Hacker News new | ask | show | jobs
by GabeK0 1813 days ago
Hmmm, slowness might be caused by minimizing / tabbing out and a bunch of messages building up. I can definitely fix this though. If it gets slow during normal usage, that's another story that I'll have to look into.

And regarding the other comment, I'm guessing you're referring to Google Recaptcha. Yeah, I see what you mean. Of course, I would prefer to not have that in there either but was forced to add it in to curtail people spamming the site with scripts / bots. If you have another solution to prevent that, I'm all ears!
1 comments
Datagenerator 1813 days ago
Rate limit each unique source IP address would suffice?
link
GabeK0 1813 days ago
This is already done! But then the spammers would just slow their spam bots down under or near the rate limit, and it would get very annoying seeing random max length messages appear over and over again every few seconds. You could make the rate limit even more restrictive, but then you ruin the experience for normal users. It's a tough problem
link
Jarwain 1813 days ago
Do some comment uniqueness detection grouped by the source IP? If the same IP sends a bunch of messages that are Too Similar, blacklist them
link
Jarwain 1813 days ago
After actually trying the site, this feels more tricky than useful
link
angrais 1813 days ago
Have you experienced spammers or your website or is this preemptive?

Also, couldn't you generate a random six digit number and ask a user to write it as a workaround for using Google? Or use a self-hosted service?

link
GabeK0 1813 days ago
Oh goodness have I experienced spammers.

The first version that I made ~6 months ago had basically zero protection against spammers/trolls/etc, and it's been a non-stop arms race since then. I could rant for long hours about the numerous types of attacks and what I've had to do to prevent them.

I like the random code idea. But you'd have to ask more than once, otherwise spammers could go through the code once and then turn on their script. So it again becomes a tradeoff of how much to worsen the experience for normal users

link
jamescampbell 1811 days ago
This gives me an idea of building a type of web application firewall that would be used for chat related sites like this that would automatically block bots/spammers/trolls.
link