Add a Captcha to the comments section

That’s done by DominusTrex I am guessing

didn’t even know there were bots on the forum

Yeah looks like it.

Some people just wanna watch the world burn.

One of my first posts on RbxDev was about having not just a captcha on the comments but pretty much everywhere. http://devforum.roblox.com/t/site-wide-captcha/21720

This has been getting worse and worse in the past few months and is just making comments completely worthless. So Roblox was so displaced to disable them on their own items, but can’t be bothered to do something worthwhile about them?

EDIT: I actually just remembered a feature that I’ve seen on other websites before which is that you cannot paste anything into the comment box. This should fix pretty much all spam problems until the bots evolve.

Also just checked the comments on Murder Mystery 2, 1045 consecutive spam comments. That might beat that video @berezaa

Here’s the video:

The first and 4th from the bottom are the only actual comments

Bringing this back up again. I still haven’t heard from an admin about this.

The bots don’t use the comment box though, they just replicate the request that makes the comment and use their own data.

Yeah, this is desperately needed - the project I work on is nothing but spam comments now.

If these are as passable as you say, then can we not create a filter for comments?
There is a huge amount of comments leading to sites and containing the phrase “Free robux” or “Robux.gift”.
If we as developers are annoyed by this, then I think its only right we should help you guys.
Perhaps if there was a thread within the moderation forum that allowed Developers to post phrases to be used in a live filter (Much like the profanity filter), and moderated by Roblox.
That way if one developer catches wind of it, it can affect the use of spam-bots site wide, near instantly.
And to keep the spammers out of the loop, only display the comment for them, but don’t allow it to be displayed to anyone else.

Unless they’re actively looking to see if their spam is going through, it may take a while for them to catch on, and even when they do, us Devs can just find the new threats and remove them.
Edit:
Additionally, it looks like theres a portion of spammers who are simply hacked accounts. This helps the account stay alive a little longer, so whoever has lost it has a chance of reclaiming it.

Or actually have the ability to moderate the comments on your own game.

I was thinking that, but then you’ll get clickbait games and scummy devs removing comments with negative feedback/exposing the scam.
The filter seems less likely to be exploitable

Manual moderation should always be a last resort situation. Deleting reviews would also be a big issue.

It’d be nice if the same comment couldn’t be posted twice, or if robux weren’t allowed to be be mentioned. I’ve had to turn off comments on my games because of the spam

Still no official word on this?

nope.

Hi.

We have taken steps over the years to reduce comments (and forum) spam. A verified email is already required for comment posting. Also the account has be 1 day old to post a comment. And we do have IP address floodchecking for account creation and post floodchecks.

All the bots you see posting comments have a verified email, have existed for more than a day, and used IP address masking to get past floodchecks. They are highly motivated to do whatever it takes to post comments, because it makes them money on the black market. They will adapt to post CAPTCHAs by hiring human solvers. They will adapt to game play requirements by having their bots play the game for however long it takes to meet the requirement.

We are not ignoring this issue. We’re working on shorter and longer term fixes. That’s all I can say about it at this time.

Human solvers can’t do this:

That’s well over a thousand consecutive spam comments on a popular game. This is what every game looks like right now.

I really think the hackers will have to put more money into having humans solve the CAPTCHAs than they make off of scamming. Are they willing to spend money in the first place? I know adding a CAPTHCAs wont fix the issue, but it will be more effective than the verified email and the steps we have now.

I can only imagine how many of these posts would be created if these checks were active.

I agree with this. How sophisticated even are these bots? Even if the person behind them is serious about trying to scam people, a captcha would still slow these bots down. Its reached crisis point if you ask me.

They’re already spending money running servers to spam like this. Capchas aren’t expensive to crack either.

Let’s say capchas are implemented. The spammers will have to spend, let’s say 50% of their revenues cracking the capchas. Any sane person would rather spend half of their earnings than have no earnings at all. The issue wouldn’t stop.