April 2, 2023: Answer My Riddles
Oh, first of all, since I said in the previous post that if I made a post today I would say this... the previous post was not an April Fools' Day hoax. It would have been a really pointless and stupid April Fools' Day hoax if it was, but as I mentioned there I've made a really pointless and stupid April Fools' Day hoax in the past (albeit a decade ago), so I figured I ought to be totally clear about this.
That out of the way, now on to what this post was supposed to be about...
So, I've finally completed at least one item on that lengthy to-do list I keep mentioning in my blog posts.
(Which, incidentally, is not a list I actually have written down anywhere. Though come to think of it it probably should be. It would help me keep track of everything, and seeing the tasks written out might help me prioritize them and motivate me to get them done.)
No, not the improved process of making blog posts that I discussed two days ago. This post was still made the old, ridiculously convoluted way. And not implementing the custom tabs, like I discussed in the post before that. (As much as I'd like to have that in place, that's going to be quite an undertaking, and it's going to be a while before I get to it.) Or... well, I actually did come up with a new name for the former cabals of Curcalen, like I discussed in the March 11 post, but I mean that was a simple enough matter I wasn't really even counting it as an item on my to-do list. (They're covins now, by the way.) But I did get something done that I haven't mentioned in a while, but that I'd definitely been wanting to do.
Namely, I implemented better anti-spam countermeasures on the forum registration.
Not that there had been no anti-spam countermeasures implemented before, but, well, there had just been a simple CAPTCHA, which for modern spambots was I suppose a negligible impediment. I'd since done a bit of reading on the topic and found that apparently the most effective countermeasure is requiring new registrants to type in the answer to a question that would be easy for human visitors to the forum to answer but difficult for computers. The phpBB installation already came with the Q&A plugin included; all I had to do was select it from the dropdown on the spambot countermeasures page in the administration control panel, and customize it by putting in a few questions. So I (finally) did. I came up with some questions that would be easily answerable by a search on the Central Wongery but pretty much unanswerable otherwise, like "Therqin is the Norgan capital world of what god?" If you search for "Therqin" in the Central Wongery, currently the very first sentence of the article that comes up is "Therqin (pronounced /ˈθɛərkɪn/) is the Norgan capital world of Faghllal, goddess of consumption." So the answer is (hopefully obviously) "Faghllal"—or it would be if this were one of the actual questions; it's not; it's just an example; but the actual questions are similar.
This is, unfortunately, a bit of an inconvenience for people who want to register for the forums. I realize that, and I do regret it. But given the onslaught of spam that the forum has been subjected to, I think this inconvenience is necessary and worth it.
(I also noticed when I looked at the user registration settings in the administration control panel that I hadn't even made email verification required for user registration! That... really seems like something I should have done a long time ago, too. I mean, I'm sure there are modern spambots sophisticated enough that they would have had no trouble completing the email verification, but still, I shouldn't be making things too easy for them. (It's required now, of course.))
I have gone through the forums several times in the past, cleaned up all the spam, and deleted all the bot accounts, most recently on September 1, 2022. However, thousands more bot accounts have registered and posted (or attempted to post, their posts held up in moderation) since then. There were, at the time I started writing this post, eight thousand nine hundred and ninety seven new topics awaiting approval in the moderation queue, along with forty posts in existing topics. There are six thousand and sixty six registered users—one of which is the WikiSysop account that the wiki installation automatically adds, six of which are of course the Grandmaster Wongers, and two of which I had exempted from my latest purge because there was nothing about their usernames or profiles that made them obvious spambots (one of them had made one post in Ukrainian asking about jobs in Poland, which seemed like a very odd thing to post in the Wongery forums, but since the post included no links or anything else obviously spammy I gave them the benefit of the doubt and left it up), but that leaves six thousand and fifty seven new accounts that were created since September 1, 2022 that are very likely all spambots.
However, there have been no new accounts created since I implemented the Q&A counterspam measure. Granted, that was less than a day ago, so it's not proof that the spam is at an end, but at least it gives reason for hope.
I've already started clearing some of the spam out, which is why I specified above the number of messages "at the time I started writing this post"—not because new messages had been posted since then (though a few were, by spambots that had already registered prior to the implementation of the new countermeasures and had not been culled yet), but because some messages had since been removed. Removing thousands of spam messages and bot accounts is a bit of a slog (it would be less so did I not feel compelled to at least glance at them all in case there are any legitimate users I don't want to accidentally delete, even though it's nearly certain there aren't), but it's something I've done enough times now that I've developed techniques for doing it relatively quickly. And anyway, if the Q&A countermeasure works, then if all goes well there won't be any more deluge of new spam accounts, and I won't have to do this again; deleting spam will no longer be the exercise in Sisyphean futility it has been.
Now, one important consideration for the Q&A counterspam measure is that the answers to the questions are not things that can easily be found with a Google search. The questions I've implemented certainly are not—they're very easy to find by searching the Central Wongery, but that's something automated spambots aren't likely to do, and a Google search will avail them naught. But I suppose it's possible (not necessarily likely, but theoretically possible) that if the Wongery becomes popular enough, and its content becomes well known, then the information will be more easily available on that web, and these questions will be answerable with a simple Google search. But, eh, that's a bridge I'll cross when and if I come to it. And honestly, if the Wongery does become popular enough for that to be a problem... then that would actually be a pretty good problem to have.