3013 posts
  • Has sold $1+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Sells items exclusively on Envato Market
  • Has been a beta tester for an Envato feature
+2 more
TNL3542 says

ive reported it myself sent a tweet to envato support

7769 posts
  • Has been part of the Envato Community for over 5 years
  • Has sold $40,000+ on Envato Market
  • Sells items exclusively on Envato Market
  • Has referred 10+ members
+4 more
doru says

off course if the dev team would had put in place a simple lock of two threads/hour (who needs more than that? ) for each user and temporarily (30 minutes) block new post creation after one get reported for spam for like three times. What about mixing this with checking how old the user account is and how much activity the account had if is an old sleep account? And yes I’ve proposed this before and don’t act like this is new amazing invention staff never seen before. Is simple user interface logic.

But what do I know? :|

6080 posts
  • Sells items exclusively on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 6 years
+8 more
VF says

^ If something is too simple to solve… well Envato wont do that simple extra step! The amount of efforts needed from forum moderators is 100x times more than simple fix from developer work. But who cares.

80 posts
  • Has been part of the Envato Community for over 1 year
urbanray says

off course if the dev team would had put in place a simple lock of two threads/hour (who needs more than that? ) for each user and temporarily (30 minutes) block new post creation after one get reported for spam for like three times. What about mixing this with checking how old the user account is and how much activity the account had if is an old sleep account? And yes I’ve proposed this before and don’t act like this is new amazing invention staff never seen before. Is simple user interface logic. But what do I know? :|

I think they already have something like this, if you are new user you can’t post the message before 10 minutes. This is not going to work like this, as the spammer is not some dude registering for the new accounts and copy pasting the messages through the forums. They are injecting directly to the database, so adding such checks won’t help.

314 posts Tabvn
  • Has been part of the Envato Community for over 2 years
  • Has referred 200+ members
  • Has sold $250,000+ on Envato Market
  • Has been a beta tester for an Envato feature
+4 more
tabvn says

I agreed with @doru that : * Spammer will get blocked (their account) if first post get “reported as spam”, all posted from this account will disabled.

  • and we can auto blocked spammer account when have more than 5->10 clicked reported spam from Authors (authors must have sales, and so we can trust these account)
  • Also banned IP of spammer (list them into blacklist).
6080 posts
  • Sells items exclusively on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 6 years
+8 more
VF says

...They are injecting directly to the database, so adding such checks won’t help.

Is that possible? :O Even with such case, can’t that be taken care while retrieving recent threads from database?

80 posts
  • Has been part of the Envato Community for over 1 year
urbanray says


...They are injecting directly to the database, so adding such checks won’t help.
Is that possible? :O Even with such case, can’t that be taken care while retrieving recent threads from database?

If that won’t be, then other possibility is that baba ji really has the black magic and he’s creating topics with the magic, because as far I know there is already 10 minutes restriction to post the topic. It won’t let you post before 10 minutes.

1823 posts Don't Worry, Be Happy
  • Sells items exclusively on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
  • Located in United States
  • Made it to the Authors' Hall of Fame
+8 more
FinalDestiny says

Are you serious? Injecting directly in the database? So he has access to the whole database and he posts only some stupid topics where nobody understands anything? Really?

Didn’t you hear about bots that do this automatically? 10 minutes? So what? He makes an account, waits 10 minutes and then start spamming. And, for me, it looks like an overly amateurish job what the programmers at Envato are doing, if any kid that can build a bot can do this, the programmers at Envato should all quit, they’re all a bunch of amateurs. You’re not playing here, there are thousands of hundreds of dollars going through Envato everyday, this is not a game. Start acting professional please.

Envato: Ticket answer time: at least 3 weeks, spamming every single day, no mobile version of the site, but the “quality” you ask is extremely high, no new features for years, you need to start doing something.

80 posts
  • Has been part of the Envato Community for over 1 year
urbanray says

Are you serious? Injecting directly in the database? So he has access to the whole database and he posts only some stupid topics where nobody understands anything? Really?

No, I was telling a joke because I’m very funny guy.

Having access to database doesnt mean that you have a nice database interface where you can select to do whatever you want. It is possible to create the softwares to authenticate to the forums and then post the messages without using this web page.


Didn’t you hear about bots that do this automatically? 10 minutes? So what? He makes an account, waits 10 minutes and then start spamming.

I meant when if you have registered a new account, you cannot post new thread after posting first topic. I don’t after how many posts/days the user can post without any restriction.

7769 posts
  • Has been part of the Envato Community for over 5 years
  • Has sold $40,000+ on Envato Market
  • Sells items exclusively on Envato Market
  • Has referred 10+ members
+4 more
doru says

Having access to database doesnt mean that you have a nice database interface where you can select to do whatever you want. It is possible to create the softwares to authenticate to the forums and then post the messages without using this web page.

that’s a spam boot and is the way it works. it bypasses the interface, no need to click on links or whatever. But this doesn’t means he “injects” something in the database, he just exploits the way the server acts when he receive a certain requests. If the code on the server is intelligent then the server can detect certain behaviors and deal with them.

If someone stops and thinks, very important this step, he can analyze what is the behavior of users on this forum. Some of us post frequently is true, but we don’t create 50 threads in 10 minutes. Just a simple check on thread creation to see what time passed from the last time the user had created a thread can save a lot of problems. Just 30 seconds? Well, bad luck my friend: “You can’t create a new thread for another 30 minutes”

Also if the spammer created just one thread, then someone flag the first post in the thread, the server should change the thread title to “Thread flagged, pending review from staff” or something similar. So no more phone numbers, spam messages, stupid characters all over the place in the title.

There are like 22 developers on envato team and guess what, no one managed to think at this loop. I’m not even a web programmer and I come up with this simple solution. Maybe I’m some genius and I should create a new facebook and become billionaire.

by
by
by
by
by
by