I've updated the board frontend to the latest work in progress version. This is a total rewrite that purges nearly all old code, which is why it took so long to make. It does not yet have everything I want to add, but it is already five times more powerful than the old site and makes the place so much easier to use. With this update, we are closer to parity with other imageboards out there, both in features, and in site layout, but we are not there yet.
Some highlights are: - entire front-end rewritten from scratch, with nearly all of the old code base purged from this side (the backend has not been touched to avoid compatibility issues). - new responsive layout, with a more old school imageboard mode. The layout is based on the browser window size. On desktop PCs, it looks like a traditional imageboard, but on tablet or collapsed windows, it looks like the previous plus4chan layout. I may make a switch later to force either style, should you guys have a preference. For now, if you prefer the old style, just resize the browser window to half width (under 1180px). On Windows you can do this just by dragging the tab to the side border of your screen. - new, fixed position "popup" style quick reply. This one has a huge amount of additions which I hope will make posting much easier, thereby encouraging our posters to be more active. Note that most of these enhancements require Javascript.
About the new quick reply: - fixed positioning, and on desktops you can drag it around. - "currently posting" status and file upload progress are shown. - warns you if you close the quick reply with a post written inside. - counts down until you can make your next post. You can queue your next post during the countdown. This makes it easier to make image dumps without running into flood detection errors. - quoted posts get highlighted while you are posting. - keyboard shortcuts added for Spoiler, (ctrl+s), Bold (ctrl+b), Italic (ctrl+i), and Underlined (ctrl+u) text. Also, ESC will close the quick reply. More shortcut suggestions are welcome. - always shows name fields if you use a name; automatically hides the name fields if you post anonymously (it was the other way around previously, and as a result posters tended to forget about resetting their names, usually when using the name field as a makeshift thread subject). - speaking of which - after a long absence, the subject field is back.
Theme changes: - retired the Ghost theme (it was terrible, really). - Greygreen theme re-added from the old boards. - Buri and Futaba tweaked a bit to look closer to the classic Kusaba and Kusaba X versions. - Babby removed (it was pointless) - new template: Plus4, based on our static pages. - new template: Heroes, based on Heroes of Might & Magic III. If you find any issues with the templates, please post them here.
other minor changes: - font sizes increased. - Replies to a post are now listed. - backlinks can now be copied into a post and still work. - images are now lazy loaded (natively, without javascript). - the post number is broken up to two parts, the "No." part will link to the thread, while the post number will open a quick reply. - there's a new "permalink" icon in the corner. You can use that to link to any post and have it highlighted by default. - report and delete buttons now have loading status indicators. - inline reference has a loading status indicator too. - hovering over the >>postnumber will highlight the referenced post. - WEBM/MP4 expansions now use the same design as the youtube and vimeo windows. Additionally, the "close video" trigger was moved to the top, so they don't conflict with the seekbar controls. - post passwords are set to last only your current session, so if you close your browser, they are gone. This may be tweaked in the future. - thread hider fixed and can store much more posts now. - rss feeds were tweaked to use the thread numbers as feed categories. - NSFW images on NSFW boards will now say "VERY NSFW" on the thumbnail. You can also make "VERY NSFW SPOILERS". - fixed a bug that prevented janitors to view the janitor board (which is not as funny as you think, since our janitors actually do their jobs).
Now that the new code is live, I'll be able to add new stuff more frequently. So expect more frequent updates from now on.
Please report any bugs here, so I can fix them as soon as possible.
I'd also like to ask you to post any suggestions or additions you would like to see on the site. Lastly, please use the site as much as you can! And please, spread the word: plus4chan is alive.
Well, enjoy the new board, and let's hope I did not leave any critical bugs in there.
>>419861 I didn't realize you could do that on the old board (or that anyone used it for that matter). It was something I experimented with before though.
Should be working now, and on the entire QR box not just on the file field.
>>419865 It seems to be working, and not working. There is an option now, but it tells me my browser does not support drag-n-drop feature. Bull fucking shit.
>>419866 I checked Pale Moon. It needed an about:config tweak to enable file dropping, it was identified as Internet Explorer 11 in online feature tests, and it could not understand ssl certificates. So plus4chan, as well as every other webpage (including its default search engine), gave errors. Feature support wise it was about five years behind modern browsers. You should consider getting an alternate support because this is just dumb.
>it tells me my browser does not support drag-n-drop feature. Bull fucking shit.
It's a bit more complex than that. Since I used the Drag & Drop API, I had to copy over the file data from the "drop zone" into the form field. But old browsers, including Pale Moon, do not support updating the "files" property of a form field. I originally put the error popup there so the entire QR box does not get stuck with the file drop overlay when you attempt to drop a file in with IE11.
Either way, I made a workaround (all file fields operations now use a virtual filelist property which is copied over into the ajax form field on submission), and it seems to work. As a side effect it also works on Internet Explorer now.
On the old code there was a file upload field hidden with 0% opacity. You can natively drag into normal upload fields, but only on SOME browsers. It's also why it had no styling applied whatsoever, because it was a trick.
Oh, and I will keep using Palemoon no matter what. Freedom isn't free, and if using an """outdated""" browser is what it takes to give the middle finger to Microsoft, Google, and Mozilla, I'll keep on dragging my cross.
>>419872 >and if using an """outdated""" browser is what it takes to give the middle finger to Microsoft, Google, and Mozilla, I'll keep on dragging my cross. If you're not blocking certain JS and if you're not using a high-quality proxy or TBB master race then I feel that middle finger is in vain.
For those who aren't techies: https://spyware.neocities.org/articles/browsers.html + a grain of salt.
>>419903 That's not the problem, the problem is that if they completely stop all development then the fork is completely useless; you might as well just keep using the old version and not update.
>>419908 I checked, surprisingly they are still developing and updating. They just aren't modern. That isn't their goal. (Which one died? I must be confusing it with IceWeasel or WaterFox...)
To a large degree I believe in security through minimalism, but if you are running something that old for browsing, it will break functionality. It's a trade-off and devs are rarely interested in maintaining access to the one or two people who demand backwards support.
>>419872 I'm been using Pale Moon and Seamonkey, the latter partly because I have noscript and RequestPolicy on Pale Moon and some stuff doesn't work well with that even if you enable all permissions for it.
>>419947 Removed. While I'm at it, some notes on the janitorial interfaces:
Pressing the delete button from the koba panel still does nothing, you still have to go to the thread to remove a post.
Janitoring does not work on mobile. There's no way to bring up the menu for the link to the reports page, possibly because nothing counts as hovering the mouse when you're using a touch screen interface. And for some reason, when you go to delete something, Safari renders the CSS layer that dims the rest of the page on top of the pop-up control, making it impossible to interact with.
>>419948 >Pressing the delete button from the koba panel still does nothing, you still have to go to the thread to remove a post.
Can you elaborate on this? There's a bunch of different menus where you can get to that button. I know that it works when you delete a post while doing a ban, and when you just use the mod view and go to delete post from there, it drops you into the same page that loads when you'd click delete inside a thread anyway. Both work on my end.
>Janitoring does not work on mobile. There's no way to bring up the menu for the link to the reports page, possibly because nothing counts as hovering the mouse when you're using a touch screen interface. I'll do an ugly workaround (it's already up on the beta site). Note that the koba panel is in nothing short of a catastrophic state, and much of the code is unreadably archaic. If you know any other older bugs, please tell me, chances are you've been using it for longer than I did.
>when you go to delete something, Safari renders the CSS layer that dims the rest of the page on top of the pop-up control, making it impossible to interact with. This seems to be a z-index bug with OP posts, probably due to how I set up the "post a reply" sticky button on mobiles. I'll look into it.
Finally, some style. I appreciate the clover and flying chan city.
>>419967 Here's a screenshot, it's the X button that's doing nothing for me. I click it, get redirected to the main koba panel, go back to the reports, and the report is still there.
Minor bug: Highlighting text, dragging it and releasing inside the quick reply results in a permanent Drop File Here overlay. Can be done accidentally when highlighting text within quick reply. (Windows, Firefox)
- fixed file dropper in the Quick Reply triggering when non-files are dragged over it - fixed error message when uploading mp3s with Chrome (it listed mp3 as audio/mp3 instead of audio/mpeg and the board checked the mime type only) - tweaked the mobile view a bit, it now uses a centered thumb without wraparound text, and the fonts are a tiny bit larger. OP post no longer gets covered by the delete/report overlay (I'll need to redo those buttons complete because they are too small to be useful on mobiles). - tweaked the loading icon a little - added hover effect for viewing off-screen post quotes. Also works with inter-thread and inter-board quotes, with some mandatory loading. Note that while it is loading, you can't open an inline reference (it's the same process). - other minor bug fixes, mostly in the css
If you got stuck with the Heroes theme from April 1st, remember that we have the style switchers on the bottom, press Default to return to whatever style the board originally uses.
>>420015 I knew it had some bugs left, thanks for reporting. Luckily there's a way to check what type of content you are dragging, so it was possible to fix it easily.
Update: - tweaked the off screen post quote hover to be less likely to get stuck on the window, and to have better performance.
- fixed a rounding problem in the automatic post timer.
>>420131 Unfortunately I can't reproduce that issue.
It's possible it happens because your cookies are full. The old board code saved so much stuff in there, that it sometimes ran out of space (cookies only allow less than 4k of data). I'll do a mandatory delete on those if found.
>>420133 It seems like this bug has been active on my end all this time, since /pco/ was always red for me until today when I called for the heroes to return.
>>420133 >>420134 all boards have their own individual styles, so if you want to see the Heroes style everywhere, you have to enable it once on all boards. This has been the case in the old design, and I kept it like that so there's a visible indication between blue and red boards, for at least as long as on the first visit.
If you had problems in the old design, with hidden threads not saving, then your cookies were definitely full. Someone mentioned that problem once, not sure if it was you. The old design used cookies to save hidden threads too and it ran out of space faster (I switched that to use localStorage since it always requires scripting anyway).
- fixed inline quotes, when opened, not having the proper color on all text. - slightly tweaked link colors on futaba theme. It may get reverted, I'm not sure... - for popups, clicking the overlay will now close them (after the close button appears). - quick reply can be now closed while it is submitting a post. This is to prevent the window becoming stuck in case a post takes too long to submit. However, note that the post will still proceed with submission regardless, so if you don't let the quick reply auto close, and attempt to make another post, you may get flood check errors. This will need a more robust solution in the future, but for now, we don't have so much traffic that it should matter. - fixed a bug where posts may get multiple hide/show icons. - fixed greygreen theme missing hover color on the "view omitted responses" link. - tweaked loading state on post references, so they don't force text reflow by changing the length of the reference. This doesn't apply to the replies list on the top of each post, but as far as I know there's no way those could link to anything that needs to be fetched with ajax (or is there?). - the "message too long" got the same treatment. - added missing box-shadow to the "reply to thread" boxes on the board index, making them have the same style as posts. - style switcher will now leave less junk in the cookies: if you use the default style of any board, it does not need to save it to cookie, and so it won't. - when Quick Reply is opened, it will check the screen boundaries to make sure it does not spawn off screen. This check runs whenever you call the QR window, so doing as much as clicking any "reply" button will pull it into focus if it went off screen due to a screen resize.
I need to add a proper Settings page and fix the mobile view, but I have no concept on how either should look.
>>420194 Somewhat ironic, considering that I'm currently working on refactoring the code that handles bans.
Additionally, to any active mods/janitors: please send me your email contacts (post it on the janitor board), I want to add them to the system so I can contact you. Also I may set up something like automatic email notifications for incoming reports.
>>420293 And would you be shocked if suddenly 4chan started deleting this too? Given that only /b/ allows it, and that the "zomg none" applies to moderators too, they can just silently nuke everything they don't like without it being "official".
>>420295 This site is not owned by Hiro so they have no say in what goes on here just like how 8chan and every other chan can do what they want without 4chan's blessing.
>>420298 Yeah, but 4chan is a honeypot and 8chan is getting shitcanned from every online host there is, so both of those banning loli would not come as a surprise at all.
Hot take: loli is this super controversial thing, but also an indicator. Those who stand by people's right to post it are the vanguard of free speech, those who don't stand by it, are at risk of being completely taken over by bootlickers.
Their /aco/ drawrhreads are a spectacle of shite. They start off decent but soon as certain anonymous request something that doesn't fit the criteria, it devolves into childish fecal tossing.
>>420304 I've stopped checking drawthreads completely on 4chan since they have 240 reposts and 10 posts divided between new requests and deliveries. Pretty much the only way you can use them is to post, subscribe to the thread, and look on the thread watcher if you got any replies or not.
/aco/ moderation has always been a joke, the only thing the janitors moderate is whether their waifus are posted or not. I've seen a ton of loli, bestiality, or anime posts on /aco/, since none of the threads were moderated except the drawthreads.
>>420291 >Some sperg @ 4chan said loli and shota will be banned What do you mean? >banned in US law IANAL, varies regularly/geographically or something >banned on 4chan Pretty sure it already was, just inconsistently enforced at staffs discretion. Possible /b/ exception but probably just intentionally poor enforcement. >banned on 8kun That is the news, I believe it is officially 'banned' now. Certain boards have moved to bunkers as a result.
>>420299 >4chan is a honeypot and 8chan is getting shitcanned Close, but wrong. 4chan is bloated and trying to become commercially viable (hence Hiro ownership, 4chan passes for voting saga, malware ads saga, 4channel, etc etc) combined with post-2016 election blunt force trauma. 8kun is recovering from the shitfest that /pol/ + media has inflicted on the entire site, combined with Jim's long-term efforts to monetize the site. Combine that with an admin focus on becoming a right-wing news site for Qoomers. The ban was (accourding to a staff member) in response to lawyers saying precedence determines it is illegal and another reason the site could be taken down. 8chan/kun was getting shitcanned but that is not relevant.
>>420300 It's a decent litmus test for someone's motivation to defend something they personally dislike, because there are (certainly contested but nevertheless) reasonable claims it is victimless yet highly obscene and even revolting. It is also socially unaccepted. Speaking of which, I've seen an anon come bitching on imageboards about how they got shadowbanned on voat and gab for 'telling the TRUTH'. If that person wasn't insane they would have learned those sites use 'free speech' as a bait for 'taboo/ultranationalist speech' (as in, they independently proved themself insane in their replies. I'm not extrapolating that from their choice in sites)
The 2016 election "trauma" was a symptom, not the cause. 4chan has gradually implemented many changes in the past decade, that encouraged a wholly different kind of content. The site is now 100% archived, tracked, active threads last up to weeks, "general" threads are now encouraged, hiveminded posts get deleted in order to make the site look more "presentable". Unfortunately this also allows for infiltration and manipulation.
For example back in '08 or so, on /g/, nvidia was considered a laughing stock due to demoing a card that was literally a block of wood screwed together and had a sawed-off random PCB on its back. Every thread you mentioned them, you got the woodscrews housefire replies. Today, when a company does a blunder of the same proportions, threads mentioning it are removed by janitors due to being low quality. But half baked posts about how great their product is, those can stay because they are well written, "high quality" general discussion threads.
4chan, due to its rules, now encourages shill posting. This leads to getting infiltrated, either by commercial interests or political ones. And with the entire fucking internet imploding into public disobedience mouth karate because Trump got elected, 4chan now suffers from the same type of manipulation, and getting the same stupid shit content.
If the site was still as fast and crazy as it used to be, even /pol/ wouldn't be able to exist to begin with, because by the time I write a post this long, the thread would have already gotten purged. Of course then you couldn't efficiently moderate it for adult content, or for mass nude leaks or shit like that either, and advertisers would balk at the site.
Speaking of which, what happened to stuff like j-list ads? They were hilarious, and you could leave 4chan running without adblocks because the ads actually looked great.
- On attached images, data-hash was changed to base64 encoded data-md5, to keep it more in line with other imageboards. - hide/show icons were not added to newly made posts (they aren't too useful there, but it's to keep a consistent look) - spoilered text is now properly inline when used in text, they do not break into new lines. - opened inline references too. - Quick Reply stays open if there was a posting error - it no longer eats your post by closing. - Quick Reply won't empty if you press ESC and hit cancel (IE only behavior for textarea). - Report and Delete boxes do not have the move-all cursor on the title. - Report and Delete box positioning tweaked so they do not push the Replies field around, forcing a repaint. - Report and Delete boxes can be closed by pressing ESC or clicking the overlay. Clicking the post does not close the box. Note that while you can highlight the post in this state, you cannot click on it, as this could launch actions that would interfere with the report/delete boxes. - SWF Flash files should now show up when you open the file browser. This will still need a future fix to respect per-board file allowances.
Earlier this month I started rewriting the code that handles banning, but things came up and I never finished it, so it's not yet included. Getting that done will be a big step forward in replacing and documenting legacy code.
I wish I could get ahold of the original coder of this board software, but I couldn't find any contacts for him, only a tumblr that was mostly reblogs and hasn't been active since 2019 and doesn't accept messages, so it's probably about to get purged.
>>420365 Oh you mean manga translations, I thought european comics and the like.
And yeah, I know which ads you mean - the ones with sensationalist titles and downright disgusting images. I used to read 4chan at work all the time, but ever since Hiro fucked it up, I do not dare to. Reading the site is one thing, getting the machines infected is quite another. Remember that time when they had bitcoin miners on the site, and if you adblocked them, the site stopped working (the scripts deleted all images/stylesheets)?
update: - fixed a bug where the Quick Reply failed to attach a file, if the same file was previously attached and then removed. It only affected some browsers... - the Quick Reply now warns if you try to upload a file that already exists in the thread. It only works on images which are currently visible, so replying on a board index will usually not trigger this - you need to have the thread open for the best results.
I put that last one together rather hastily, let's hope it does not broke anything. It may make it slower to attach a file, but I hope not by much...
Something odd, randomly the latest/new post in a thread will be hidden requiring me to expand it to see it. Doesn't seem to be related to any specific board.
>>420433 oh, I think I know what's happening then. When you report a post, the post is then set to hidden. Then, the post gets deleted, and when a new post is made, the ID gets re-used - and your browser still has it stored as hidden.
I'll change it tonight so the post report does not hide posts as a temporary fix.
A bit offtopic but I lost a decent chunk of Star vs Toonrotica on my new pc due to the recycle bin getting corrupted. Recuva is useless and easeus is hella vague
>>420460 I run so many backups nowadays that I don't even know what tool I used for recovering deleted files... I think it was O&O Unerase, but it's a very old version. It's not 100% reliable either, I only use it for quick checks if necessary. But I've used the built-in Windows "old file versions" tool much more recently. Of course, that assumes that you have it set up in a way that makes recovery possible.
>>420460 >corrupted Ask /g/ first but I'd stop using immediately and consider trying a chkdsk to see if it's recoverable. The more you use a system, the more chance a deleted item (marked as 'free space') is overwritten. Is the issue that you stored them in the recycle bin and can't access the bin anymore? Of course, if there wasn't original content then you might as well just redownload it. >tfw lost hundreds of original drawings and the site was partially archived but all of those drawings are absent from the archive
>>420462 using chkdsk will also likely overwrite any recoverable files, in fact even more so. The question is, how did you lose files due to a recycle bin corruption? Did you use the recycle bin as storage or what?
You can try going to the folder the files were in and checking for older versions of that folder, in Windows 10 you just right click on the folder, select properties, and check the older versions tab. If you had proper backing up set in Win 10, that should suffice.
Otherwise do a full sector scan with Recuva, and restore all those vague files (onto a separate drive, so you don't overwrite any of the content you are recovering), and you'll need to sort them out one by one. It will be "hella vague" because it will only be able to restore the data, not thing things like file names or dates.
>>420505 For example? I did notice a few spambots posting irrelevant texts in random old threads, but those were just repeating a random line grabbed from the thread. I usually delete those posts.
>>420512 Just hide those threads? It's inevitable that there will be posts made that you don't agree with, but I'm not gonna start moderating stuff on the grounds of "I don't like it" (not unless it turns into mass spam).
Apparently someone got tired of the Sakura spammer on /aco/ and uploaded this: https://s1.desu-usergeneratedcontent.xyz/aco/image/1592/42/1592429569095.jpg
>>420562 sadly it's considering an anathema no thanks to the anon who keeps spamming for requests and starts arguments with who other anons who call them "vulture".
>>420565 I found that the best way to get something hated and immediately removed on sight on 4chan is to spam it obnoxiously, to the point that even people who legit like that topic will get banned for posting it. Seen it happen on /g/ before.
no one in aco has told or even asked sakuraspammer to make a different request and the asshat who keeps calling "vulture" is making the situation worse as it lead to flamewars.
The wrapper spacing was modified a bit on tablet portrait view to be 100% wide, because it wasted too much screen space when you opened up an image wider than the wrapper.
The non-desktop quick reply was modified to have the NSFW/Spoiler icons on the left side. This way you won't have a chance of accidentally hitting the Close or Submit buttons when just trying to toggle one of the other icons, especially on mobiles. I'm not entirely happy with how it looks now, but it's more user friendly. Perhaps it would be better if all the other fields were 100% wide and only the textarea bit was not. Or I could move them to be full icon labels like on desktop, what do you guys think?
>>420787 What exactly do you mean? It has not changed in size or content. It queries the latest 7 or so posts from SFW boards and displays an excerpt of the content. I'm guessing you mean that it has less text on it, but that's normal if the latest posts are image only, since the image is not shown, and image-only posts have no excerpts.
Perhaps putting thumbnails there would be good but I want to avoid porn spam accidentally turning up on the front page.
Seems to me we are getting a lot of empty posts nowadays, and all from unique IPs. Something is triggering the bots to hit the submit button on the form perhaps?
This would happen if someone had some empty text selected, then hit the "post reply" and submit it. But often it's a post with nothing but a post number quote, implying that whatever made it, hit either the large Reply button on the post, or the post number itself, since both trigger the reply form and put the reply quote there. That, or they go to the linked post (which automatically has the QR open with a quote prepared), and then they trigger the QR form. It's unlikely to be random users bumping, since these all come from unique IPs and often in threads that can't even get bumped (which is why most likely nobody noticed them before, that and I delete them frequently).
I have no idea what kind of bot behavior this is, it does not look like targeted spamming, more like a byproduct of page crawling. Maybe bots are set up to send any forms that get automatically focused, in an attempt to bypass some type of ad popups?
>>420900 What exactly do you mean? That option has been removed with the last board update, and the system now forcefully removes the value from the cookies if it was set before.
>>420903 Not Twister, but I didn't notice it got removed. If you can go into your browser's cookie and data manager and search for plus4, you can delete those (be sure that you hit only plus4chan and for all time). I think the cache would be what's causing it, maybe a cookie but I doubt it. Either way, deleting the locally stored site data for plus4 will do the trick. Potential side effects may be passwords for posts may be gone, or if you are staff you'll have to log in again, can't think of anything else.
>>420909 >Either way, deleting the locally stored site data for plus4 will do the trick.
Again, since the last update, the boards don't even use that option. Deleting cookies is a good advice in general principle, but in this case, that board layout is simply not in the system anymore.
that's why I'm wondering what exactly the problem is.
>>420938 I'd gladly add a /h/ board, but right now barely anyone is using /jam/ to begin with. There's a NSFW tag to use if you want to discuss porn explicitly there, and if it is popular, it can get its own board.
Crossovers are, due to their nature, fine on either board they are related to. For ex. /pco/ allows for eastern artists drawing western content, or western artists drawing anime porn.
I added a function to search for threads. It checks in the message and subject fields of the first post of each thread. This should make it easier to look up certain threads in /pco/ and maybe elsewhere too. Should work with and without javascript, but with javascript it's instantaneous, otherwise it has to reload the page.
Very nice, this place has potential. I'm a refugee from 8chan, and I've been looking for a comfy place like this to shitpost for quite awhile now. I wish you the best of luck in development!
>>421024 Pro tip: treat this place as a forum. Because it moves at the pace of one. Checking a board every few minutes? Forget it. Even every hour is too fast.
>>421024 A few things to know about this place: 0) What Twister said, 1) Your phrasing makes it sound like you were told this place is new, or possibly an 8chan sequel. It's certainly not: 8chan was founded in 2013, plus4chan has been here since 2006 (see the homepage for a nice intro). 2) Which boards did you use? If it was mainly hobby or content boards, you should be fine. If you were there for politics, you may need to adjust a little (as the old 4chan saying goes, "/co/ is love". There is a reason we only have one politics thread). If you were there for fast-paced action, you will also have to adjust; many boards have a few posts a month or less (but as a /comfy/ poster, that may be alright with you). 3) We used to be faster until 4chan and 8chan made /pco/ equivalents and most of the oldfags grew up.
>>421027 >3) We used to be faster until 4chan and 8chan made /pco/ equivalents and most of the oldfags grew up.
That and Moose made a site-is-closing party and left up the message even though the site didn't actually close, so a lot of oldfags think plus4chan is simply gone.
Which one looks better, the traditional layout of having subject/name at the beginning and postnumber later, or the one we use with the post number first? I kind of like having the postnumber first because then the reply link is always in the same leftmost column, but every other imageboard puts it on the end. I guess "check'em" images don't work with the postnumber at the start either.
I'm inclined to swap it around, for the desktop view. What do you guys think?
There's something wrong with the website, there's Warning text at the top of the page
>Warning: preg_replace(): Allocation of JIT memory failed, PCRE JIT will be disabled. This is likely caused by security restrictions. Either grant PHP permission to allocate executable memory, or set pcre.jit=0 in /home/p4c_u_dek/boards.plus4chan.org/koba/classes/kobak_current.php on line 129
These rules contain several typographical errors. >"beastiality" should be "bestiality" >"interpration" should be "interpretation"(?) >"boardsl" should be "boards"
update: - #heroes in the name field will format your message in a Heroes of Might & Magic III style box. - subjects will now show up in the HTML Title on worksafe boards. This is intended to improve search engine hits. - when making a new thread, subject field will always show in quick reply, regardless if poster info is toggled or not - removed unnecesary padding on the left side of post report/delete forms in tablet/mobile mode - inline references for other boards had wrong font color - on touch devices, "clicking" a postnumber reference will not open the post preview as if it was a hover state (this may not work on all mobile/tablet devices due to touch detection being unreliable) - loading spinner for postnumber reference will only appear when the number is on hover, not permanently until it finishes loading - Quick Reply drag-and-drop indicator (when you drag a file over the QR box) was too wide on tablet view - Quick Reply padding lowered on mobile devices to make it a bit more compact - expanding a truncated post with the post image open will no longer remove the opened image/webm - data-md5 field was moved from the image link to the image thumbnail, since sometimes the image is not linked, and also since other imageboards have it there too - when deleting a post, any replies listed in other posts should be removed too - when deleting the OP, the entire thread will be removed from the active view, not just the OP - fixed a bug in thread rendering where OP was not always the first post in thread (it happened when a post from an older thread was moved into a newer thread)
There was a bug in the file hash check which I fixed tonight. It affected the quick reply box alerting you that a file was already uploaded (when you select a file). So this should work again.
The style switcher seems to have a bug where it sometimes refuses to select the proper stylesheet, but only if you have never used it before on a board. It's difficult to reproduce so I haven't managed to fix it yet. If you have problems switching styles, please alternate between the default and your choice of stylesheet until it works.
I renewed the plus4chan domain just in case, we should be set until 2021 December. Most of this is still thanks to the funds left by anonymoose. I'll be handling payments solo after that.
To help with that, I put a donation bitcoin link in the footer (address: 1DbS2dq2geye6rhcMmTfybTqsfH1z2tATZ)... I don't expect to get much if any funds from that, but you never know. All donations will be spent on hosting as far in advance as our host allows, and any surplus funds still remaining will be used to further our world domination plans.
>>422019 It definitely exists, maybe you are just using the wrong password? I made no changes to the janitors.
However maritova and Mr. Stone seem to have locked themselves out by editing their usernames... I have no idea if that was intentional or not, but I just set their usernames back. The passwords should be untouched. Half of our mods/janitors haven't logged in since 2015, some since 2014. I guess they didn't like the design that secret put together...
>>422159 Next time that happens, please save a copy of the post on the janitor board, so I know what to filter. I only just noticed it for the first time today, and it was already gone.
Would a thread discussing porn of cartoon characters, without a real focus on posting images of them, go here or /pco/? It's essentially a /pco/ meta thread (about cartoon porn, not the board).
There are common keywords in their posts, I recommend them as filters. A regex for the short url formats they all use shouldn't hit any false positives. Shortened links are sus anyway. That's my recommended solution.
>>423272 I'm open to suggestions, the reason I'm not using phrase bans on them is because there's too high of a chance it'll produce a hit on other content too - even just for the tiny urls. Also the current ban system does not support warnings (ie. a "your post looks like spam, rephrase it first" message that blocks the post to get through), only bans.
>>423274 I recall this bot having the same blocks of text it uses with different URLs. They are multiple-line phrases that could never be said in good faith. If that doesn't work I think the shortened url detection is the safest automatic filter you can feasibly do. I don't recall ever seeing one posted on this site in good faith. Otherwise, it seems like manual deletion is the only solution without notable risk of false positives.
>>423712 What you see getting through is less than 1% of the spam we are actually getting. I want to add some extra antispam measures, but I have concerns that doing so would cause issues for genuine posters too.
Also we'd need more janitors to clean up the stuff that actually gets through.
Sorry for the previous downtime, there was a redirect issue that did not happen on the test servers, so I couldn't catch it before updating.
New features: - there's a thread updater now, for now it is manual so you have to click on it. You can drag the navigator around on the desktop. This was on my todo list for the longest time, but it was not a priority because the site is pretty slow. However the people on /tnt/ asked for it, so I got it done in the weekend (it required some backend changes that took some time to debug). Please keep in mind that plus4chan does not get many posts, so you won't need to use it often.
There has been also a ton of backend changes and tweaks in the mean time, hopefully it does not break anything. If you get any bugs, please empty your browser cache and try again, if it still happens, report it here.
The updater only works when in threads by the way, if you are in the index you can't update, and if you make a post it'll only show your own post, not any that got made before it.
Inside threads, making a post automatically fires the updater, so you'll see any new posts made since your own one too (another old problem I wanted to fix, but couldn't as posting was really slow so it did not affect anything much).
Update: fixed some minor bugs that remained after the last updates. Some only showed up in Chrome so I didn't notice them before. The navigator shouldn't look half broken anymore.
>>424273 Strange, it is usually Chrome which is the target for everyone's web development, while other browsers are left in the dust because Google must be served first.
>>424305 It worked in Chrome at least up to version 73.0, which was when I last tested it, and they broke it some point later. It's notable that the problem did not happen in anything else, down to at least Internet Explorer 10.
Did a few small fixes, mostly centered around the navigator. Most importantly the flood checker / quick reply post queue should work again inside threads now.
>>424522 Yes, and all of it is posted manually, so it can't be easily filtered. Weird when you consider there's someone out there, whose job is spamming internet forums with porn.
Hotfix: fixed an error in the bump time calculator involving sage posts. However some threads still seem to be getting shadow bumped even when deletion is not involved. If you see a thread that shouldn't be as high as it is, please notify me (without posting anything in the given thread).
I found a bug. After posting 3 almost identical screencaps, and deleting the first 2, I found out the "deleted" image is still on the +4chan server. I did not close 1 tab, and that's how I found out.
bugfixes: - thread updater: newly added posts may have had broken links in the replies field (linking to posts different from the post number, or to the current post) - thread updater: extra check was added so posts already in the thread are not added again - thread updater: links to posts outside the current board were not parsed correctly
partially fixed: - thread updater: stats now update when new posts are made, but only for fields already listed (so for ex. if there were no video files in the thread, video file stats won't be added).
>>424751 It loads normally for me so I can't help much with that. Could you perhaps do a screenshot of the network timing in Chrome Developer Tools for any html pages that load slowly?
Also, what does the load time counter in the footer say in such cases?
>>424752 Its back to normal seemingly. All I can say is whatever temporary problem was going on it wasn't an issue with my general internet, since I was still browsing elsewhere without loading issues.
A "tiny" "little" bug. Another anon reported the snowflakes effect sometimes leading to (temporary) hanging, if my memory serves me right. Well, if a reply window is open, and I choose to close it, clicking OK will cause indefinite hanging. I tested it, happens every time. I blame the snowflakes effect. For the record, I use Pale Moon for regular browsing. It is not the browser's fault, however.
Plus4chan has been moved to a new host. If you find any bugs/performance issues, please post them. I tried my best to iron out any issues so it should be smooth sailing, it's mostly the performance I'm concerned about.
>>424856 It was absolutely the browsers fault. I managed to reproduce it once in Firefox, it seems that drawing the animation put so much tax on the browser that the *main thread* sometimes hanged up. I couldn't debug it further because even the debugger hanged, and also I only managed to reproduce it once and never any more. I've since rewrote the snowfall to use canvas instead of CSS in an attempt to reduce CPU usage, this gives entirely different performance profiles but since I couldn't reproduce the bug at all, I can't tell if it fixed things or not. Interestingly it now uses 1% cpu in Chrome, but still uses a ton in Firefox. Either way the animation only runs in December, so even if there's a bug, you won't encounter it until next year.
bugfixes: - the thread loader threw back PHP errors in certain circumstances due to the new server using more strict settings. - the legacy ban checker ignored non-global bans. I was wondering about for the longest time. - posting did not check for threads properly, allowing replies for posts which weren't thread openers. These "orphan" posts still showed up in the index and RSS however. - posting did not apply automatic bans due to the new server using more strict settings.
there are still a few errors showing up in the logs but they don't seem to be critical. So let's hope there are no other issues.
Images are hard to open. You can't close an image and / or GIF after opening, by pressing again, the same thumbnail / GIF appears and if you click on it, two images / GIFs are enlarged in the same way and you can't close them. the above problem continues.
>>425062 Which browser/OS? Can you reproduce this in another browser? Does ctrl+F5 or clearing cache helps this? Do any messages show up in the console window?
I've heard sporadic reports of people having problems with the site, either with posting or the frontend script, but it's hard to pinpoint anything because things work fine on my end.
The music that keeps playing is https://boards.plus4chan.org/baw/t422927.html#p425056
Pale Moon is the browser. This NEVER happened before. By the way, it did not start playing until I opened the MP3 in a window. The music does not loop after ending.
Keep getting these "The error was 406 not acceptable" errors whenever I try to post. Network error or something. Sometimes it lets me post but it is trial and error. Deleted cookies, no change.
>>425163 The new server has a rather aggressive firewall and it sometimes hangs up on message content, I even had it hang up on a file before. Credit to you though, you managed to trip up 3 different firewall rules. I'll look into whether it is possible to set the paranoia level lower, I don't want to turn it off outright. I also disabled the firewall rules you triggered, but that doesn't mean you may not trip up on something else, so please report any other 406 errors you may see. It is directly related to either the url you try accessing, or any files & messages you try posting (whether they contain potential sql injections, that sort of thing).
edit: the triggered rules were already in the lowest paranoia level. So all I can do is to manually disable any rules whenever someone reports getting 406 issues.
>>425256 It's organic spam, meaning that some poor sod actually has the job of spamming random online forms with different combinations of a phrase and images. For that reason, it's hard to pinpoint it with filters.
>>425303 It doesn't matter if the board is low traffic, having your video up so many places increases the chance of it being visible. Even if 0.1% translates to clicks, it helps (which is why you want it spammed hundreds of times). Also since the spam is formatted as discussions on a social media site, it translates to SEO score, which means Google will list it higher up too. As for posting it, you can buy such services or even hire people on craigslist to do that for you; give them a list of sites to post on to bypass automated post filtering. There was one guy on /g/ who specifically did that to shill some product, I forgot if it was for macs or Brave browser or latest Intel chips. There's a screencap of it somewhere.
Found a tiny bug: https://boards.plus4chan.org/jam/t418253.html#p418590 When the WEBM opens in a new window (it never opens inside the page), it stops not at the very last frame, but the frame right before it. I double checked, the file does not play all the way through, always 1 frame left. I would know since I cut that clip personally and made sure to do it right.
>>425719 If you open it in a new window, then it will be running on its own, outside the board system. We don't modify files on upload, so the problem will be on your browser in that case.
>(it never opens inside the page) That's a more serious issue. Do other webms open fine? Is it something that happens after posting (when the new post is loaded via ajax), or if you press F5? What browser?
Updates: - privacy fix: time of the last post you made will now be deleted from your machine, on the next board visit after the post cooldown has elapsed (the value is stored for the post cooldown). - hopefully fixed a bug in the quick reply post cooldown, where it did not reset if you deleted the last post you just made. - when selecting an image for posting, the file dialog sometimes does not show all uploadable files. now it shows every file. In the future I want to limit this to only show uploadable file types, but some types have multiple extensions so it's not so simple (for ex. .jpg and .jpeg). - changed thread statistics on the top: -- if a bump limit is reached, the numbers are in italics (applies to both posts and images). -- updates when deleting a post -- updates when you post a file type that isn't listed (for ex. when the first video file is uploaded to a thread, it will then say "videos: 1")
>>426423 Seems the minifier I use was overly ambitious, switched to a different one.
>>426424 >>426425 That sounds like the no-script behavior. I imagine it was a minifier bug again, most likely it used a too new syntax that was incompatible with your browser. I switched settings for that too, hopefully it works now. However, I couldn't reproduce that bug even with Internet Explorer, so I'm puzzled as to what is the issue.
I've recently blacklisted a large amount of IPs that hanged up on our spam filters. They were all range bans, so if anyone ended up being caught in them, please notify me on the support email or on twitter.
Site updates: - added mobile menu, and some tweaks were made to improve spacing on mobile. - arena style tweaked, should not hang as much on mobiles now, spoiler now uses light on light base - lots of other minor tweaks both in styles and backend.
Jesus you need to clear out that spamming quick-like. Strange compared to previous incidents, it doesn't even have some sort of linking to elsewhere involved so what's the point of it?
>>426821 Is there any other measures that can be currently undertaken to shield the website from the reoccurring illegal content spambots? Speaking of there's a thread up over on /jam/ at the moment.
Updates: - fixed a bug in thread statistics - password is required for posting. note that this only affects you if you have javascript off. - on the hovering post previews, if a preview has multiple post numbers, the hovered post number should be dashed. - #heroes is no longer saved to the username (similar to #fortune) - in desktop view, expanded images default to max 150% of window height. - added a disclaimer
Seems to be another post-update bug. NSFW/Spoiler-capped images don't appear, as in the NSFW/spoiler image thumbnail isn't there/loaded. But if you click on the very side of the post you can still open it up as normal.
Updates: - more mobile optimizations. - removed the "max image height", it didn't work as good as expected. - post icons now have a dropdown for the non-essential stuff, to reduce clutter - added reverse image search links (look in the dropdown button)
Not sure if this is a good icon for dropdowns, the "three vertical dots" might be more appropriate.
Connection issues are still being bad, only for plus4chan. But the strange part is its inconsistent, sometimes things will load fine but other times you need to wait and retry repeatedly for a long while just to load a single page or get a post through.
I've decided enough is enough and booted the furry spammer. plus4chan is now lighter by 22.6 gigabytes and 13000 files. The posts weren't deleted, only the files, so you might see a lot of "file deleted" messages. If you see threads which are 99% of those and no other content, please report them. edit: nevermind, deleted all the empty posts too. Kept the threads and posts with actual text around, unless the threads were mostly empty, which I just deleted. There were several threads where he was the only poster.
There was a bunch of good stuff there, so now we have a lot of quotes leading to deleted posts in some of the threads. But it was either that or manually sorting out everything. So if you have some good content for the gutted threads, now's the time to post them.
still, nearly 23 gigabytes, damn. That's a very significant chunk of the boards active content, and that's not counting the dozens of threads I nuked before.
Sharing content with other people is a fun thing to do but he went out of his way to not interact with or respond to anyone else on the website, to the point of pretty much never typing a single word. Its like he was posting all this images just to post them, the presence of others be damned. Why would someone act that way?
>>427902 I like to play Devil's Advocate, my favourite vidyagaem actually. So I will raise the possibility that he/she genuinely believes that imageboards are just to post images, and not to talk to other people, or even attempt to. Like imageboards are just hosting sites, for....... who exactly? If you don't interact with others the impression becomes that you are posting for yourself. In which case, why not just post in your mind?
>>427909 Tweaked things again, it seems there were too many active connections for the server to keep track of one way or another. Values seem to be stable now at a pretty low value, hopefully it'll stay like that on the long run.
ok, there were several services that needed to be tweaked because when one was set to allow for our traffic, something else collapsed. Right now it seems that apache itself is the thing that refuses to take in so many connections, despite only using 4% memory. I think it works now, but I suspect if there's a lot of load, it'll still start refusing connections.
>>427947 It means delaying the loading of certain assets until they are actually needed, to ease the load on the server. In this case, delaying the load of images until you scroll them into view, so the server doesn't get hit by 400+ requests simultaneously whenever a thread is opened. Instead it will only get hits on the ones you see. Best case scenario is we don't have to load several hundred thumbnails, but usually it just means that the load is spread out over several seconds, perhaps even minutes. The thread layout on imageboards is especially suited for this, but unfortunately the catalog less so.
This was done because the recent loading problems had their root in the server getting hit by too many requests. Further inspection showed that the cause was a bunch of very eager image crawlers, which I've locked out since. So hopefully the site should not have any loading issues now.
We might still have a short amount of downtime as I plan on doing some further server upgrades to hopefully prevent this from happening again.
I hope no errors will be found with this current setup because it's notably faster on my end. Right now there's only one bug I know of, which doesn't affect the live site, and it's something I've been meaning to work on anyway.
>>427951 something like that, but in a videogame you do it because you couldn't fit the assets into memory otherwise, here it's just to balance the load and minimize waste.
>>427967 yeah, I noticed it a few days ago, but there's some trickery with the way the lazy loading works which may make it take longer than expected to fix, and I didn't have time between working on the other things.
>>427972 Something was wrong on the host side of things, I don't know what, had to reboot everything to get the server connectable again.
>>427898 Looked around a bit in old threads and it seems he was quite active for a longer time... ever since the beginning. There are still several thousand of his posts lying around in old threads.
>>428049 I don't know, but I cleaned him out. That's another ~6400 files over 6.3 gigabytes (so almost 20000 files and 29 gigabytes in total). It made a mess out of older threads, especially on some of the /co/ ones. On /pco/, some threads were reduced to a dozen posts with only 1-2 images left.
>>428055 Sometimes you've got to cut deep to get at the source of the rot, just clean away all the rough edges left behind and everything will be better off for it.
>>428264 testing edit: seems to be working on my end. I did notice the site loaded slowly today, but I didn't notice anything peculiar going on, so it must've been an occasional slowdown.
BIG update: - modernized a lot of the backend code. This means that anything can break with this update, so please report any bugs, no matter how minor. This was necessary for several reasons, the least of them being that the site did not work with PHP 8.0. - post.php rewritten from scratch. If posting is broken, send me a notice at support@plus4chan.org. - index pages and threads now use a more heavily optimized query (up to 5x less memory and 10x faster query execution). It can be still optimized further with some caching. - If you post the raw url of any thread (or thread with reply/quote id), it should automatically get converted to a formatted backlink. - more powerful post blocking, with hopefully saner error messages. - actual error pages instead of empty ones - OP post thumbnails are now 250x250 from now on. The old ones are still at the same size, I'll convert them later. - moved the post allowance (file size limits) into the quick reply box, as a hovering tooltip. - banner generation tweaked, should be possible now to right click->save as. - when opening Flash files without a browser plugin, the site now warns you that you need one. Reminder that you can get a third party plugin from Ruffle.rs to still view most Flash files. - capcode status is now saved - tweak in RSS filters - tons of other internal changes
>>428345 That's actually a board feature that was broken (or unimplemented) in secrets old post.php: you can assign a default message in case it is empty. It was only set up for /cog/, I assume out of testing. Turned it back off.
There seems to be a weird bot going around making random text replies to threads. What is the point when its not trying to post some sort of image or link?
updates: - links to boards are now correctly handled (for ex >>>/co/). - thread stats are now properly cached, saving a good 1/3rd of the query time on each page load that needs this data (after the cache is generated). - given out bans are now prioritized. - some fixes in the heroes template.
>>428369 It's mostly just a bunch of newfag board tourists.
>>428732 I don't know which ones this site is seeing at the moment, but many of them are humans posting commercial spam. With the more experienced ones, it's tough to get rid of them without also getting rid of anyone new. If you're on in timezones which see a lot of spam, consider being a janitor.
Judging by how often nodes are banned, my guess is Tor is being used, but I use it too so naturally a full permaban (using a DNSBL) would suck.
>>428738 >If I only had time I'd think of the perfect crime
Steps were already taken by the way, but I'm still monitoring how it affects posting to make sure we only block what we have to.
>>428758 Yeah, it's clear from their posts that it is "organic" spam - some poor bastard has the day job of posting this shit on a list of imageboards. And they keep changing patterns, so it's not easy to block them. One of our mods made a site that lists cross-imageboard spam, but it hasn't been updated in years and he is missing in action too.
>I don't know which ones this site is seeing at the moment The one that always puts dots/slashes between random letters of keywords, rotates the keywords, and usually has some asian script at the end of the line. Which ones are you getting? Do you have any techniques in place for automatically detecting them? Would be nice to swap ideas.
>Judging by how often nodes are banned, my guess is Tor is being used Tor is not used, I check for those. It's probably proxies or VPNs, or they are coming from botnets. The only full solution to get rid of them would be to subscribe into some spam db (all the ones I had to manually ban are on several blacklists), but those usually cost money, and even that would only be temporary & not fully accurate and possibly hit regular users too.
Also if we ban tor nodes, it's because they get caught in the autoban system, which blocked thousands of posts already. What you see getting through is really just 1% of the spam we get. Tell me if you need one of them unbanned.
>>428760 >One of our mods made a site that lists cross-imageboard spam, but it hasn't been updated in years and he is missing in action too. Haha what are the odds; it's me. I got preoccupied with literally dozens of other projects in the past few years so I drop in here like once or twice a month to see how things are going. If you would find it useful, I can restart the project. It''s been abandoned for 2 years, but month ago I decided to rewrite the project in Rust and with proper data structures as an experiment because the Python code started hitting efficiency errors on the old raspberry pi I was using. What kind of features would you find useful? Email/rss alerts? Spam filter integration? I realize this IB has custom software so I can't just code up a stock solution, but if you want image MD5 or SHA hashes (or maybe even phashes), or content strings of posts which appear on at least two unrelated imageboards, then that's the kind of thing it can help with.
[cont] >>428760 >Which ones are you getting? Do you have any techniques in place for automatically detecting them? Would be nice to swap ideas. Many months ago I was seeing ones of a girl in a pool with a (regularly changing, making crypto-hashes like MD5 worthless) shortened link in pink text, filename as random letters, no text unless there was a character limit and then it was a random keyboard mash. With offline tests, I was able to detect these pretty effectively with vichan's daily reminder: never use vichan, even vichan maintainers tell people not to image-text-detection filter. But of course, a better way would be with a phash generator, and I suspect the technology is only getting better. So a phash is worth experimenting with if there's a consistent image. Then I started seeing (and I suspect it's the same op) a pedobear image with a text link overlayed. Still fucking annoying and daily, but at least it wasn't cp on the front page every day. Again, phashes would be effective. Some of the dumber ones have predictable text, especially with generic pharma/documents spam and the ones describing the content they sell. I believe we had success with a simple text filter, where we could make a filter no-one would accidentally trip, and return a fake error message to deter them trying to workaround (technical junk like "PHP error 500: Null value cannot be converted to string. post.php:1572", or "Incorrect captcha" and loading a fake captcha form). But you're obviously not dealing with ones where you have the confidence to automatically screw them over yet.
Custom captchas (at least by themselves) seem worthless. By this I mean one where a bot would be stumped by a human has no trouble. But ones which require community-specific knowledge may be effective.... but at the risk of alienating new users. An example of attempting this is some anime IB I once made a post on (for an intersite event they asked to participate in) and they had an image captcha of something like 'select all the pictures of Toga Himiko'. Now, that implementation isn't effective against a human because I don't know shit about anime and managed to pass it first time by using a search engine, but the idea is there. Of course, that's a higher barrier of entry and comes with the downsides. An effective version of this would be actual gatekeeping.
As a temp solution, if you know regex (use a helpful site like regex101 which explains a regex string, very useful for making sure you don't accidentally ban every single post by getting one letter wrong in the query) then it's possible to detecting really unnatural ways of typing, or for filtering out the dots and slashes before running other detection.
>>428761 >>428762 The list would be good for reference; the thing with this spam is that the more samples I have of it, the easier it is to find a pattern. Once I have enough samples, I usually am able to block them. Image MD5s are helpful because we use those (same format as 4chan does), but it's easy to get around them.
RSS would be a great option for your site, I use that regularly. If anything, it would give me a heads up, and I'd be able to check more samples, and more easily find a proper pattern.
>content strings of posts which appear on at least two unrelated imageboards Yes, exactly, that would be great.
Beyond that it would be nice if there'd be someone else to ban them when I'm not around so they don't stay up for half a day at times. There's a guy here who regularly marks them (thank you, whoever you are), so at least I can rely on the report system, but I'm not around 24/7.
>a girl in a pool We haven't gotten those as far as I know.
>So a phash is worth experimenting with if there's a consistent image. Thanks, I'll check phashes out. I'm mostly worried about false positives, so OCR solutions aren't 100%. But most of the time I can find enough common things in the spammers.
>a pedobear image with a text link overlayed We got those, they were easy to block once I actually started comparing the images. They still turn up every once in a while, but they land in the spam pot. Ironically the one time they got through in the past months is when they didn't post the image.
>As a temp solution, if you know regex (use a helpful site like regex101 haha, yes, I know regex101, in fact I put a warning in the backend to use that. Extremely useful site, but I don't want to know whatever nine hells the author of it had to go through to make it functional. either way regex phrase bans are not useful with the spam we got - we tried. They rarely even block just one post. The spam changes keywords with every post. When I put in an (elaborate, regex based, checking for random characters between letters) phrase ban, they just change key words. It only shows up like once a week so I have to wait for so long to wait if any solution works or not.
Is there like a think thank where admins/mods discuss how to ban these? I'd love to read any insights people may have found, and post the ones I did.
>>428768 >in fact I put a warning in the backend to use that. Extremely useful site, but I don't want to know whatever nine hells the author of it had to go through to make it functional. Yeah, that's a good idea to add a warning. On more than one occasion I've basically banned all posts with a missing character in the regex, or messed up hyperlinks with a joke word-filter. I think they've also got a work-in-progress ticket to add detection for 'evil regex' which can be abused to DoS a site.
vichan uses MD5s, lynxchan uses SHA256, so that's annoying, but I'll see what I can do.
>Is there like a think thank where admins/mods discuss how to ban these? I'm not aware of one, just random conversations when someone asks "can u ban [x]?"
There was a bug with the archives due to a server misconfiguration, it is fixed now. I'm thinking of uploading those to archive.org so they never get lost, any thoughts on that?
Last week I made some updates to the catalog, the hover bubble now gives more info on each thread, and you can change the order of threads to most posts, most files, etc, although this is not too useful for plus4chan...
>>428798 The entire board is custom made. Most of the graphics were made by secret, I added a few of my own.
>>428804 >On more than one occasion I've basically banned all posts with a missing character in the regex, or messed up hyperlinks with a joke word-filter. I've broken the entire board innumerable times while messing with server settings, but we are not that active so almost nobody notices it.
>vichan uses MD5s, lynxchan uses SHA256, so that's annoying, but I'll see what I can do. Add both! On that note, would it be helpful if we used both? The site only does MD5 for now.
>I'm not aware of one, just random conversations when someone asks "can u ban [x]?" Yeah I'm thinking of something more along the lines of that spam collector that you made, and ideas on how to catch them. I know of stopforumspam.com and I've considered using it, but it would do more harm than good and any manual verification wouldn't make a difference.
>>428512 >>428535 I was hoping someone would mention it, but have you tried clicking on some of the banners yet?
>>428768 >There's a guy here who regularly marks them That would be me. Do you want to just give me the power to delete/ban the offending posts instead of simply marking them? Asked on twitter before if there was opportunities for taking up some kind of mod position after becoming frustrated at their presence but was told you don't ask that kind of thing.
There's one up on this board at the moment that needs done away with.
>>428805 >>vichan uses MD5s, lynxchan uses SHA256, so that's annoying, but I'll see what I can do. >Add both! On that note, would it be helpful if we used both? The site only does MD5 for now What I was trying to say is that, unless I manually grab the pictures and recalculate hashes, I only get one or the other and can't cross-reference. I'll get the site up and running again before I look into downloading images, which could be useful for phashes.
I guess my main goals, now that the basic scraping and normalization is complete, is to:
> create a (static) API, so you can download a .json file with all the new spam in the last 7 days and write a bot to look for it
> add an automatic confidence rating: duplicate text or images isn't enough to declare something is (unwanted) spam, especially generic short OPs and popular reaction images, or letting people know about events like ICUP and inter-imageboard events, so it will take into account how many sites received it, if it's been deleted off multiple sites, etc.
> add other categories based on keywords (like if something hits a known CP spam keyword, we can add that keyword, or if there is obvious signs of /pol/vangelism spam or wojak raiding, an admin can decide if they allow that or not)
> get the neocities site up and running
Since I have a chance to redo that site, does anything come to mind that would make the site more useful? Like javascript filtering options?
>>428808 half the posts you mark aren't spam, just either dumb people or people having fun (sometimes you even reported my own posts). But, please do keep reporting, I can't read every single post so sometimes stuff gets through without me noticing.
>There's one up on this board at the moment that needs done away with. Yeah and I wonder how it got past the spam filters in place, since it looks like something that should've been caught. Perhaps I should put in an admin button that puts the post into a spam db instead of deleting it, so I can analyze it later.
>>428809 can't think of anything at the moment, other than listing IPs and whether the post comes from Tor. Listing where the post was found is a good idea, but I think you already do that.
>>428811 >Perhaps I should put in an admin button that puts the post into a spam db instead of deleting it, so I can analyze it later. Another imageboard I used had a hidden board for moving spam into. Requires no code changes if the move feature is solid. Just make sure it's not publicly accessible, because I think a Cloudflare (we used their services) automated email came through accusing us of hosting lots of spam. Or something like that.
>>428811 >can't think of anything at the moment, other than listing IPs and whether the post comes from Tor. Listing where the post was found is a good idea, but I think you already do that. Good idea, although currently not an option because I get the results by scrapping around 30 imageboards and comparing results.
>>428820 No worries, it's not public. It was easier to set up that way, because a lot of backend functionality is missing. There's no way to move to other boards for one.
I used to log referrers too, stopped that after looking at them once.
>>428828 Nice. I see some issues, not sure how intentional they are: - when clicking "references", it goes into this weird view where the post itself isn't formatted and the actual references don't show up - when clicking a tag, it goes into another weird view where a lot of things are shown, but not the post itself.
You could also make the post file link to a view where it shows all posts using that file hash. Also, collecting the links inside the post is another thing we can possibly categorize posts by. I'm happy to say that out of the stuff I see on your site, only one goes through our spam filter and last time it took the poster 6 tries to do so.
>>428830 Also, just a reminder because I realize I haven't mentioned it on the site yet, it currently only looks at OPs for efficiency reasons. Not sure if this will be changed in the future.
>- when clicking "references", it goes into this weird view where the post itself isn't formatted and the actual references don't show up That's because I haven't reconfigured that page so it's good you point it out, currently clicking the filename or references (I need to find a more intuitive way...) will take you to the actual detected post's detail page, I just haven't added those details. Under the hood, it's a blog site template and the detections are posts. So I'm now going through and adding more information, like hash codes, time, formatting, and the references.
>- when clicking a tag, it goes into another weird view where a lot of things are shown, but not the post itself. It should be taking you to a list of the posts which share that tag. This is by the site design and I thought it was expected behavior.
>You could also make the post file link to a view where it shows all posts using that file hash. Yeah, it's the same page as the references page, where I haven't added the details like that hashes or references.
>Also, collecting the links inside the post is another thing we can possibly categorize posts by. Good idea, I'll try and get that going after fixing those page layouts.
>I'm happy to say that out of the stuff I see on your site, only one goes through our spam filter and last time it took the poster 6 tries to do so. That's good to hear, and this can hopefully help preemptively filter out a few blatant ones with targeted misleading blocks like "Site in maintenance mode, log in to post". Protip: the "TAKE ACTION NOW" guy is nuts. They've been posting that same copypasta for like 5 years now, I think they've done it here before, and as you can see with uboachan (who kept the threads up to troll them) they're persistent when they think mods are censoring them. I've had success by showing fake errors on their unique copypasta keyphrases and filename before they first arrive.
>>428834 >it currently only looks at OPs for efficiency reasons. Some of the bots over here tend to post replies too, not just OPs.
The file md5 now works, although I'd mark the md5 at the top, as the title, that this is the archive for file with this md5. Actually, I'd do that for all the post archives - make it clear by putting it on the page title (by that I mean the top h1 tag) that this is a lookup for a single post, a tag, a file md5 etc. It's a bit all over the place right now. I'd also try collecting the posters name + subject, if they exist. Sometimes you can pin users based on that.
Going at the references now either works, makes the page load for a very long time, or gives a 404. Or the entire index just loads slow too. Might want to add back some pagination, the main index seems to have all the posts.
>They've been posting that same copypasta for like 5 years now, I think they've done it here before we haven't seen that. However CP spammers have been hitting us for several years. The two most recurring ones are both on your site. Used to be a podcast spammer and naggers too but they were easy to filter out. There's also a ton of actual automated bot spam, I have like a dozen different protections and honeypots, so they don't even get into the logs that often now.
I haven't tried putting in fake messages yet. Most spammers only turn up once or twice a week, so I can only do something about them so often.
>>428835 >although I'd mark the md5 at the top, as the title, that this is the archive for file with this md5 It's marked for each thread right now, because a detection can consolidate multiple criteria, and so different threads within the same detection can have different MD5 / SHA1 hashes. Consider: Detection: Duplicate body, Duplicate MD5 >[Body: Buy drugs!] [Filename: drugs1.jpg] [MD5: deadbeefcafe11111] >[Body: Do u liek drugs? Buy drugs!] [Filename: drugs1.jpg] [MD5: deadbeefcafe11111] >[Body: Buy drugs!] [Filename: drugs2.jpg] [SHA1: badface22222222222222] I group these all as one detection, instead of potentially having 3 different entries for the same spam.
>Actually, I'd do that for all the post archives - make it clear by putting it on the page title (by that I mean the top h1 tag) that this is a lookup for a single post, a tag, a file md5 etc. It's a bit all over the place right now. Yep, it is pretty vague right now, I'll fix that up.
>Going at the references now either works, makes the page load for a very long time, or gives a 404. The long loads and 404s edit: should be fixed, was a an issue with the neocities CLI
Pagination is currently still set to 50, when there was far less data being loaded, so I'll drop it down to 20.
>>428837 >It's marked for each thread right now, because a detection can consolidate multiple criteria, and so different threads within the same detection can have different MD5 / SHA1 hashes. Consider:
It was a mistake on my part, I assumed you could search by image hash, but when you select a file name it takes you to the post view, not a "posts by hash" archive.
I still get long loads some time.
Also some of the most recent posts don't have the links redacted.
>>428842 >Also some of the most recent posts don't have the links redacted. Just fixed that right now. Regex messup (forgot to add a repetition).
>It was a mistake on my part Eh, it's also questionable design on my part.
While I haven't done any comment-scraping yet (it's on the to-do list, I think it's achievable with efficiency on most boards) I have been able to distinguish two different spammers both posting that same short-link. Be advised, the first one is more experienced with evading (random keymashing filenames, removing body text when suspecting a filter) so while you did mention not needing to use fake rejection messages, this is a case where I'd say it's worth investing in. With that done, and easy regex on their keywords should be safe enough to avoid false positives without prompting them to attempt evading. (You could even put it in Japanese too to make sure they get the message lol)
>>428836 >oh, and the funniest part is that the spammers also post on the ban appeal page. A post form is a post form. heh, that reminds me. Last time I ran the bot, I did end up getting a fan mail.
>>428843 >heh, that reminds me. Last time I ran the bot, I did end up getting a fan mail. Send them a reply to the effect of "thank you, your email has been successfully subscribed to the north american man/boy love association newsletter".
>While I haven't done any comment-scraping yet Don't most type of boards have a JSON API you can use for scraping? They all use one or two different open source board engines, I mean. That could make comment scraping not much more difficult than OP scraping. I suppose it could get annoying if the threads only list the last bump time, not the last post time (in case for threads beyond the bump limit that still get posts).
>random keymashing filenames, removing body text when suspecting a filter yup, seen that. They change names, keywords, remove the protocol from the urls, change images, try on other boards, remove the keywords entirely, remove the shortURLs and post the links directly, etc. They are well trained.
>and easy regex on their keywords should be safe enough to avoid false positives I tried that for years, it made zero difference. They rotate keywords constantly. But last winter I finally finished rewriting post.php completely, so it's much easier to add custom spam detection, it just does not show up in the admin (which also needs to be remade at some point).
>You could even put it in Japanese too to make sure they get the message lol Since I only got 1 false positive in years, I'm thinking it's time to get more creative instead of just a simple return message. Like activating myhouse or having a screamer appear. Redirect them to goatse/tubgirl or to fbi.gov.
>>428844 >Don't most type of boards have a JSON API you can use for scraping? Yep, and that's what I've been using. I've currently scraping vichan, lynxchan and jschan. The way I was doing OP scraping was: >vichan - getting the catalog.json page of highest traffic/spam boards and checking each entry if the post number > the cached post number. Simple, one request per board. >lynxchan - same thing, but the catalog page doesn't have the file details so I have to load each of the index json pages when necessary, so usually is about 2/3 requests per board. >jschan - they actually have an overboard json, unlike the others! One request for all boards.
But, I've realized, that doing HTML scrapping of the vichan/lynxchan overboard pages to grab new OPs and comments is probably a feasible strategy in terms of efficiency and coverage (the vichan boards IIRC default to 15 posts on the overboard, so if they're not fast enough tot get more than 15 new posts bumped per 10 minutes, or 5 new posts in a thread in that time, it will capture all the posts and threads).
>They rotate keywords constantly I feel like there are only about a dozen keywords they cycle through, right?
>Since I only got 1 false positive in years, I'm thinking it's time to get more creative instead of just a simple return message. Yeah, if you can do individual messages for a filter and you filter something so specific that no-one could reasonable trip by accident (which we are fortunate enough that they do) then it would be great to deafen then and put some gore up. I guess the issue with that is it might make them try to fall back on not adding text and that makes them so much harder to confidently detect. So that's why I'd suggest playing it safe and throwing red herring error messages.
>>428850 crawling overboards might miss out some posts, although that assumes those altchans ever get popular enough, haha.
>I feel like there are only about a dozen keywords they cycle through, right? About right but every time I get them in the filter they add a new one, and due to the content of the other boards some wouldn't be easy to filter without a permutation of the other one in there, and they change those constantly.
Interesting. Ever since last time when I managed to stop them from posting completely, there hasn't been any activity from the illegal spam bots. I can see on your spam detection robot that they are active elsewhere, but they haven't posted here.
>>428982 Well, shortly after I wrote that, we got another attempt at illegal spam, but it got blocked. Wonder how long until the next attempt. What makes them post sometimes faster, sometimes slower, is it affected by how successful they are at posting some place? Or how long it takes for their posts to be removed?
>>428983 >What makes them post sometimes faster, sometimes slower, is it affected by how successful they are at posting some place? I don't know for sure, but I assume yes. I guess if they keep getting blocked on a site then they'll be more likely to invest their time into others. The spam isn't ideological, it's business. They go for the easiest targets, forums and imageboards, and if you're properly hard to spam, like it takes 5 minutes for them to fail to make a single post, then you're a waste of time to them, they have a hundred other sites to spam on. My guess is that there's two or three spam sites doing it, but one is the most persistent and has multiple very-distinct posting styles so I've assumed it's multiple spammers both posting for the one site. We might have seen one give up, or maybe they forgot how hard we were to spam and tried again.
>Or how long it takes for their posts to be removed? I assume they don't even know how long it takes, they just post and leave. They're not sticking around to see the replies. /pol/ schizo spammers occasionally do stick around to cry/bump and occasionally even repost when deleted, but not the CP spammers. That's why I'm grateful to see you've found ways to prevent them posting rather than merely having a fast deletion time. Successfully blocking them and their filter-evasion attempts will stop them even attempting to post, if they have any sense. And if you can do that with little-to-no false positives, it's a resounding success!
>>428984 You've got a point. I don't recall seeing any entries for them in the access log after they make a post. I never really made a more detailed search on that, but they also cycle IPs so that wouldn't mean much. Which means they just fire and forget on as many sites as possible.
Now I wonder how adaptable my antispam code would be for other chans. Some of the measures I use definitely wouldn't work without restructuring their forms, but the ones I use for this spam might be adaptable.
>>428996 I don't know much about futaba and that family of imageboards, vichan (as horrible as it is) has excellent filtering capabilities as far as regex filters and performing actions on a detection so they could be adaptable, I suspect lynxchan and jschan would both need significant changes to source code to make their filtering any good, very bare-bones.
>>429008 The measures I'm using require more than just a regex filter, it is custom code in post.php that checks for a lot of stuff, http headers, partial images, etc, and I guess it depends on how the imageboard stores a lot of data too.
>>429010 I'm reasonably confident in saying that most imageboards don't even store http headers or do any image checking. In my experience, they don't even process user agents. vichan has an optional text recognition function which I guess approximately 0 sites use because you have to hack it a little into working, but I'd say none have any partial image checking like you said (which I agree seems like a very useful tactic against some of the spammers). It's all possible, but would require new custom dev work that most IBs probably wouldn't bother with unless they have an active developer (many admins aren't devs).
>>429014 Oh, I don't store headers or user agents or anything like that. But yeah, like you said, getting it working on other sites would require extra work.
The partial image check I do still needs to be expanded upon, right now it's hardcoded because I only needed to use it sparsely.
>>428828 >https://xj9k.neocities.org/ Have you updated this site to cover a lot more imageboards lately, or did the spambots just kicked into overdrive? I see the illegal spam getting as much as 160+ samples, which is insane considering that it is all manually posted.
>>429405 Nothing's really changed beyond tagging. It still only looks at OPs, and the number of boards covered hasn't gone up much. A notable change this week was grouping the "NEW VIDS & PICS" spammer (was matching '&' instead of '&' lol).
As for the '162 matches' one, it's bumping up the same list with new posts which are confidently detected to be the same spammer, that list goes back to the start of 29 April (expand the bottom one). Over two months, that is about 2-3 per day (in practice, more like 15 every 5 days as they come in waves of drive-by posting). I only do that grouping with the most pervasive spammers, who have a clear unique pattern. In other news, today some indiachan /b/ user has apparently had a mental breakdown. One peculiarity, and part of the reason I checked in today, is that there's a user spamming links for both hikki and 3 chans in one post. I wonder if it's a user of both sites, or common ownership.
>>429410 Oh, I see, you count the spam type not the appearance of each specific post. I think that's a bad decision, because this way it won't show the previous posts of the spammer. Having a lot of samples is necessary in finding a pattern that can detect these spammers.
>>429411 >Oh, I see, you count the spam type not the appearance of each specific post. I group by known spam type, and all the previous posts are in there. This example shows three different, but related, spam posts grouped together, so that we can notice the variations: two share URLs and files, two share format. This also means the list isn't flooded with 130 entries of the same spam type.
>>429426 Got it, I didn't see that. But I have to say that this UI isn't the most intuitive. Or maybe I'm just expecting different things from it. An easier way to see all of the posts data side by side may help with finding patterns, although that does not mean much because the spam is clearly randomized by a human to get around patterns.
>>429427 Unfortunately I can't work on the UI right now (have a whole bunch of side projects taking priority), I do agree that it's not very intuitive nor the most useful. >although that does not mean much because the spam is clearly randomized by a human to get around patterns On the other hand, even the randomness is predictable once you realize these are a couple of different posting styles. > One style adds predicable descriptive words, with non-word symbols in the middle (easily ignored in regex) > One style just posts the link, and maybe a random letter or keysmash, never actual words and seemingly never anything long (can help make a link-detection filter hit less far false positives) > One style adds heart characters in the middle of words (the symbol is very very rare in other posts, and currently unseen in the middle of two letters) Combine that with their image filenames (the one that tries to randomize does random keyboard spam, so it's lowercase letters and occasionally numbers) and other factors, I'd say you can get a pretty strong filter, especially if your board has actual standards of effort in a post (e.g. just posting a URL without a >>cite reply or description is fine to reject)
* and a note about "getting around patterns": Most IB admins suck at automated antispam. As in, really suck.
So, a site just needs to be enough of a pain for them to filter evade that they move on to other easier sites. That's why these spammers are still putting URLs in their post text (in most cases, even with "https" still attached), instead of the nastier ones from last years which only put the link in the picture and then copypasted a real post to filter evade. That stuff is far tougher to combat with filters, possibly requiring an OCR script to extract the text from the image.
>>429428 >>429429 The problem with all of these is that they change patterns once you make a filter for one of them, so I don't think a simple regex does this. The ones I put in place had zero effect. I have a more nuclear solution in place, which seems to work fine so far, but I temporarily removed it because I need more statistics before I can reliably make it automated - for now it is all hand crafted. The bad part is that for stuff like the watermark spammer, I still need an initial image sample.
What is more efficient in hiding the spam is simply not returning any error on detection. In this case the spammers will stop, thinking they successfully made a post. If you return errors, they will keep changing the post until it passes.
>>429433 Yep. And it doesn't help that the softwares don't make it easy. I didn't mean it as an insult, but to emphasise you can stay well ahead of the curve with basic indie filters. Most spammers are doing anti-spam that can be confidently detected with a regex, because most sites will just let them post it. So as long as they're able to do that, they won't be wasting much time on special cases.
small fixes: - rss links on frontpage were broken - normalized rss titles/descriptions across the feed itself and the feed links
also, I should note that the last time the illegal spammer hit, the board managed to not only block him with a spam message but also ban him after repeated tries. The filter still has some huge weaknesses, but it's slowly getting better.
>>429683 Yeah I just want to say it appears to be working pretty well. I haven't seen that kind of spam for ages (but that said, I only browse a couple of boards)
heh, the deranged indonesian art spammer who cries about 'how can i make 6 digit sales for my crappy pencil sketches' is whining about us (and some other imageboards) because we didnt reply
>>430092 >>430096 There's a guy from indonesia who keeps posting the same thing over and over on half the boards, asking questions about how to do some art stuff. He comes back every few months.
>>430098 It's not that interesting, just adding the names of imageboards in their name field https://4chon.me/lounge/res/64182.html
>>430092 This fella: https://hikari3.ch/en/res/1450.html#q1471 They go around copy-paste spamming the same posts on ten different boards and get mad when you don't help them get 6 digit views/sales with an a4 image or give them the magic code to some advanced concept far beyond their capability. Artboard traditions dictate that you tell them to draw a space marine.
small change: when closing a quick reply, the confirm message will not pop up if your post is only backlinks or white space. So for example if you click on Reply accidentally, then close the quick reply, it won't nag you.
>>430431 >>430438 The loading problem was caused by our host having issues with their storage slab. It should be fixed now.
This is not the first time it happened. I'll see if I can decouple the site itself so only the media is hosted on the slab (which is the only thing that needs it to begin with).