The Fresh Loaf

News & Information for Amateur Bakers and Artisan Bread Enthusiasts

Are offsite links disallowed now?

ejm's picture
ejm

Are offsite links disallowed now?

Whenever I try  to post an offsite link within an anchor tag, I get a message saying that my post is suspected of being spam. No captcha to fill out.


I have been unable to update my ejm (Elizabeth) recipe index. I tried removing all the offsite links but still, it won't allow the post to go through.


Is there a limit to the number of links per post?


-Elizabeth

dstroy's picture
dstroy

I don't think they are dissallowed - we've seen lots of posts come through with other links. But we definitely had to install some spam-ware stuff when some spambots were posting REALLY disgusting content that tended to happen while one of us were trying to do other things and we dont want that stuff showing up here.


The link you posted here appears to be broken - so I'm not sure where it's supposed to be pointing to - are you talking about posting a brand new entry or editing an existing one?

Floydm's picture
Floydm

I fixed the link in your post.


No, there is no limit on offsite links.  All posts are being run through Mollom, a service that filters content based on current spam trends.  So what passes one day may not pass the next. 


A few folks have experienced problems with the filter but overall it seems to not have caused too much inconvenience, and it definitely has cut down on the amount of spam here.

SulaBlue's picture
SulaBlue

Almost every time I try to post a link, I get that. Sometimes I can reload the page and it works fine. I thought it was a problem with Safari. I may be wrong, but I think if I add a link to say... Wild Yeast... while using the HTML editor, it doesn't even set off the filter or ask for confirmation.

ejm's picture
ejm

For some time now, whenever I put a link within an anchor tag, and whenever I've edited a post, I've had to fill out a captcha. I don't mind having to do that. That hasn't been at all problematic and I completely understand why this measure was implemented.


But for the past couple of days, whenever I put an offsite link into an anchor tag, I've been getting the following message:



Your submission has triggered the spam filter and will not be accepted.



And whenever I put an onsite link  into an anchor tag, I get the message that I have to fill out a captcha.



We're sorry, but the spam filter thinks your submission could be spam. Please complete the CAPTCHA.



However, even after removing the offsite links from my recipe index page (they're still there; I cannot edit the page), I'm getting the "will not be accepted" message.


I've been trying to add links to recipes housed here on the FreshLoaf site as I see them. Yesterday, I wanted to add Zolablue's Chocolate cinnamon chip rolls to the list. But I have been unable to edit the index. I thought that if I removed ALL offsite links, I might be able to edit the post but alas no. I was going to move all the offsite links on that page to my etherwork.net blog recipe index so that editing the recipe index page here would no longer be a problem. Alas, even that option does not appear to be possible.


-Elizabeth


edit: oddly, I got the "please complete the CAPTCHA" message for this post, even though there is the above offsite link to etherwork.net/blog

pjaj's picture
pjaj

I've noticed that recently a number of my posts have been asked for a captcha even though they don't have any link in them at all! Including this one.


Surely what you are rightly trying to do is to prevent robots posting. What a captcha does is to establish that there is a human on the other end, nothing else. Could you not establish a list of trusted posters? Those of us who have been posting for some time and have a proven record of good posts. I know that some sites have this or a similar form of anti-spam installed.


There is already the rather annoying pop up when you cut & paste using Ctrl-C / Ctrl-V. I'm not quite sure what this is supposed to be preventing. And my spell checker can't see the contents of this text entry box (unlike every other site) so if there are spelling errors they don't get corrected.


BTW, you really should get your own favicon. Using the Drupal default is a give away for those who want to hack sites.


Having said all that, this is still the best bread site by far.

ejm's picture
ejm

If you move out of the rich text editor, you can use "Ctrl-C / Ctrl-V"


And to prevent that annoying popup from appearing when IN the rich text editor, use the "edit" button at the top of the browser. It's a little annoying to have to use the mouse rather than the keyboard but it's MUCH less annoying than seeing the popup.


-Elizabeth


P.S. Sandwich bread just came out of the oven. What a wonderful aroma!


 


 


RRrrrrrr, when I tried to post this, I got the message "We're sorry, but the spam filter thinks your submission could be spam. Please complete the CAPTCHA." Why not have the captcha at the bottom of the original post?

Floydm's picture
Floydm

There are pluses and minuses of running a site on an open source CMS.  The biggest plus is getting tons of code for free, the end product of hundreds of programmers' output.  The minus is things don't always work exactly the way you'd like them to if you designed them from scratch.  And while the code is open and you can always modify it and submit the change back into the project, to get your change committed frequently takes energy and dilligence.  Branching and creating your own code base means taking ownership of a huge amount of code that isn't yours and is usually a bad idea.


That's my way of saying I have no idea what's up with the Cntl-C / Cntl-V thing.  It doesn't do it to me and I copy and paste all the time, but I never copy and paste from Word or other programs that insert bogus formatting.  And I'm not on Windows.  If we all just used text editors and coded in raw HTML and used terminals life would be so much easier, but since that is unrealistic I've settled on a WYSIWYG editor that makes things easier for 95% of users but has a few quirks.  Overall it seems to serve most of the community well.


The Drupal favicon is not a security threat.  There are 999 other ways that a hacker could figure out this site is on Drupal.  I stay up-to-date on all the patches and am at no more risk than any other Drupal site in the world like The Onion or MercyCorps.org or Recovery.gov.   Dstroy did do a cute little bread loaf favicon.ico that got lost during one of the upgrades that I would like to find again someday but only  because it was cute, not for security reasons.


The thought of marking posters as trusted has crossed my mind and I would like to pursue it when time permits.  There are a few issues with such a solution: for example, spammers often create sleeper accounts that they don't activate for months, so I couldn't just write a SQL query that said "all accounts over 2 weeks old are trusted."  Basing it on content (say "has made 5 legit posts") would work pretty well, though it wouldn't handle the case where a legitimate poster goes rogue.  That hasn't happened here recently but it has happened before.  I can live with that risk though.  But it takes work to develop such a custom solution, and given the current situations in Pakistan and Sri Lanka that my agency is responding to, I'm coming home from work late and spent right now with barely enough energy for my family, let alone for supporting TFL.  I apologize for being an absentee admin but I hope you'll understand that my bandwidth is being dedicated to a worthy cause right now.


Speaking of Drupal and Mercy Corps, I did write a blog post over there this week.  We just launched blogs and are hoping to get people from our field offices all over the world to post.  Fingers crossed they can because their posts could be fascinating, much more interesting to read than posts by some computer nerd writing about content management systems. ;)

LindyD's picture
LindyD

What browser are  you using, Pjaj?  I alternate between Chrome and Firefox 3.0.10 and only once have I had a captcha pop-up in the past months.  Nor have I had any issues with links of any nature.  Odd.


BTW, there are around 14,000 TFL members.  I'm not sure Floyd has the time (or the desire) to be selective about who is "trusted" and who isn't.  


 

ejm's picture
ejm

WinXP, Firefox 3.0.10


I've had the captcha popup EVERY time I've posted in the past few days. Except for when I have put an offsite link into an anchor tag and a message appears saying that my post has been refused because it has been seen as spam.


I understand the need for keeping spam completely at bay but this recent development feels a little overzealous. However, I can live with it. I'll just have to remember that posting here takes more time per message.


-Elizabeth


 


edit: to clarify, the captcha popups appears whether or not there is a link in the post. The noncaptcha refusal to post at all appears when there is an offsite link housed within an anchor tag. However, the captcha popup appears if I simply paste the offsite URL into the post.

pjaj's picture
pjaj

LindyP, sorry I missed your post till now.


I'm using the latest version of Firefox, 3.0.10


Just these two lines of text got me yet another request for a CAPTCHA!!

ejm's picture
ejm

I know I said that I could live with the overzealousness of Mollum, but I have to say that it is getting to be quite frustrating. Because I am unable to edit the recipe index page, I just tried to post an entirely new version of the index (with the intension of deleting the first one). I removed ALL offsite links from the post. There are only links to FreshLoaf pages. And I got the following message:



Your submission has triggered the spam filter and will not be accepted.



No captcha to fill out. Just a big "no". Is there a limit to the number of links per post?


On every other post or reply in the past couple of weeks, I've gotten this message.



We're sorry, but the spam filter thinks your submission could be spam. Please complete the CAPTCHA.



Is there no way that the CAPTCHA can be included on the same page as the post, say, just below the posting window? Or if that isn't possible, could it appear just below the message so we don't have to scroll down to the bottom of the page when we get the message that Mollum thinks we're bots?


-Elizabeth (WinXP, Firefox 3.0.10)


 

Dragonbones's picture
Dragonbones

I'm getting "Your submission has triggered the spam filter and will not be accepted." I don't have a problem with having to fill out the CAPTCHA thingy, although having to fill it out for 2 out of 3 posts is a bit of a hassle, but when no option is even given for that, that's really frustrating! No other forum I've ever been on has thrown me anything quite so unfriendly.


I did use the URL-style HTML link to an offsite recipe. Is this forbidden?


I realize the administrators need to control SPAM, and I certainly appreciate your fine efforts in this regard and in providing us such an excellent forum!  But can you do anything to ensure that users are at least presented with the Captcha option? Can't something be toggled or programmed so that established users, above a certain number of posts, are exempt from this stuff, including the CAPTCHA thing?  By hitting new users with that requirement, and by deleting user accounts when they're reported as spammers, you'd be getting rid of pretty much all the spam anyway -- that's what other forums do, and it works well.


Thanks!


Kent in Taibei

Dragonbones's picture
Dragonbones

And I've been rejected again! This filter is making the site almost not worth posting on! I tried to link to pictures of my English muffins on Imageshack so as not to use up any of my limit here (and because the image hosting here is too clunky and hard to use), and after 10 minutes of effort to make a pretty post, REJECTION, and no opportunity to complete the CAPTCHA. Admins, PLEASE!  I'd much rather see occasional SPAM get through than have this kind of hassle more than once daily.

ejm's picture
ejm

I know exactly what you mean, Kent (dragonbones). I  pretty much gave up on trying to post offsite links on the FreshLoaf because of getting the rejections.


Testing:


cooksrecipes.com: Authentic English Muffins Recipe


-Elizabeth


edit: but something has changed and I can now do so. The only thing I can think of is to try linking by posting just the URL rather than using the chain icon:


http://www.cooksrecipes.com/bread/authentic-english-muffins-recipe.html


That was the method I was using after starting this thread.


 

LindyD's picture
LindyD

Have you tried using Photobucket?  I've not had any issues with that service.


BTW, I run a horticultural related forum which has nowhere near the membership of TFL and believe me, were it not for spam filtering we'd be deluged.  There's no such thing as an "occasional" spam.


 


 

Dragonbones's picture
Dragonbones

Thanks for the quick response, ejm! I've not used the chain icon, but manually added the square bracket URL = HTML code for the site link which got rejected, and manually added the square bracket img HTML code which got rejected.


LindyD, as a moderator on another site, I really do know there's a lot of SPAM out there, but (and please correct me if I'm wrong) there should be several different ways to catch it. As much as I love and appreciate TFL and the efforts of Floyd and whomever all he's got helping him with the site, TFL's method is the most frustrating and sometimes downright infuriating of the methods I've seen.


I help a lot as a mod on another site that gets a lot more traffic than TFL, and very little SPAM gets through our double-layered net; what gets through is killed extremely quickly, too. Most of the protection, volume-wise occurs at the registration level. When registering, users are asked the reason why they'd like to register. Admins thus screen out most of the spammers (often bots) up front. There's a team of twenty or so moderators (frequent posters like me who volunteer to help) who then catch and circular file or delete the remainder which gets through. It works very well, with no pain for the average user.


I wonder whether the site admin (team? -- sorry, I'm not really familiar with how the site is run) has or have considered something like that instead of this current filter.

pjaj's picture
pjaj

You seem to have solved the captcha problem, but there is a tiny niggle with the emails you send out listing the most recent posts and comments.


In the second half listing the comments, when there is only one then it is shown as "1 new comment ...", but when there is more than one it appears as "!count new comments ...". Obviously a slight typo in the programming.


"!count " also appears in the heading of the section.