I have had problems with spammers in the past. It is so annoying to be constantly inundated with robotic registrations requests. I guess the good news is that they are not in the site posting links for male enhancements.
In any event, as no one ever noticed, this website used to have a phpBB forum. It was a bit clunky and didn’t quite look like the blog, but it worked and had tons of functionality. Recently, however, I decided to migrate to bbPress. (The migration tool wasn’t great and I had to install a plug-in to customize the colors, because I didn’t feel like hassling with CSS, but I got everything over and it’s operational.) The reason was because my hosting provider only allows two DBs for my account level and I wanted one of them for something else. I didn’t know if bbPress would just use the same DB as WordPress, but turns out that it does. Win!
Anyway, for the past few years I’ve been wondering why the phpBB registration has been constantly hammered by spammers while the blog registration has not. I finally figured it out; my blog doesn’t have a registration!
I thought about opening the registration, but after doing a bunch of research on anti-spam plug-ins and moderation tools, I decided that invitation only is the best. Perhaps one day this blog will be large enough that I’ll want to invest in all that, but for the time being, anyone who wants in will just need to contact me and request an invitation. For what it’s worth I’m only giving invitations to people I know. Sometimes tiny communities are best.
It’s been a very long time (over 3 years!) since I last wrote a line of code for this project, so my hiatus was obviously significantly extended. I’ll have more on that later, but I’ve decided once again to try to get back at it.
The first thing I did was log into the forum as an admin, only to find over 6272 registration requests. I’m sure that 100% of them are spam. Casually scanning the list, I’m seeing emails like firstname.lastname@example.org and email@example.com. These are not real people. I’ve been getting ~60 requests a day. ~44% are from a “.xyz” domain and ~39% are from “.ru”.
A long time ago (I think it was October 2018), I implemented the phpBB Q&A plugin spambot countermeasure. I choose a question that would not generate an answer if run on Google and would require a small amount of digging on the forum. Well, apparently sometime in July 2019 the spammers actually went to the effort of digging out the answer and programming it into their spambots.
I’ve now effectively disabled registration requests by requests by removing the answer to the Q&A, and it was easy enough to delete all of the requests from the admin panel, but I’m going to need to figure out a way to stop this. CAPTCHAs haven’t worked for a while. Email verification would probably help a ton, but I’d like a way to control registrations after the email is verified.
Also, I’m getting a slew of failed login attempt notifications as spammers try to brute force me admin password (I’m blocking IPs after 3 failure attempts) and and I still getting email spam even after changing the configuration to require being logged into email the admin (they might be guessing the email address).
This is going to require some thinking and research. I hate these people.
Like many nerdy youth, I spent a lot of time on my computer. Like many who were were youths in the ’80s, that computer was an Apple ][+. (Thank you, mom and dad, for chipping in so that I didn’t end up with a TRS80.) I had the RAM expansion board for a full 64K along with dual 5½” floppies that I modified with hardware switches to toggle write protection.
Most importantly, however, I learned BASIC and devoted considerable effort to writing software, most notably a program I called Function Plot (a utility that graphed functions in Cartesian and Polar coordinates) and games. Being a Dungeons & Dragons fanatic (who wasn’t, right?) and loving the Ultima and Wizardry series, those games were predominantly 2D RPGs. (The logic was in BASIC but I taught myself assembly in order to develop subroutines to quickly render the graphics.)
At one point in high school I learned Pascal, in college I then suffered for four years with Lisp (please don’t explain to me how awesome it is) and in my first job out of school I tinkered with the x486 BIOS and device drivers. I spent some time playing around with Borland C as well, although I never made much progress with that.
Then I moved to the dark side (business school) and my days of writing code were behind me. My career has been exclusively in computers and the internet, and I’ve worked closely with software developers, but I didn’t sling the code myself. (Albeit recently I’ve done a considerable amount of scripting in Ruby and R.) Over the years as I followed the evolution of software development I often wondered if I still had the chops. So a few years ago, I decided to find out.
The idea was to build, once again, a 2D RPG. No single developer could ever build anything approaching the scale of a modern RPG, but perhaps a lone programmer could put together something “old school.” Since mobile was ‘hot’ and smaller devices seemed like they might lend themselves better to a slow, low-res 2D game, and Java was ‘everywhere’, I decided to go with Android. Having never developed in Java, or OO for that matter, or on any framework, in March 2013 I nevertheless signed myself up for a full-day “Introduction to Android” boot camp taught by the amazing Nathan Esquenazi and Tim Lee, founders of CodePath.
That was a very depressing day.
I understood nothing and left convinced that there was no way this would ever happen. Yet in my minuscule amount of free time I persisted. Nathan and Tim were nothing short of fantastic in coaching me along the way, for no other reason than their love for teaching people to write code. My Stack Overflow page views grew. (How did anyone ever do anything without SO?) My wife was amazingly supportive, as always. Teeny, tiny pieces started coming together bit by bit (pun intended) until one day, finally, I got “it.”
Today, 10+k lines of code later, I think I can legitimately say that I have what is beginning to approach a real game, that people might actually be able to play. It may not be coming soon, or perhaps even ever at this rate, but in a relatively bug-free manner you can create a character, move around, do some stuff, kill a few monsters and get wiped out yourself. Fun!
Mortal Wayfare is not publicly available, but this website was put together a couple days ago to share (the very slow) progress and invite a few patient, understanding friends to Alpha test. Check out the Forum and come back periodically for updates. Perhaps one day we’ll meet in the Google Play Store.