Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options

Issue with spammers

Hi,

I have been having a lot of issues with spammers having post some unwanted stuffs on the forum on my website. Is there anyway this could be prevented ( logically there does not seem to be anything that could be done other than blocking their email Id's , I have done that ) ?

I have rather thought of a different way to go about fixing this problem (or atleast gaining some controll). What I have planned to do is to disable the easy sign in by commenting out the code on the forum page and just allow the users to sign in using their social networking Id's , thus able to get more details on the user ( Hopefully this would filter out some spammers ). To implement that I am thinking of a solution where in I can provide just the login for admin using some url. Is this possible ? Or can you guys please let me know the page (.php) where in, the login validations are checked so that I can find a workaround ?

Regards,
Varun

Comments

  • Options
    TamaTama United Kingdom ✭✭✭

    Install the Akismet and StopForumSpam plugins from this repo https://github.com/vanillaforums/Addons/tree/master/plugins .

    You could also change registration methods from "Basic" to "Connect"

    There was an error rendering this rich post.

  • Options

    I specifically would need to prevent users from logging in using the 'sign in' option on the menu bar (however , allow sign in using their social network website accounts). I tried commenting out the {signinout_link} on the default.master.tpl file in themes->mytheme folder. But noticed that the template file makes use of the same smarty variable to sign in as well as sign out. Could I do this in any other way ? Thanks

  • Options

    You can make the {signinout_link} only show up for signed in users by adding a conditional like this:

    {if $User.SignedIn}{signinout_link}{/if}

    Add Pages to Vanilla with the Basic Pages app

  • Options

    Don't break the login functionality of your forum just to keep spammers at bay. The idea of making my site dependent on a third-party company (and partner of the NSA) doesn't sit well with me.

    Use the BotStop and StopForumSpam plugins in combination with Approval registration.

  • Options

    Thanks @Shadowdare for the accurate reply. Much appreciated :)

    Thank you @50sQuiff for the suggestion. I will check that out. Cheers

  • Options

    @50sQuiff said:
    Don't break the login functionality of your forum just to keep spammers at bay. The idea of making my site dependent on a third-party company (and partner of the NSA) doesn't sit well with me.

    Use the BotStop and StopForumSpam plugins in combination with Approval registration.

    Blocking or disabling functionality isn't necessarily an issue, especial if it only one way of authenticating.

    He could block /entry/singin if it is not being used by his users.

    grep is your friend.

  • Options
    vrooom4vrooom4 New
    edited August 2013

    Comment removed

  • Options

    Hi ,

    Good Morning. There is this one more place I missed out to mention ( to not allow users sign in directly ).

    When a user clicks on his name on the post he will be redirected to a page to display the login form. The href would be something like http://mywebsite.com/myforum/profile/1234/username. This will take me/user to the login page. I want to disable this as well. Please let me know what has to be done to achieve this. Thanks.

    Regards,
    Varun

  • Options
    vrijvlindervrijvlinder Papillon-Sauvage MVP

    Make registration by invitation only and use a plugin like force-redirect to keep them from accessing the login page by removing the controller from the list.

  • Options

    @vrijvlinder I don't think he want to redirect. He want to disable redirection.

    I'm not a fan of the force redirect plugin, this should be handled by roles and permissions. Redirection is already in the core.

    grep is your friend.

Sign In or Register to comment.