roger.pape Site Admin
Joined: 17 Mar 2009 Posts: 414 Location: Liverpool, NY
|
Posted: Tue Mar 31, 2009 10:43 am Post subject: Board Security |
|
|
As I have stated on previous occasions, I have been trying to avoid hackers and spammers on this website. One way is by not actively promoting the site on search engines, i.e. blocking search engine spiders. Generally, people are only aware of this website by word-of-mouth referrals from others. However, the "bad guys" out there are persistent, constantly trolling the Web for sites to corrupt. So I have noticed that some of them have stumbled upon this website and a few have posted offensive material that had to be removed.
It is difficult to provide a balance between security and ease of use. I initially installed the message board with the option that guests could make postings on it without registering. I don't like registering either. On various occasions I have not bothered to post responses or ask questions on help boards that require one to register. Unfortunately, there are automated spam engines that scour the Web looking for boards that allow guest postings and take advantage of that feature. So I have reluctantly changed the message board so that one must register and log in to post a message or create a new topic.
Legitimate users, please register. The purpose of the message board is to have as many people as possible exchange their thoughts or requests with others.
If you are concerned about having personal information exposed by registering, take a look at the Memberlist. As you can see, you can enter as much or as little information about yourself as you wish. The only required information is a username and minimal password. However, it is a good idea to include your email address so that friends can contact you. Note that the address is not displayed, only a button to generate an email message.
Unfortunately, the problems for me don't end with required registrations. There are spam engines that can automatically generate registrations. However, these are relatively few and, as administrator, I can remove those accounts. Other measures can be added to reduce this problem, such as adding an innocent question to which one must manually respond. (This will foil most automated systems.) Since I don't want to make monitoring the board a full-time job, I will probably use a few more tricks like that. But the hackers/spammers consider such measures as a challange. The battle continues! |
|