Matt RaibleMatt Raible is a Web Developer and Java Champion. Connect with him on LinkedIn.

The Angular Mini-Book The Angular Mini-Book is a guide to getting started with Angular. You'll learn how to develop a bare-bones application, test it, and deploy it. Then you'll move on to adding Bootstrap, Angular Material, continuous integration, and authentication.

Spring Boot is a popular framework for building REST APIs. You'll learn how to integrate Angular with Spring Boot and use security best practices like HTTPS and a content security policy.

For book updates, follow @angular_book on Twitter.

The JHipster Mini-Book The JHipster Mini-Book is a guide to getting started with hip technologies today: Angular, Bootstrap, and Spring Boot. All of these frameworks are wrapped up in an easy-to-use project called JHipster.

This book shows you how to build an app with JHipster, and guides you through the plethora of tools, techniques and options you can use. Furthermore, it explains the UI and API building blocks so you understand the underpinnings of your great application.

For book updates, follow @jhipster-book on Twitter.

10+ YEARS


Over 10 years ago, I wrote my first blog post. Since then, I've authored books, had kids, traveled the world, found Trish and blogged about it all.

RECENT ENTRIES


Tag Cloud


abbie appfuse birthday denver family grails gwt jack java javascript jhipster jsf linkedin maven roller skiing softwaresummit spring springmvc struts2 travel trish vacation webframeworks wicket
« It's getting cold... | Main | Upcoming Speaking... »
Wednesday November 01, 2006

JIRA Spam

The AppFuse JIRA instance has been getting hammered with spam today. Some jackasses are creating accounts and posting issues (as well as comments) chalk full of links. Any ideas how to stop this - outside of not allowing new users to sign up?

Posted in Java at Nov 01 2006, 09:32:56 PM MST 7 Comments
Comments:

You could stop people being able to sign up through Jira - but then you or someone else would have to take the responsibility of opening accounts. There may be a captcha plugin for Jira? If not, there should be! What about a separate account opening website (written in Appfuse?) that features a captcha, and then uses the Jira API to open the account? HTH

Posted by Rich on November 02, 2006 at 08:22 AM MST #

We've been getting the same thing happening over at Codehaus. Deleting comments is simple enough, but there are thousands of trackbacks on some issues and I'm not going to delete them manually. Unfortunately the remote API doesn't give us a way to remove them either. (Weirdly, the maths question doesn't show up in the NetNewsWire browser)

Posted by Ben W on November 02, 2006 at 10:51 AM MST #

Maybe it's time to ask the nice folks at Atlassian if they'd be up for porting the captcha support in Confluence over to JIRA? Looka like there's already an outstanding request for captcha support in JIRA [http://jira.atlassian.com/browse/JRA-10236], with a few more votes I'm sure they'd take it up.

Posted by Tim Fennell on November 02, 2006 at 11:49 AM MST #

http://confluence.atlassian.com/display/JIRA/Deleting+Trackback+Spam Quite useful; and simple enough to get rid of any crap that's in there at the moment. I disabled trackbacks on our server - that solves the problem in the short term.

Posted by Ben W on November 02, 2006 at 01:10 PM MST #

You could let the appfuse community screen people - (small appfuse app) - then once approved - they can enter. I.E. If they don't have an account -they can sign up via a custom appfuse app that simply collects some info and presents a small questionair - then after N appfuse members ok their membership the user is added to the system? On top of that you can feel special that you were accepted by others!

Posted by John Mark on November 02, 2006 at 03:49 PM MST #

Hi Matt,

We also got done yesterday, though we managed to stop it only after about 8 comments. Looks like a few sites got done in the last day or so. We have a policy of as soon as we see a spam, we delete the user and all of their comments. We haven't been hit since.

Not sure if it is bot signing up or human. Though it does look to be a bot posting comments... For a while I thought it may have been email but I have ruled that out.

I guess there are 2 methods of stopping this.
1) Captcha - though this isn't scheduled just yet as this hasn't been a big problem in the past.
2) Content Filter - Just a simple event listener that listens for comments and tries to identify spam (Will be quite hard to always keep current).

maybe comment moderation.....

I guess in the mean time it is best to try and identify these users early and then delete their accounts. If there aren't too many spams you can delete the comments by hand other wise you should be able to do it in the database (delete from jiraaction where author = 'jackass';)
Let us know if you come up with any better solutions.
Cheers,
Nick

I guess you know you are becoming popular when spammers target you...

Posted by Nick Menere on November 02, 2006 at 11:49 PM MST #

I guess we are all popular then.

Posted by Lee Meador on November 07, 2006 at 10:17 PM MST #

Post a Comment:
Comments are closed for this entry.