Too much CP on my new imageboard

[txRR]

hey guys!

I just launched my first anonymous imageboard. Visits are going well but i got too much CP posts..Like 1 every hours..
I'm thinking of queuing the new posts for aprouval but i don't know if people will continue to post notables pictures..

Any suggestions ?

[bookbuster]

ban ip's ?? I know everyone is using a proxy, but maybe they will get the idea.

[txRR]

If you ban 1 ip the guy will just restart his modem and he will get a new one from his ISP so i dont know

[Lonely immortal]

anonymous imageboards always attract the sickos. Approving each and every post will become too time consuming as your board grows.

Personally I would require a verifiable email to post but then you'd lose that anonymity. If you want to keep that all I can think of is to ban ip's and put a report button into each post if not already done so.

[txRR]

i just banned something like 20 ips. Usually always the same people using 2-3 different ips..

After reflexion i think this is the best solution. Will see how this goes for the next days, and otherwise going with email verification.. But there also will maybe have to ban spambox email adresses

And the report button is already in place :-)

[baryl]

sounds like way too much of a pain in the ass for not much work/reward ratio

[PowerCum]

Had similar problem some time ago with a free blog host project. Was several years ago, and was not a very pleasant experience.

Solved it by doing the following...

After I got the first similar post I contacted my datacenter local FBI agent since the server was hosted in USA. Then also he gave me contact for Interpol since my company is based in Spain. I also had spanish police coming to my office almost every day gathering data.

Then I changed the post coding to log into the database the IP, the proxy and all the HTTP headers also with the hour. That's important because without the hour tracking becomes a bit more difficult for law enforcement officers. In fact, I got exact instructions on what to log and how to log it.

When someone posted anything on the site, his IP and all the extra info was logged. Then when the image/post is displayed you can just put under it "Posted by *.*.123.123 on date-time". Then wen posted anonymously start a php session and allow the user to "delete" his post for about 10 minutes after being posted. By starting a php session you can track the surfer even if he changes IP. Usually when they post via proxy they try to load it from their real IP as a surfer and see if it loads ok. Also with some luck you get to log on what forums was that image/post linked.

You will be amazed how fast they will stop posting crap on your site. Of course, the delete button just marked a field into the database as hidden and didn't show it anymore, but all the data stayed still there, so the offenders could be tracked.

Now here comes the catch #1... Most hosting providers will boot you as soon as they get notice of this happening. My hosting provider for that project had no problem at all because with their collaboration several pedos were jailed. Also they knew that I had direct phone line with a FBI agent they put me in contact with.

And the catch #2 is... When you go to report for any such stuff to the authorities, your servers HDs are taken out of the server and you will not see these HDs back again because they will be used as evidence in the future. In my case, the project was quite big and there were several servers in tandem with duplicated information, so I gave full access to one of them to the FBI and the hosting provider. This includes root password, database passwords and detailed info how every bit of information was organized. For them it was just a data dump server. They just had to put new HDs every day and the replication script replicated the info in real time... that was on my expenses, but the site never got shut down and acted a bit like a honeypot for pedos.

Catch #3 is... At some point you will have to sign several legal papers and then go to courts as collaborator in the investigation. In my case had to travel to USA and also to Germany.

If you have the resources to do such thing, then I suggest you to contact your local authorities and ask them how should you proceed. In the situation you described, you have 3 options:
1 ) Shutdown the site
2 ) Manually approve everything... you will still have to report to authorities sooner or later. So better go to option #3 to get yourself safe.
3 ) Contact your local authorities and ask them for advice. Be smart on this one and don't tell them that cp is being posted on your site because it will be shutdown overnight. Just tell them that you plan to open a site for free image hosting and you would like to know what info should be logged and how they would like to get things reported in case of terrorist, cp or similar info is posted. Don't say only cp, add the terrorist stuff too. Also tell them that the project is till not ready and you plan to launch it in the next few weeks... After you get the contacts and the needed info, you will be ready to report without worrying of your server being raided.

[txRR]

Hi powecum,

Thank you for the time you took for sharing your story. This is really important information !

Actually i already logged the http header with UTC date/time but the session thing is something i'm going to develop and keep the content in a separate folder when the user delete it or myself so i can keep it as proof. Very nice idea.

I've just put a good visible message talking about fbi/interpol i hope this is going to dissuade them from posting..

If this is not working in the next days i'm going to contact my local authority. But as you said if this is really too restrictive with paper, flight, server i will maybe just moderate...

Will keep you update. Thanks again !