Forums

OK, let's sum this up.

There is no general, static solution that can be applied to any board. Bots can be rewritten to fit every anti-bot-test (sooner or later). Additionally, every anti-spam measure must not interfere with the accessibility. This includes that solutions shouldn't depend on CSS, Flash or JavaScript in order to enable basic mobile browsers, text-only web browsers to use the registration form.

You have to ask yourself which visitors may be excluded in order to use anti-spam systems.

One that is easily adaptable and in my opinion a very good idea, is the question-answer captcha. Every forum admin can specify one or more questions which will be asked on registration. This eliminates a general spam bot for all FluxBB forums.

The hidden fields with css measure may look promising to me, but I personally don't know many factors: How easy is it for bots to parse and apply CSS and JavaScript? How do screenreaders, text-only browsers and old mobile devices handle this?

Image CAPTCHA implementations mustn't be disregarded. Even if most are cracked and every will be cracked sooner or later, the reCAPTCHA looks really good. It doesn't require JS and has audio files as alternatives for blind users.

Sounds good. What about the following limits?

Registration only possible, 30 seconds after viewing registration page. Only 2 registrations per IP per day (?)

Nice! I'm really interested.

Hey Reines

what is your exact implementation of "Hidden field with CSS"?

I'm thinking about something like the following:

1. the username field is renamed to something new for every user/session (e.g. A1B2)

2. a new hidden field with the name "username" is added as honeypot for bots

3. some additional hidden fields with names with the same scheme like the real username field are added (e.g. A2B2, A2B3) as honeypots

I'm pretty sure no bot is able to pass this test. Any input?

Actually a Facebook bridge can have many more features than login/registration:
- say "thanks" for threads / posts using the "I like" button
- "I like" the whole forum (button in the footer or somewhere else)
- receiving Facebook updates for subscribed threads, private messages and more
- updating Facebook status: "I just posted a thread 'xy' on 'z board'"

That's the best solution for i18n: 3 Strings (as reference: Wordpress does it exactly like that):

1. 0 Guests

2. 1 Guest

3. % Guests

I'm interested in doing something like this. I love to read planetphp, but I'm sure I won't read fluxplanet as long as there are only 3 feeds combined.

Did anybody do any benchmark tests already? On my localhost the include()-hooks are about 25 times slower than the eval() hooks. I have enabled APC with the following config:

apc.enabled=1
apc.file_update_protection=2
apc.optimization=0
apc.shm_size=32
apc.shm_segments=1
apc.gc_ttl=1800
apc.ttl=1800
apc.num_files_hint=1024
apc.enable_cli=0
apc.include_once_override = 1

I dislike the idea of e-mail obfuscation in the FluxBB core, because every anti-spam method that is implemented by default will be solved in a matter of time.

Users of Lynx and other text-based browsers and users of functions like Stylish(Firefox Addon) or NoScript(Firefox Addon) won't be able to de-obfuscate the anti-spam obfuscation.

Extensions are the perfect solution for this.

Yes

The checkboxes behave like <select>, you just aren't able to use SHIFT - why are they not good to use?

Why don't you redirect always to /page/1/ if no page is set? (and link directly to /page/1/ in index.php and viewforum.php)