David Gillaspey
Sun., Apr. 2, 2006, 12:24 am
Hi all,
(Last updated: 10 October 2007)
OK, it's about time I answer my own question. There's another good thread going under this topic, but what I have to say is enough different that I felt it best to start a new thread.
Lessons I've learned as host and administrator of The Church Webmasters' Forum:
1) In the early days of your forum, make sure all posts are answered promptly.
People naturally expect or hope that, if they took the time and effort to make a post on a forum (especially if they went through a registration process first), someone will respond quickly when they post. Responding to new posts might be the forum administrator's job, or a moderator's job, depending upon the forum.
I did indeed make an effort to answer posts promptly in the early days of this forum. After a period of time, I made less of an effort to do this for several reasons:
a) I was always aware that my own opinions (and I can be opinionated) could very well discourage new posts at the same time my responding to posts promptly was encouraging new posts (that equals a draw).
b) While I wanted to ensure posts were answered quickly, I am keenly aware that I am hardly the expert — you (the members of this forum) are.
c) I didn't want there to be too close a relationship between The Church Webmasters' Forum and my own site, www.greatchurchwebsites.org. I've always wanted the forum to have a life of its own.
d) I just didn't have time to answer every post.
Fortunately, as this forum grew, I was able to step back and let members respond to each other.
2. Expect the forum to grow slowly. Yeah, there are some forums (Christian or secular) that just take right off, but the norm, I think, is that your new forum will grow very slowly. It takes a long time to reach "critical mass." Some never do.
3. Expect and prepare for spammers.
Most of you don't realize it, but for a while I had a problem with spammers. They would make a post that purported to be a letter from soldiers in Iraq pleading for readers to contact their elected officials to encourage them to do whatever was necessary to bring home our troops. (Whether that's a good idea or not per se is not the point here.) Accompanying the posts were pictures of wounded soldiers with horrendous injuries. As real as the "letters" seemed, they were really just anti-war propaganda that didn't belong on this forum. I was always able to delete the posts quickly.
These photos were real (I suppose) photos of wounded soldiers. Spammers might have uploaded porn of the worse kind instead, but I never had that problem.
As the result of this experience, I offer the following advice:
a) Consider moderating, or not permitting to begin with, attaching photos to posts. (This is something you should be able to turn on or off in your forum software's control panel. That will be true of the remainder of my suggestions.) To "moderate" means the administrator or someone appointed by him or her (called "moderators") must approve the photos before they can be displayed on the forum.
Update (10 October 2007): If some of the methods I outline below work for you, then you may not have to moderate images.
b) Consider not allowing the IMG tag. Allowing the IMG tag in posts enables spammers to link to photos (porn, whatever) on their own site.
Update (10 October 2007): If some of the methods I outline below work for you, then you may not have to moderate images. In recent month, I've changed settings to allow members of this forum to use the IMG tag. Few members do, but mainly I needed to be able to use screenshots in my site reviews.
c) Consider whether you want to allow — or maybe just moderate — avatars.
d) If your forum is spammed, and your forum software captures the I.P. address of the poster, then ban his or her I.P. address if your forum software enables you to do so. (I use vBulletin for this forum; it provides all the options I mention.)
e) vBulletin and other forum software allow for word and phrase filtering (vBulletin calls it "censorship"). This function replaces words or phrases that you have specified with asterisks or some other specified character. Unfortunately, censorship requires that you specify words that would probably make you blush. Or words that you as a good Christian probably never heard of. (See below more for more information about this option.)
f) vBulletin and other forum software allow the banning of words that you specify, in email addresses of forum members. The point I made in e) above, applies here, too: the words you will need to specify likely will make you blush. This will keep spammers from using sexually oriented (for example) email addresses in their posts or in their user profile.
g) Don't allow HTML code (other than URLs) in posts. Forum software usually provides its own code instead to enable HTML-like effects. Hackers can "inject" malicious code into a post if you permit HTML code in posts.
h) Include the key words of certain (otherwise legitimate) download or upload domains in the "censored words" list of your forum. A spammer on my site once posted a short message with URLS to the following sites: www_uploading_com, www_megaupload_com, and www4_uploadsend_com. (I've not included the full URLs, just the domains; further, I used underscores in place of the dots in order to show the domains at all.) I've now added the key portions of these URLS to the censored words list for this forum. (There are, of course, probably 100s of other such sites; fighting spammers is a continuing process. If you know of other such sites, please list them in a post.) That means in the future, if spammers want to point members to photos or whatever on external sites, the URLS will contain asterisks, rendering the URLs useless, like this:
http://www.**************/?get=216MX6C6
http://www.***************/?d=OBLW5DMO
http://*********************/d.php?file=true&filepath=19180 .
Since this forum requires validated emails to register (that is, you have to respond to an email sent to you to complete registration), I had a real Yahoo address for the spammer mentioned above. I wrote abuse[AT]yahoo.com and asked them to delete the account. Might work, might not.
My list of file and photo sharing sites that are censored, as described above, includes more than 200 such sites. They were gleaned from several online lists that I found. Email me if you want the list as a text file. It's probably a bit dated by now, however.
Having written the above, I realize that many of you may choose to ward off spammers by putting your forum in the members-only (password required) area of your website. However, consider having some forum or blog that can be read by visitors to your website. The point of that is to allow unchurched visitors to be exposed to discussions about God and Jesus and the like. It may be that some will be drawn to the Kingdom as a result.
i) Considering turning on your forum software's CAPTCHA (http://www.captcha.net) system. A CAPTCHA system asks users to type in the numbers or letters they see in an auto generated image. I've sometimes used this, sometimes not. It stops spambots, but doesn't stop human spammers. Sometimes (or many times) the letters or numbers in the generated image are not clear, which frustrates legitimate users.
j) If you use vBulletin, I'll list a few specific mods (extensions) that you can install to help combat spam. These include:
* Spam list blocker (http://www.vbulletin.org/forum/showthread.php?t=134856). Blocks more than 260,000 email address domains (the part after the "." in an address) that are often used by spammers to register for membership. The 260,000+ addresses are divided into a number of text files (one for every number 0-9, and one for every letter a-z) allowing you to easily add, edit, or delete entries.
However, know that you will get occasional emails from legitimate but frustrated registrants who say they received an email banning their email address. Of course, it's not their personal email address that's banned (if you install this mod), but the TLD (Top Level Domain) name that's banned (again, the part after the "."). If you think the domain really is legitimate, then you can edit and upload the appropriate list to allow the registrant to try again and succeed.
* Prevent Spam Posts (http://www.vbulletin.org/forum/showthread.php?t=131568). This mod sends posts by new members to a moderation queue if the post contains suspect words. (You specify which words.) Unfortunately, for me, this results in new members' posts waiting to be moderated (approved) for a week before I discover the posts need to be approved. That tends to frustrate and discourage new members. So, use this at last resort.
* But the one that finally solved the problem of spammers for me was NoSpam! (http://www.vbulletin.org/forum/showthread.php?t=124828). This mod allows you to require registrants to answer a question. For a few months, I required registrants to solve a simple math problem, e.g., 1 + 5 = ?. That's sufficient to stop spambots. But that didn't stop human spammers. Then I changed the question to, "Who was Paul's Jewish teacher?" I've not had another spammer since. Go ye and do likewise.
(If you use a phrase question like this, make sure to set up answers that include all potential misspellings.)
4. Make sure someone — administrator or moderator — reads or scans every post as an email, if your forum software permits this. I've said this before, but I'll say it again: I get an email notification of every post on this forum. Thus, though I may not respond often (these days) to posts, know that I always keep a watchful eye on the forum. I scan each email/post to ensure the content is appropriate for this forum. (I allow a wide latitude of discussion but occasionally I have to act to ensure posts stay on track.) I also scan the information supplied by new registrants. I've been known to summarily delete a new registrant who provide clearly falsified profile information. He or she was a spammer.
5. Understand that it is likely that only a small percentage of your forum's members will regularly post. That's just the way forums are. Further, on forums like this one, people get busy and may disappear for weeks on end. I also think weather influences the amount of time people have to post on a forum.
6. Try to seed the forum with posts that people can respond to. On some forums, this is done by the administrator's having more than one member name. He or she logs on using one of the alternate member names and makes a post, then responds to his or her own post using another member login name. On this forum, I actually tried that in the early days, but quickly abandoned the technique. My writing style is such that I think anyone would detect the "fraud" (so to speak) by noticing how similar my alter ego and I write.
Instead, I've chosen to seed this forum with Conversation Starters such as this one. I feel I've achieved a moderate level of success doing this.
I'll add more to this post from time to time.
Sincerely,
David Gillaspey
Forum administrator
(Last updated: 10 October 2007)
OK, it's about time I answer my own question. There's another good thread going under this topic, but what I have to say is enough different that I felt it best to start a new thread.
Lessons I've learned as host and administrator of The Church Webmasters' Forum:
1) In the early days of your forum, make sure all posts are answered promptly.
People naturally expect or hope that, if they took the time and effort to make a post on a forum (especially if they went through a registration process first), someone will respond quickly when they post. Responding to new posts might be the forum administrator's job, or a moderator's job, depending upon the forum.
I did indeed make an effort to answer posts promptly in the early days of this forum. After a period of time, I made less of an effort to do this for several reasons:
a) I was always aware that my own opinions (and I can be opinionated) could very well discourage new posts at the same time my responding to posts promptly was encouraging new posts (that equals a draw).
b) While I wanted to ensure posts were answered quickly, I am keenly aware that I am hardly the expert — you (the members of this forum) are.
c) I didn't want there to be too close a relationship between The Church Webmasters' Forum and my own site, www.greatchurchwebsites.org. I've always wanted the forum to have a life of its own.
d) I just didn't have time to answer every post.
Fortunately, as this forum grew, I was able to step back and let members respond to each other.
2. Expect the forum to grow slowly. Yeah, there are some forums (Christian or secular) that just take right off, but the norm, I think, is that your new forum will grow very slowly. It takes a long time to reach "critical mass." Some never do.
3. Expect and prepare for spammers.
Most of you don't realize it, but for a while I had a problem with spammers. They would make a post that purported to be a letter from soldiers in Iraq pleading for readers to contact their elected officials to encourage them to do whatever was necessary to bring home our troops. (Whether that's a good idea or not per se is not the point here.) Accompanying the posts were pictures of wounded soldiers with horrendous injuries. As real as the "letters" seemed, they were really just anti-war propaganda that didn't belong on this forum. I was always able to delete the posts quickly.
These photos were real (I suppose) photos of wounded soldiers. Spammers might have uploaded porn of the worse kind instead, but I never had that problem.
As the result of this experience, I offer the following advice:
a) Consider moderating, or not permitting to begin with, attaching photos to posts. (This is something you should be able to turn on or off in your forum software's control panel. That will be true of the remainder of my suggestions.) To "moderate" means the administrator or someone appointed by him or her (called "moderators") must approve the photos before they can be displayed on the forum.
Update (10 October 2007): If some of the methods I outline below work for you, then you may not have to moderate images.
b) Consider not allowing the IMG tag. Allowing the IMG tag in posts enables spammers to link to photos (porn, whatever) on their own site.
Update (10 October 2007): If some of the methods I outline below work for you, then you may not have to moderate images. In recent month, I've changed settings to allow members of this forum to use the IMG tag. Few members do, but mainly I needed to be able to use screenshots in my site reviews.
c) Consider whether you want to allow — or maybe just moderate — avatars.
d) If your forum is spammed, and your forum software captures the I.P. address of the poster, then ban his or her I.P. address if your forum software enables you to do so. (I use vBulletin for this forum; it provides all the options I mention.)
e) vBulletin and other forum software allow for word and phrase filtering (vBulletin calls it "censorship"). This function replaces words or phrases that you have specified with asterisks or some other specified character. Unfortunately, censorship requires that you specify words that would probably make you blush. Or words that you as a good Christian probably never heard of. (See below more for more information about this option.)
f) vBulletin and other forum software allow the banning of words that you specify, in email addresses of forum members. The point I made in e) above, applies here, too: the words you will need to specify likely will make you blush. This will keep spammers from using sexually oriented (for example) email addresses in their posts or in their user profile.
g) Don't allow HTML code (other than URLs) in posts. Forum software usually provides its own code instead to enable HTML-like effects. Hackers can "inject" malicious code into a post if you permit HTML code in posts.
h) Include the key words of certain (otherwise legitimate) download or upload domains in the "censored words" list of your forum. A spammer on my site once posted a short message with URLS to the following sites: www_uploading_com, www_megaupload_com, and www4_uploadsend_com. (I've not included the full URLs, just the domains; further, I used underscores in place of the dots in order to show the domains at all.) I've now added the key portions of these URLS to the censored words list for this forum. (There are, of course, probably 100s of other such sites; fighting spammers is a continuing process. If you know of other such sites, please list them in a post.) That means in the future, if spammers want to point members to photos or whatever on external sites, the URLS will contain asterisks, rendering the URLs useless, like this:
http://www.**************/?get=216MX6C6
http://www.***************/?d=OBLW5DMO
http://*********************/d.php?file=true&filepath=19180 .
Since this forum requires validated emails to register (that is, you have to respond to an email sent to you to complete registration), I had a real Yahoo address for the spammer mentioned above. I wrote abuse[AT]yahoo.com and asked them to delete the account. Might work, might not.
My list of file and photo sharing sites that are censored, as described above, includes more than 200 such sites. They were gleaned from several online lists that I found. Email me if you want the list as a text file. It's probably a bit dated by now, however.
Having written the above, I realize that many of you may choose to ward off spammers by putting your forum in the members-only (password required) area of your website. However, consider having some forum or blog that can be read by visitors to your website. The point of that is to allow unchurched visitors to be exposed to discussions about God and Jesus and the like. It may be that some will be drawn to the Kingdom as a result.
i) Considering turning on your forum software's CAPTCHA (http://www.captcha.net) system. A CAPTCHA system asks users to type in the numbers or letters they see in an auto generated image. I've sometimes used this, sometimes not. It stops spambots, but doesn't stop human spammers. Sometimes (or many times) the letters or numbers in the generated image are not clear, which frustrates legitimate users.
j) If you use vBulletin, I'll list a few specific mods (extensions) that you can install to help combat spam. These include:
* Spam list blocker (http://www.vbulletin.org/forum/showthread.php?t=134856). Blocks more than 260,000 email address domains (the part after the "." in an address) that are often used by spammers to register for membership. The 260,000+ addresses are divided into a number of text files (one for every number 0-9, and one for every letter a-z) allowing you to easily add, edit, or delete entries.
However, know that you will get occasional emails from legitimate but frustrated registrants who say they received an email banning their email address. Of course, it's not their personal email address that's banned (if you install this mod), but the TLD (Top Level Domain) name that's banned (again, the part after the "."). If you think the domain really is legitimate, then you can edit and upload the appropriate list to allow the registrant to try again and succeed.
* Prevent Spam Posts (http://www.vbulletin.org/forum/showthread.php?t=131568). This mod sends posts by new members to a moderation queue if the post contains suspect words. (You specify which words.) Unfortunately, for me, this results in new members' posts waiting to be moderated (approved) for a week before I discover the posts need to be approved. That tends to frustrate and discourage new members. So, use this at last resort.
* But the one that finally solved the problem of spammers for me was NoSpam! (http://www.vbulletin.org/forum/showthread.php?t=124828). This mod allows you to require registrants to answer a question. For a few months, I required registrants to solve a simple math problem, e.g., 1 + 5 = ?. That's sufficient to stop spambots. But that didn't stop human spammers. Then I changed the question to, "Who was Paul's Jewish teacher?" I've not had another spammer since. Go ye and do likewise.
(If you use a phrase question like this, make sure to set up answers that include all potential misspellings.)
4. Make sure someone — administrator or moderator — reads or scans every post as an email, if your forum software permits this. I've said this before, but I'll say it again: I get an email notification of every post on this forum. Thus, though I may not respond often (these days) to posts, know that I always keep a watchful eye on the forum. I scan each email/post to ensure the content is appropriate for this forum. (I allow a wide latitude of discussion but occasionally I have to act to ensure posts stay on track.) I also scan the information supplied by new registrants. I've been known to summarily delete a new registrant who provide clearly falsified profile information. He or she was a spammer.
5. Understand that it is likely that only a small percentage of your forum's members will regularly post. That's just the way forums are. Further, on forums like this one, people get busy and may disappear for weeks on end. I also think weather influences the amount of time people have to post on a forum.
6. Try to seed the forum with posts that people can respond to. On some forums, this is done by the administrator's having more than one member name. He or she logs on using one of the alternate member names and makes a post, then responds to his or her own post using another member login name. On this forum, I actually tried that in the early days, but quickly abandoned the technique. My writing style is such that I think anyone would detect the "fraud" (so to speak) by noticing how similar my alter ego and I write.
Instead, I've chosen to seed this forum with Conversation Starters such as this one. I feel I've achieved a moderate level of success doing this.
I'll add more to this post from time to time.
Sincerely,
David Gillaspey
Forum administrator