JavaBot icon indicating copy to clipboard operation
JavaBot copied to clipboard
verified publisher icon Java-Discord

Huge amount of scam links going undetected by Automod

Open sahilasopa opened this issue 1 year ago • 7 comments

Currently, Javabot relies on the file src/main/resources/spamLinks.txt for detecting scam links, but this file was updated 3 years ago, it should be considered to update the file to contain the newest URLs

sahilasopa avatar Feb 18 '24 21:02 sahilasopa

I am unsure about the extent this file is actually used since the bot seems to load the new version of the spam URLs on startup.

danthe1st avatar Feb 18 '24 23:02 danthe1st

I am unsure about the extent this file is actually used since the bot seems to load the new version of the spam URLs on startup.

it does load it in memory but it should not be tooooo big of a problem unless the bot is hosted on a toaster, and I skimmed through the last few scam URLs sent on the server, the updated file in #482 seems to contain 9/10 of those URLs

sahilasopa avatar Feb 19 '24 13:02 sahilasopa

After doing a quick calculation, the file loads 195.73 KB of data in memory, which seems pretty reasonable.

sahilasopa avatar Feb 19 '24 13:02 sahilasopa

it does load it in memory but it should not be tooooo big of a problem unless the bot is hosted on a toaster, and I skimmed through the last few scam URLs sent on the server, the updated file in https://github.com/Java-Discord/JavaBot/pull/482 seems to contain 9/10 of those URLs

This is not about the amount of URLs. I was saying that I think that the bot actually doesn't use the file specified in the resources directory but automatically downloads the newest version and uses that.

danthe1st avatar Feb 19 '24 16:02 danthe1st

it does load it in memory but it should not be tooooo big of a problem unless the bot is hosted on a toaster, and I skimmed through the last few scam URLs sent on the server, the updated file in #482 seems to contain 9/10 of those URLs

This is not about the amount of URLs. I was saying that I think that the bot actually doesn't use the file specified in the resources directory but automatically downloads the newest version and uses that.

I missed that, well in that case the file should be removed from resources directory

sahilasopa avatar Feb 20 '24 11:02 sahilasopa

If that file is actually unused, it might be good to completely delete it but it would be necessary to verify this.

danthe1st avatar Feb 20 '24 11:02 danthe1st

Originally, it was loaded from resources but this was changed to automatically fetch it and the file might be completely obsolete since then (unless it would be in use somewhere else and I didn't find anything with a full-text search on spamLinks.txt so we can probably delete the file altogether.

danthe1st avatar Feb 20 '24 11:02 danthe1st

As described above, that file wasn't used and has even been removed by now.

danthe1st avatar Dec 08 '24 19:12 danthe1st