Skip to content

Spam spam spam

Solved Configure
  • My nodebb instance had 50 new joiners over a month, all posting spam.
    I had to turn on Admin approval to try and limit this.
    But Im still getting Spammers. Location of IP gives a clue as most of these accounts come from a certain area, but its impossible to know for sure.
    How to enable code that on registration they have to type why they want to join forum, so admin has more idea on what their motivations are?

  • My nodebb instance had 50 new joiners over a month, all posting spam.
    I had to turn on Admin approval to try and limit this.
    But Im still getting Spammers. Location of IP gives a clue as most of these accounts come from a certain area, but its impossible to know for sure.
    How to enable code that on registration they have to type why they want to join forum, so admin has more idea on what their motivations are?

    @Panda the simplest way around this is to leverage the post queue in NodeBB. You could also have a look at nodebb-plugin-registration which asks a question which the user needs to answer before being able to proceed.

  • What do you mean by ‘leverage the post queue’?

    nodebb-plugin-registration doesnt seem to be on the ACP list of plugins?

  • What do you mean by ‘leverage the post queue’?

    nodebb-plugin-registration doesnt seem to be on the ACP list of plugins?

    @Panda said in Spam spam spam:

    What do you mean by ‘leverage the post queue’?

    This specific feature allows you to vet all incoming post requests in the form of a queue before they are applied so you can decide if they are appropriate or not before releasing them.

    @Panda said in Spam spam spam:

    nodebb-plugin-registration doesnt seem to be on the ACP list of plugins?

    Correct. It needs to be installed using the CLI.

  • ok, yes Ive seen the queue, it shows IP, but doesnt have a field for comments from registrant.

    It would be better if nodebb had this plugin included in ACP list, as not only then do you know its approved and should work, but many people cant or dont want to use CLI on the server

  • undefined Panda has marked this topic as solved on 24 Dec 2024, 12:10
  • ok, yes Ive seen the queue, it shows IP, but doesnt have a field for comments from registrant.

    It would be better if nodebb had this plugin included in ACP list, as not only then do you know its approved and should work, but many people cant or dont want to use CLI on the server

    @Panda said in Spam spam spam:

    ok, yes Ive seen the queue, it shows IP, but doesnt have a field for comments from registrant.

    It’s not designed for that. It merely serves as a gateway between posts appearing on your form or not.

    @Panda said in Spam spam spam:

    It would be better if nodebb had this plugin included in ACP list, as not only then do you know its approved and should work, but many people cant or dont want to use CLI on the server

    That’s a question for the NodeBB devs but in all honesty you can’t not use the CLI when installing nodebb so to be this isn’t a big deal.

  • Did this solution help you?
    Did you find the suggested solution useful? Why not buy me a coffee? It's a nice gesture, and a great way to show your appreciation 💗


5/6

24 Dec 2024, 12:10



Related Topics
  • Nodebb design

    Solved General 11 Jul 2023, 10:13
    1 Votes
    2 Posts
    320 Views
    @Panda said in Nodebb design: One negative is not being so good for SEO as more Server side rendered forums, if web crawlers dont run the JS to read the forum. From recollection, Google and Bing have the capability to read and process JS, although it’s not in the same manner as a physical person will consume content on a page. It will be seen as plain text, but will be indexed. However, it’s important to note that Yandex and Baidu will not render JS, although seeing as Google has a 90% share of the content available on the web in terms of indexing, this isn’t something you’ll likely lose sleep over. @Panda said in Nodebb design: The “write api” is preferred for server-to-server interactions. This is mostly based around overall security - you won’t typically want a client machine changing database elements or altering data. This is why you have “client-side” which could be DOM manipulation etc, and “server-side” which performs more complex operations as it can communicate directly with the database whereas the client cannot (and if it can, then you have a serious security flaw). Reading from the API is perfectly acceptable on the client-side, but not being able to write. A paradigm here would be something like SNMP. This protocol exists as a UDP (UDP is very efficient, as it is “fire and forget” and does not wait for a response like TCP does) based service which reads performance data from a remote source, thus enabling an application to parse that data for use in a monitoring application. In all cases, SNMP access should be “RO” (Read Only) and not RW (Read Write). It is completely feasible to assume complete control over a firewall for example by having RW access to SNMP and then exposing it to the entire internet with a weak passphrase. You wouldn’t do it (at least, I hope you wouldn’t) and the same ethic applies to server-side rendering and the execution of commands.
  • 36 Votes
    92 Posts
    9k Views
  • SEO and Nodebb

    Performance 4 Jul 2023, 09:11
    2 Votes
    2 Posts
    342 Views
    @Panda It’s the best it’s ever been to be honest. I’ve used a myriad of systems in the past - most notably, WordPress, and then Flarum (which for SEO, was absolutely dire - they never even had SEO out of the box, and relied on a third party extension to do it), and NodeBB easily fares the best - see below example https://www.google.com/search?q=site%3Asudonix.org&oq=site%3Asudonix.org&aqs=chrome..69i57j69i60j69i58j69i60l2.9039j0j3&sourceid=chrome&ie=UTF-8#ip=1 However, this was not without significant effort on my part once I’d migrated from COM to ORG - see below posts https://community.nodebb.org/topic/17286/google-crawl-error-after-site-migration/17?_=1688461250365 And also https://support.google.com/webmasters/thread/221027803?hl=en&msgid=221464164 It was painful to say the least - as it turns out, there was an issue in NodeBB core that prevented spiders from getting to content, which as far as I understand, is now fixed. SEO in itself is a dark art - a black box that nobody really fully understands, and it’s essentially going to boil down to one thing - “content”. Google’s algorithm for indexing has also changed dramatically over the years. They only now crawl content that has value, so if it believes that your site has nothing to offer, it will simply skip it.
  • 0 Votes
    5 Posts
    433 Views
    @Panda as, yes, now I understand and that makes 100% sense. It means those who get down voted can still have an opinion and use common services. And yes, you’re right. Rather than down vote, just ignore if you don’t agree.
  • 1 Votes
    16 Posts
    718 Views
    @DownPW sure. Let me have a look at this in more detail. I know nginx plus has extensive support for this, but it’s not impossible to get somewhere near acceptable with the standard version. You might be better off handling this at the Cloudflare level given that it sits in between the requesting client and your server.
  • 13 Votes
    22 Posts
    2k Views
    Been playing with the user profile page this afternoon. Thought I’d post a video as I’m really pleased with how this came out profile-screen-capture.webm
  • 3 Votes
    2 Posts
    245 Views
    @cagatay JS will work fine - no changes there, and there are no plans to drop support for jQuery. More of an issue is the CSS - for which there are quite a few breaking changes. Keep an eye on sudonix.dev (my development site) where you can see progress in relation to how I am tackling the compatibility issues.
  • 1 Votes
    2 Posts
    693 Views
    @eveh Welcome board The code you are referring to is custom written as no such functionality exists under NodeBB. However, adding the functionality is relatively trivial. Below are the required steps Navigate to /admin/appearance/customise#custom-header Add the below code to your header, and save once completed <ol id="mainbanner" class="breadcrumb"><li id="addtext">Your Title Goes Here</li></ol> Navigate to /admin/appearance/customise#custom-js and add the below code, then save $(document).ready(function() { $(window).on('action:ajaxify.end', function(data) { // Initialise mainbanner ID, but hide it from view $('#mainbanner').hide(); var pathname = window.location.pathname; if (pathname === "/") { $("#addtext").text("Your Title"); $('#mainbanner').show(); } else {} // If we want to add a title to a sub page, uncomment the below and adjust accordingly //if (pathname === "/yourpath") { //$("#addtext").text("Your Title"); //$('#mainbanner').show(); //} }); }); Navigate to /admin/appearance/customise#custom-css and add the below CSS block .breadcrumb { right: 0; margin-right: auto; text-align: center; background: #0086c4; color: #ffffff; width: 100vw; position: relative; margin-left: -50vw; left: 50%; top: 50px; position: fixed; z-index: 1020; } Note, that you will need to adjust your CSS code to suit your own site / requirements.