The one way in which IPS4 is actually *less* secure than vBulletin...

[Streetwind]

...is in the way that robot account creation has been optimized for it. Seriously, I've been here since the end fo 2013, and I have seen maybe three random spambot threads on the KSP forums, ever.

All three of them, I will point out, were in the last two days!

This is a very worrying development from my point of view, because it looks like the start of something I've seen in pretty much every IPS-based forum I've ever frequented. The technology as it comes out of the box is extremely vulnerable to automated account creation. And if the operators of the automated spam robots notice that they regularly get through the registration progress, they will shift more and more focus on the forum in question, and custom-tailor their scripts specifically to further improve their chances of success.

Case in point: the forums of "Feed the Beast", a popular Minecraft modding community, were at one point so inundated with spambots that over 60% of all threads visible on the first page of the general discussion forum at any given time of day, around the clock, were spam - as were over 95% of all newly created threads. There was so much spam that the moderators simply stopped deleting the threads in order to have time to deal with actual issues of actual human users. And this happened not to an old, abandoned forum, but to a fresh and active community of over 150,000 users at the height of its popularity! It took the admins more than half a year of trying various solutions to finally succeed in shutting this down completely.

That is one example of multiple identical cases I have witnessed happening to IPS-based forums. I don't want to see the same thing happen again here, but it's already starting as we speak. Therefore I urgently ask the forum team to pretty please with a cherry on top make effective spambot protection your number one priority. If the existing vulnerability is not fixed, it will be exploited on a massive scale, guaranteed. Better get a head start on things before we're at the point where you have to make use of the search function to find KSP-related content among the deluge of spam.

Thanks for reading.

[Virtualgenius]

If this is truely the case wouldnt this have been one of the reasons to not get this software if its susceptible to spam bots

[Streetwind]

The thing is, you can make IPS4 perfectly immune to spambots. The example I cited above doesn't get spam anymore these days.

It's just that apparently the current state of the KSP forums is "totally not immune", probably because something of it is running on default settings which are easy prey for automated scripts. So changes must be made.

Edited December 8, 2015 by Streetwind

[Red Iron Crown]

What's really happening: We're having an issue where new accounts aren't being put into the moderation queue for their first few posts like they were on vB. 

The result: You're actually seeing the spambots that would otherwise have been caught by the moderation team in the queue.

In my observation so far, there are far fewer spambots getting registered on IPS than we had on vB, I would estimate that we had 5x-10x more on vB. The difference is that their posts are actually becoming visible to end users, so it's more noticeable.

[Streetwind]

Thanks for the response, this gives me confidence