Inspired by this posting http://stackoverflow.com/questions/72394/what-should-a-developer-know-before-building-a-public-web-site, I wanted to know:
What should I know about user antisocial behavour? I know some users will try everything mentioned in that posting. Other users will spam others, write post to troll others. What are some things I should worry so I can design a way to revert these actions?
The website I plan to build is a user content site - such as YouTube, Wikipedia and SO :).
If there's any sort of reputation scheme, you should assume that the users will make every attempt to game the system in a myriad ways that you would not have dreamed of. Make sure you are logging and monitoring as much as possible, so that you can detect wayward activity and rectify things afterwards - and then ensure it doesn't happen again, and know that your logging and monitoring will spot it happening again if the fix doesn't work well enough. Repeat ad nauseam.
If you have logins and passwords, allow as many characters as possible in the passwords - both in terms of length and character repertoire. Just make sure you don't get fooled into executing anything that is in the password. Similar rules might apply to logins; more likely, you'd do better to use an email address (relatively easy to validate) or something like OpenID.
What they said...
One thing I learned that helps when dealing with obnoxious users is not to deal with them via a personal account.
If you put your own name on a post or something when dealing with a troll you're opening yourself to personal attacks, especially if it's in any way debatable. Much better to approach them as Staff or Admins than your own name.
There is a way to troll almost anything on the internet if you have enough time to waste. Any attempt to limit anti-social behavior needs to be balanced by how it restricts other users. You don't want to scare away your good users. Since any community site on the net succeeds by attracting people, make sure your sensitive to how people respond to changes you make on the system.
I think a lot of patience is needed. I would also be cautious about "firing from the hip" in response to someone's actions. You don't want to let people provoke you into exhibiting anti-social behavior yourself.
Banning people never works. Much easier to make offensive people's posts invisible to all but the offender. Trolls exhaust enormous amounts of energy trying to get a rise out of people, and its all for nothing since their hard work is perfectly invisible to the rest of us. I've found this technique of starving people of attention is orders of magnitude more successful than banning people outright.