Discuss the forum update

[Gambit37]

For your information.

1) We're only updating to the latest version of phpBB v2 -- we're not doing the full upgrade to v3

After some testing on my local setup over Christmas, I'm still not very happy with v3. As the main problem we're facing is simply spam, we can avoid most of it with some new MODs to v2 software.

2) I'll be taking the opportunity to add some anti-spam measures

I'll be installing these mods:

Textual Confirmation
http://www.phpbb.com/community/viewtopic.php?t=472940
or Registration Auth Code
http://www.phpbb.com/community/viewtopi ... 6&t=552845

Users will be presented with a question they have to answer during registering. Bots can't deal with this. Questions and answers can be defined by us in the control panel. TC uses a random question from a list while RAC only has one that you have to change on a regular basis. I'll test out both.

Hide Zero Posters
http://www.phpbb.com/community/viewtopic.php?t=262393

Stops all registered users who never post from showing up in the memberlist. This defeats the purpose of bots registering simply to get a link in the memberlist. A second phase protection.

Redirect anonymous users to login
http://www.phpbb.com/community/viewtopic.php?t=213812
This very simple MOD redirects anonymous users to the login page instead of showing member, groups, or profile pages. That way anonymous users can't see registered user's data.

3) All users will have their skin reset to subSilver and no extra skins/themes will be available for use.

4) Guest posting will be disabled
Yes, I know this is a biggie and it can deter genuine passing users who just want a quick answer to something. However, if we don't do this, it makes all the other efforts pointless. We can hide our email addresses in a sticky post for people who are having problems with their registrations and place an apology to genuine users explaining why we had to take this stance.

I'm also going to checkout the AntiSpam Toolkit http://starfoxtj.phpbbhelp.org/phpBB/toolkit/index.php which makes the process of getitng rid of registered spammers easier -- for the ones who might get through our new defences

This stuff is actually going to take quite a long time to test out locally then deploy to the server so I don't know if I can get it all done this weekend now, but I will do my best.

[Gambit37]

Notes for myself:

MODS to add in once update complete:

ESSENTIAL

Super Quick Reply:
http://www.phpbb.com/community/viewtopi ... 5&t=230887

Firefox Autocomplete Bypass
http://www.phpbb.com/community/viewtopi ... 5&t=446724

NICE TO HAVE

Chunk Long URLs
http://www.phpbb.com/community/viewtopi ... 5&t=428992

View number of posts since last visit:
http://www.phpbb.com/community/viewtopi ... 5&t=354358

Only Active Members can post URLs
http://www.phpbb.com/community/viewtopi ... 5&t=464628

Multiple BBCode MOD
http://www.phpbb.com/community/viewtopic.php?t=145513

Inline Spoiler Tag
http://www.phpbb.com/community/viewtopi ... 5&t=366815

Show/hide Signatures
http://www.phpbb.com/community/viewtopi ... 5&t=496212

[cowsmanaut]

will we get the quick links back?

[Gambit37]

Yep, they are right there already. If you can't see them you must have javascript turned off.

I do need to update them though, will sort that out too.

[Gambit37]

Please also use this thread to discuss any problems you've discovered with the upgrade, or to make further suggestions.

[George Gilbert]

Please also use this thread to discuss any problems you've discovered with the upgrade, or to make further suggestions.

Minor point, but the forum now seems to be a fixed width (rather than scaling to the window size). Event when viewing it with a 1024x768 screen resolution, I have to use the horizontal scroll bars to see the edge of some posts.

Would it be possible to set the width according to the size of the browser window as before?

Otherwise, all looks great... :D

(albeit a bit odd, not being in brown anymore!)

[Gambit37]

Would it be possible to set the width according to the size of the browser window as before?

I've made a tweak that should solve the problem, please let me know if there are still issues here.

looks a bit weird to see it like this.. but c'est la vie I suppose

Otherwise, all looks great... albeit a bit odd, not being in brown anymore!)

Actually, I quite like the blue and my new blue header! But yes, a more "DM feel" skin would be nice. Really not worth doing though if we upgrade to v3 of the forum as the method of skinning is totally different.

[George Gilbert]

Would it be possible to set the width according to the size of the browser window as before?

I've made a tweak that should solve the problem, please let me know if there are still issues here.

That did the job perfectly - thanks!

[Lunever]

Well, aside from sub-silver being ugly, I appreciate very much to have a better defense against the ever-increasing number of spam-bots.

[Gambit37]

Well, aside from sub-silver being ugly, I appreciate very much to have a better defense against the ever-increasing number of spam-bots.

You think this is bad, you should see the default! I've made a load of tweaks to make it cleaner and easier to use...

[Gambit37]

Redirect anonymous users to login
http://www.phpbb.com/community/viewtopic.php?t=213812
This very simple MOD redirects anonymous users to the login page instead of showing member, groups, or profile pages. That way anonymous users can't see registered user's data.

This seems to be working well! I'm seeing a lot of Guests on the admin summary page who are Viewing Memberlist, Viewing Who's Online, etc. These are most lilkely bots that are trying to grab user details. Stopped in their tracks! Yay!

[beowuuf]

Sweet!

Good to see your hard work paying off already!

[Gambit37]

Heh, here's a screengrab of the admin summary page earlier today. Funny how the same 'someone' (194.216.237.25) can be viewing all the forums at once... bots at work, bots at work...

http://www.resonantedge.com/misc/botsatwork.png

By the way, IP banning isn't that useful as spammers have such a huge database that they cycle through (they're all faked don'tcha know).

[beowuuf]

google or nastier?

[Gambit37]

Is it google? I didn't even bother checking!

[Gambit37]

One of the things I added was a counter to the "View posts since last vist" option. But it seems to be a bit broken and doesn't update correctly, especially across sessions (if you keep your browser open and return to the site more than once without closing the browser, it seems to get confused over the numbers of posts.)

I might have to remove this again if I can't find out how to fix it.

[Gambit37]

I've put back a little feature that nobody seemed to notice was missing: separated out announcements and sticky posts.

I've also added another mod that allows Gloabl Announcements -- do it once, and it appears on ALL the forums. Really, I wanted to reserve this for admins but it seems as if anyone can use it. Please be sensible -- if it's abused for non essential announcements, I'll demote your post!

[Parallax]

when you say anyone, do you mean anyone or any mod? If it's the former, I'm not sure I'm comfortable with giving this much power to a potential spammer. How's our spammer registration situation, btw?

[Sophia]

I'd assume anyone anyone, or it wouldn't even be something worth worrying about.

[Parallax]

Well I don't see any option to do that when trying to create a new thread, which is reassuring. I'm not even sure I can be trusted with this kind of power, let alone any random spammer.

[Ameena]

As far as I know, we haven't had any spammers since the forum update - I certainly haven't had to delete any posts, anyway .

[beowuuf]

It all seems good now!

[Sophia]

Oh, then I guess it's just moderators. I wonder if Gambit fixed it or something, because there's obviously nothing to worry about now.