Project Honeypot plugin?

julian

v0.4.0 includes req.ip passed into the userData on registration, so officially, any anti-spam plugin created will already be compatible with NodeBB v0.4.0.

Unofficially, I'd like to get decent spam protection out the door for v0.4.1. So I'm using this thread to collaborate with plugin writers to bounce ideas off one another

Relevant Points

• Registration IP Address Tracking

  • Looking at implementing Project Honeypot, except there's actually no npm module for querying and consuming its API, so I made an NPM module for it.
    • I am planning to add one or two maintainers to the repo, perhaps @schamper would be interested? Would also welcome your input re: my implementation
  • The relevant hook in question is filter:user.create. If a spammer is found on registration, we can do this: callback(new Error('bad-ip'));, and NodeBB will stop the registration process and throw an alert with the words "bad-ip" in it. Not the greatest of messages, but we can add a language key for that error code for v0.4.1.

• Post specific IP address tracking

  • Not implemented in NodeBB core, may be a part of v0.4.1

finid

So I'm using this thread to collaborate with plugin writers to bounce ideas off one another

@julian

I'm not a plugin writer, but...

But what's the status of Anti-spam solution for registration page #1213 and how does it fit in with this Honeypot plugin?

Scuzz

@schamper was ahead of you about two months ago

finid

@Scuzz

Yeah, the problem is @schamper has many plugins that has not been touched in about two months ago. Too busy, I'm sure. We need to reactivate @schamper.

That video chat plugin is what I really want to see.

julian

Yeah, that was actually the reason I started this thread Just didn't want to dig up the thread from the deep.

Now that the core is a bit more mature, we can get this going.

@planner This plugin is transparent to the end user. It is not a front-end solution.

finid

@julian

Cool.

Scuzz

@planner Nah, he is just lazy.

Schamper

@Scuzz Just busy with uni and work.

Now that all of you bitches are finally happy with the Shoutbox I'll have time for other plugins.

Scuzz

@Schamper I was happy with it before, it was @almost who was bitching about the layout

Schamper

@Scuzz true... You heard it @planner, you'll have to blame @Almost!

finid

@Schamper

I really have no interest in the Shoutbox plugin. It's that video chat that I'm looking forward to. Don't ask me why.

Schamper

@planner That was a higher priority because our forum heavily relies on it I'll finish up video chat first, then I'll get to the poll plugin.

a_5mith

@julian said:

This plugin is transparent to the end user. It is not a front-end solution.

Unless you're in the project honeypot database, then you get the 403 error message.

(For anyone that's concerned they'll lose members to these error messages, there's a link in the error message for them to verify they're not a spam bot, it's a great tool)

julian

@planner said:

Too busy, I'm sure. We need to reactivate @schamper.

Main screen turn on. We get signal. @schamper, you in for maintaining the project-honeypot repo? Pretty sure it's done already

finid

@julian

Ah, Mr! You quoted the wrong guy. But don't worry, it's not that important.

julian

I did? @schamper is @MrWaffle

finid

@julian

Don't worry about it. It's not VIP, like I said earlier. But for the record, "Too busy, I'm sure. We need to reactivate @schamper" was written by moi. See the 3rd post. :wink2:

julian

Oh, that! Sorry My mistake

Edit Fixed!

Schamper

I put it on my todo list