Some years back I purchased a couple of NetGear Duo RAID disk enclosures. Each enclosure was loaded up with dual 1TB disk drives from Western Digital. Everything written to one drive was mirrored to the second drive. This helped protect against a single disk failure.
I also had a very old (PIII processor!) computer that was running linux. At one point I was using it as a development environment, but it had long since been retired from that duty. Why was it still around? I had created mount points for each of the RAID arrays on this linux box, and it was responsible for going to my web server (which hosts this blog, among other things) and downloading the nightly database backup files. (My web server runs a hot backup at 1AM each morning using the mysqldump command.) This linux box also had a script (running at 2AM) that would ftp to my web server, retrieve all of the database dumps, download them, add a date stamp to the file name, and then copy the resulting files out to the RAID array. The entire process was automatic, transparent, and for a long time was quite robust.
Until a few weeks ago. More…
I read this morning a topic in the MOD Authors forum at phpbb.com where the topic poster was trying to figure out a way to encrypt / decrypt private message text. The technical challenge was easily overcome, as someone posted some code that allows the board owner to do exactly that.
The problem is, it accomplishes nothing. 
Private messages are often a hot topic for board owners, probably because of the privacy implications of the name “private” message. As most board owners probably know, private messages are not truly private. Anyone with database access can read the private message text. Anyone with access to a backup SQL dump can do the same. But who has this type of access, and what can be done to prevent it? More…
One of my other blogs had been hit and hit hard by spammer comments advertising headphones. This morning I noticed this one here on this blog:
That’s specifically aimed at human-powered paid-to-comment spam. I would rather already have excellent-quality comments than the next quantity of comments.tour headphones Sadly, I’m nonetheless getting an awful lot of spam comments (what’s up, Akismet?), so I think it’s time to install some additional defense layers.
The words “tour headphones” were a link, of course. Subtle, it was not. 
But I found it extremely ironic and ultimately amusing that the comment itself talked about spam. If you pick a few phrases from that comment you’ll find the exact same thing on other blogs / boards as well, or at least I did when I searched.
I’ve decided to contact the headphone manufacturer directly and let them know that I will never buy their products. Ever. Might not change anything, but it will make me feel better.
Oh, and I added specific code to my anti-spam process to look for this particular type of link. 
I have had a couple of requests now for Tapatalk or something similar on my board. The Tapatalk application does not currently support phpBB2, but iPhone / Android support is becoming more of an interest to folks. Tapatalk is not a template or theme, it’s an application designed to interact with a discussion board (they support phpBB3 as well as several others).
I have to admit that I find this to be a far more intriguing idea than a mobile template. The folks behind Tapatalk offer a free API that would allow developers to extend the app to different forum systems. It would be interesting to see if anyone is currently working on phpBB2.
Tapatalk
I’m registering on their “Forum owner” area and will see what things look like.
The focus for the past several years for board owners has been to prevent (or at least have some easy way to ignore) spammer registrations. When spammers thought it was useful to have an entry on a board memberlist they were often satisfied with getting through the registration process. They didn’t bother to activate their account. As a result, one of the most popular (and fortunately very easy) MODs for discussion boards was to prevent inactive members from showing up on the member list. This is the standard configuration for phpBB3, no MOD required.
Spammers reacted by altering their process so they can activate accounts. (I as well as other board owners have seen a dramatic increase in use of gmail accounts for this, so clearly Google’s registration process has been cracked and automated as well.) Like many board owners, I would like to have a “clean” database. But it wasn’t a huge imposition to get spammer registrations. If they never posted, they were not a contributing member of my board but at least they weren’t getting in the way. I had a MOD that prevented board members from entering a web site until they had a minimum number of posts on my board, so at least I didn’t get a member database sprinkled with unsavory web links. There are also MODs available that prevent zero-post users from showing up, and for pruning inactive or zero-post users after some specific period of time. All of these were okay in their day, but are not as effective anymore.
I’ve posted many times about my Checkbox Challenge code. It has served very well in protecting my blogs, several phpBB boards, and even my comment forms from spammers. However I am starting to see some issues, and that bothers me. Why? Because the new spam seems to be coming from humans rather than bots. I don’t know how we can combat that. Spammers seem to be quite creative with their posting strategies as well. More…
A few weeks ago I had an interesting conversation with a woman from England who is doing a thesis on the psychology of online communities (discussion boards). During the conversation she dropped a phrase that I immediately stopped and wrote down so I could think about it further. Here is the basic question that was invoked by her comment:
What is the difference between recognition and reputation? More…
In the past I have done a number of tricks to celebrate today. One year I posted a very official looking press release stating that the board had been bought out and would no longer be a free resource. Another year I used to tricky CSS to flip the “off topic” forum upside down.
This year I used a suggestion from my wife… it’s evil. 
I will post what I did after today is over.
How about you? Any fun tricks to share?
I suspect that most folks running phpBB don’t get beyond the 5,000 member mark. Even fewer get beyond the 10,000 member mark, or three years of consistent growth. What happens when you get to that point and can’t afford to run your board anymore? Then it’s entirely possible for a board with over 100,000 members to simply disappear.
It happens.
I have posted a lot about the Adsense program over the past years, specifically related to advertising on phpBB boards. I currently do not use Adsense, but I did for many years. However I never relied on the revenues from that source to keep my board running. If I had, I might have ended up like this case study:
Warning to Webmasters: It can happen to you
The link contains a case study about Soccerpulse, a web site with over 100,000 members that closed up shop because their Adsense revenues declined and they could no longer afford to run the site.
I posted a question on Google’s support forums a few months ago (since they don’t seem to offer email support of any kind anymore). While waiting for a response, I have spent some time reading and at times responding to some of the questions there. One of the questions that I saw posted most frequently can be paraphrased as “How can I make more money” or something along those lines. I realize that many board owners probably aren’t using Adsense, but if you are, I thought I would post a few summary tips on this subject.
You can earn more money by:
- Generating more traffic
- Generating more clicks
- Getting higher-paying advertisements
I’ll talk about each of these at a high-level in this post.
More…
We have a topic on my board with the title “Please do not post in this topic”. Needless to say, this topic has survived for nearly three years, even in the “off topic” area where topics are pruned after 14 days of no activity. So lately I have been trying to have some fun with it.
First I added some javascript to the page (but only for that topic) that made the Reply and Quote buttons move away from the mouse. That made it impossible to click on the button, but you could still tab to the buttons and invoke the required code. Yesterday I switched the normal images for the buttons with the spacer.gif and sized it to zero by zero pixels, essentially making the button invisible. I also altered the tab index to -1 which according to a few sites I read makes the button disappear from the tab sequence.
Of course there are still several ways for folks to post in the topic. That’s sort of the point, to see how long it takes folks to figure out how to work around the challenges I have put in place. For example in the first version someone could disable javascript and the buttons would no longer move, giving them another way to click the button rather than using the tab key.
To continue the fun, I am looking for suggestions for other ways to challenge folks, and keep them from posting in that one topic. The key is there has to be some sort of loophole, as I’m not trying to completely lock folks out.
Any ideas?
March 21, 2012
Comments (2)