Blog Documentation Try Vanilla Cloud
Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options

Anonymous posts or easier registration

2»

Comments

  • Options
    MarkMark Vanilla Staff
    Yeah - it's all totally flexible that way.
  • Options
    lechlech Chicagoland
    excellent, that rocks then!
  • Options
    averymaverym
    edited December 2005
    If you want to allow posting without registration, Vanilla is probably not the proper forum software for you, as discussed here: http://lussumo.com/community/comments.php?DiscussionID=927 (basically I'm repeating what Mark said...)
  • Options
    StahnStahn
    edited March 2006
    Hello, I'm a new user here. Basically, I want to see an option for Anonymous posting, or Guest posting. I run a WordPress install (still "closed" to the public) and I hate comments. It's a hassle to maintain, they get spammed a lot, etc. If you ran a WP install, you know what I'm talking about. So, I wanted a Forum solution! Lots of control... but then, there is the problem with registrations. No one will register to say "Hey, I like your article" (my WP install isn't a blog, is more like a normal website). So I wanted an anonymous posting forum. And, clean, and, fast. So, most forums discarded (phpBB, SMF, QSF), then I ran across Vanilla. Mark mentioned "I seriously have no plans on making vanilla have anonymous posting. I would, however, consider using the framework to make a completely different version of the forum purely for anonymous posting." I'd love to see that. How can we make it secure? Simple, with a Captcha in the posting form, so most bots will be nulled. However, an Admin account should be needed for basic config. That's it, thanks for reading all this stuff, I hope you guys take me seriously, because I do with you. Vanilla is really nice :)
  • Options
    MarkMark Vanilla Staff
    I still think it would be fun to make one of those, but that is way down the road. Vanilla is priority #1 right now.
  • Options
    lechlech Chicagoland
    I seriously think that signing up with vanilla compared to other forums is probably the easiest out there. Given that many have the option to post by inputting your valid email and a nickname (repeatedly) if the option for your forum is to automatically grant new users instant access as a member, you're pretty much set. Other than giving the admin control of what kind of data a new user has to input to register with the forum system, I see no point in having to trim much down. Instead maybe make it more flexible to allow the admin to do what I just mentioned. Anything else would seriously just be inviting the spam and hiring janitors and watchdogs to clean up all the messes created. The only other idea I can offer up in the open posting without registration is by securing a nickname to an email address without profile. But still holding that email safely within vanilla's user DB in trade that the type of account is severely limited in what the user can say or do. For example: start only 2 threads with a dozen replies per 24 hour periods. While it won't kill the spam it should keep things minimal. Additionally locking that user name to a specific IP would help. All the user would then have to do is just input a nick and the password would be their email. The system would lock any attempts for that IP attempting to create more accounts on that IP (to stifle masquerading) and hold these accounts in the approval queue seperate from actual accounts with more rights. If at any point the user wants to really register, they can and the system can then reassign all those threads they started under the previous account to the fully loaded one. Just an idea, I'm full of them today.
  • Options
    StahnStahn
    I agree with you, lech, but if I just wanna make a little comment on something, I won't register. Most registrations nowadays are: 1. input data 2. mail server send mail (some servers can take long) 3. check mail, if you don't use pop3 is a damn hassle 4. login And then, post. Let's say, "I don't know Vanilla, so I don't know the registration process. It's a forum, so it will take some time." In the end, I won't register at all. ---- About your other idea (using mail as password), not bad, really, but again, who really goes into a forum to post in the name of other person? Impersonating another person is a risk that the anonymous user must take. They want to left their name? They have the option. They don't want? Also, they have the option. The idea I really like is the limit, with cookies I imagine that we can limit the permissions of the guest usergroup (hash, sessions and stuff like that). The IP thing at the end is useless, think about Dynamic IPs.
  • Options
    lechlech Chicagoland
    Well, like i said, it was just an idea, but people (mainly the trolls) will take and abuse user names to their own advantage. Even if you don't formally register, the username and email as password approach would still deny anyone attempting to spoof that name since it's temporarily reserved by the given email address. This would allow for posting without the user needing to check their email to get a confirmation altho I bet if the admin wanted, they could enable the feature. On most forums that are open, I've often witnessed abuse to such an extent where literally a dozen people were spoofing under the same name, and this is where the idea stemmed from. The IP tracking is somewhat useful to the administration trying to knock out abusive trolls of that type, dynamic IP or not, you can still get around most types of security.
This discussion has been closed.