as you wish to bypass this rule
All that’s this is boring to real member/new member but welcome to AI era.
6 Likes
That’s them alright!
4 Likes
What I’ve done:
-
Installed Stop Forum Spam Plugin . Though not official, it’s very effective at what it does by comparing IPs and email addresses with StopForumSpam’s database. Ideal for this kind of case.
-
Ran
users = User.where("created_at >= ?", Date.today) users.find_each do |user| UserDestroyer.new(Discourse.system_user).destroy(user, delete_posts: true) end
Well, I have done that in an ideal world. Since both admins tried removing the spam accounts at the same time (each one their way), resulting in unexpected data loss 
So I’ll restore a backup from last night instead, when I’m finished upscaling my server, since I’ve no space left on the server 
3 Likes
Is there a reason you are not running ai spam detection? Plenty of free llms to pick from on open router
4 Likes
I’ve experienced the same thing many times. I’ve entered a lot of banned words, words that need to be approved and monitored, but each time, it keeps posting in a different format. I’ve tried everything in the recommended links. The easiest solution is to use AI spam detection to solve this problem. @S0m30n3_31s3
2 Likes
Several. First, I wasn’t sure it was mature enough to run in production, but from what I read, it has been for a long time.
Also, I’m divided over using AI when I can do another way because of environmental concerns.
But I use AI almost every day for personal purposes, so I think it wouldn’t be fair to say that it’s right to use it for me, but not to help keep a valuable community healthy.
And finally, I simply didn’t have an in-depth look at the ai plugin and its capabilities. 
I might install it and see how it goes, especially since I always favor official plugins.
5 Likes
We had a very similar attack early this morning. It stopped pretty quickly once I slapped signup approvals on though. Was delighted that our moderators picked up on it and raised the alarm early! Made it very easy to deal with.
4 Likes
It’s still ongoing of course. Once they have you in their sights …
… and in a perfect world would be nicer not to have to have that extra friction on first post.
(may check out the AI spam identifier at some point.)
3 Likes
