mirror of
https://github.com/vichan-devel/vichan.git
synced 2025-01-24 23:13:49 +01:00
remove vichan's current antibot system
This commit is contained in:
parent
26ffd1aa72
commit
0ff0e707d6
@ -275,83 +275,6 @@
|
||||
// To prevent bump attacks; returns the thread to last position after the last post is deleted.
|
||||
$config['anti_bump_flood'] = false;
|
||||
|
||||
/*
|
||||
* Introduction to vichan's spam filter:
|
||||
*
|
||||
* In simple terms, whenever a posting form on a page is generated (which happens whenever a
|
||||
* post is made), vichan will add a random amount of hidden, obscure fields to it to
|
||||
* confuse bots and upset hackers. These fields and their respective obscure values are
|
||||
* validated upon posting with a 160-bit "hash". That hash can only be used as many times
|
||||
* as you specify; otherwise, flooding bots could just keep reusing the same hash.
|
||||
* Once a new set of inputs (and the hash) are generated, old hashes for the same thread
|
||||
* and board are set to expire. Because you have to reload the page to get the new set
|
||||
* of inputs and hash, if they expire too quickly and more than one person is viewing the
|
||||
* page at a given time, vichan would return false positives (depending on how long the
|
||||
* user sits on the page before posting). If your imageboard is quite fast/popular, set
|
||||
* $config['spam']['hidden_inputs_max_pass'] and $config['spam']['hidden_inputs_expire'] to
|
||||
* something higher to avoid false positives.
|
||||
*
|
||||
* See also: https://github.com/vichan-devel/vichan/wiki/your_request_looks_automated
|
||||
*
|
||||
*/
|
||||
|
||||
// Number of hidden fields to generate.
|
||||
$config['spam']['hidden_inputs_min'] = 4;
|
||||
$config['spam']['hidden_inputs_max'] = 12;
|
||||
|
||||
// How many times can a "hash" be used to post?
|
||||
$config['spam']['hidden_inputs_max_pass'] = 12;
|
||||
|
||||
// How soon after regeneration do hashes expire (in seconds)?
|
||||
$config['spam']['hidden_inputs_expire'] = 60 * 60 * 3; // three hours
|
||||
|
||||
// Whether to use Unicode characters in hidden input names and values.
|
||||
$config['spam']['unicode'] = true;
|
||||
|
||||
// These are fields used to confuse the bots. Make sure they aren't actually used by vichan, or it won't work.
|
||||
$config['spam']['hidden_input_names'] = array(
|
||||
'user',
|
||||
'username',
|
||||
'login',
|
||||
'search',
|
||||
'q',
|
||||
'url',
|
||||
'firstname',
|
||||
'lastname',
|
||||
'text',
|
||||
'message'
|
||||
);
|
||||
|
||||
// Always update this when adding new valid fields to the post form, or EVERYTHING WILL BE DETECTED AS SPAM!
|
||||
$config['spam']['valid_inputs'] = array(
|
||||
'hash',
|
||||
'board',
|
||||
'thread',
|
||||
'mod',
|
||||
'name',
|
||||
'email',
|
||||
'subject',
|
||||
'post',
|
||||
'body',
|
||||
'password',
|
||||
'sticky',
|
||||
'lock',
|
||||
'raw',
|
||||
'embed',
|
||||
'g-recaptcha-response',
|
||||
'h-captcha-response',
|
||||
'captcha_cookie',
|
||||
'captcha_text',
|
||||
'spoiler',
|
||||
'page',
|
||||
'file_url',
|
||||
'json_response',
|
||||
'user_flag',
|
||||
'no_country',
|
||||
'tag',
|
||||
'simple_spam'
|
||||
);
|
||||
|
||||
// Enable simple anti-spam measure. Requires the end-user to answer a question before making a post.
|
||||
// Works very well against uncustomized spam. Answers are case-insensitive.
|
||||
// $config['simple_spam'] = array (
|
||||
|
Loading…
x
Reference in New Issue
Block a user