Skip to content
Sudonix

Spam spam spam

Solved Configure
6 2 855 1
  • Pandaundefined

    My nodebb instance had 50 new joiners over a month, all posting spam.
    I had to turn on Admin approval to try and limit this.
    But Im still getting Spammers. Location of IP gives a clue as most of these accounts come from a certain area, but its impossible to know for sure.
    How to enable code that on registration they have to type why they want to join forum, so admin has more idea on what their motivations are?

    0
  • Pandaundefined Panda

    My nodebb instance had 50 new joiners over a month, all posting spam.
    I had to turn on Admin approval to try and limit this.
    But Im still getting Spammers. Location of IP gives a clue as most of these accounts come from a certain area, but its impossible to know for sure.
    How to enable code that on registration they have to type why they want to join forum, so admin has more idea on what their motivations are?

    phenomlabundefined

    @Panda the simplest way around this is to leverage the post queue in NodeBB. You could also have a look at nodebb-plugin-registration which asks a question which the user needs to answer before being able to proceed.

    Mark
    Founder - Phenomlab Ltd

    Executive Technology & Security Leadership

    1
  • Pandaundefined

    What do you mean by ‘leverage the post queue’?

    nodebb-plugin-registration doesnt seem to be on the ACP list of plugins?

    0
  • Pandaundefined Panda

    What do you mean by ‘leverage the post queue’?

    nodebb-plugin-registration doesnt seem to be on the ACP list of plugins?

    phenomlabundefined

    @Panda said in Spam spam spam:

    What do you mean by ‘leverage the post queue’?

    This specific feature allows you to vet all incoming post requests in the form of a queue before they are applied so you can decide if they are appropriate or not before releasing them.

    @Panda said in Spam spam spam:

    nodebb-plugin-registration doesnt seem to be on the ACP list of plugins?

    Correct. It needs to be installed using the CLI.

    Mark
    Founder - Phenomlab Ltd

    Executive Technology & Security Leadership

    1
  • Pandaundefined

    ok, yes Ive seen the queue, it shows IP, but doesnt have a field for comments from registrant.

    It would be better if nodebb had this plugin included in ACP list, as not only then do you know its approved and should work, but many people cant or dont want to use CLI on the server

    0
  • Pandaundefined Panda has marked this topic as solved on
  • Pandaundefined Panda

    ok, yes Ive seen the queue, it shows IP, but doesnt have a field for comments from registrant.

    It would be better if nodebb had this plugin included in ACP list, as not only then do you know its approved and should work, but many people cant or dont want to use CLI on the server

    phenomlabundefined

    @Panda said in Spam spam spam:

    ok, yes Ive seen the queue, it shows IP, but doesnt have a field for comments from registrant.

    It’s not designed for that. It merely serves as a gateway between posts appearing on your form or not.

    @Panda said in Spam spam spam:

    It would be better if nodebb had this plugin included in ACP list, as not only then do you know its approved and should work, but many people cant or dont want to use CLI on the server

    That’s a question for the NodeBB devs but in all honesty you can’t not use the CLI when installing nodebb so to be this isn’t a big deal.

    Mark
    Founder - Phenomlab Ltd

    Executive Technology & Security Leadership

    0
Log in to reply

Did this solution help you?
Did you find the suggested solution useful? Support 💗 Sudonix with a coffee
If your organisation needs deeper expertise around infrastructure, security, or technology leadership, learn more about Phenomlab Ltd. Many of the deeper technical guides behind Sudonix are published there.

Related Topics
  • crazycellsundefined

    "most votes" ranking option is not respecting the plugin

    Bugs nodebb
    5
    1
    3 Votes
    5 Posts
    957 Views
    phenomlabundefined
    @crazycells Agreed. It takes a more sensible approach. Nobody ever upvotes the first post - it’s usually much further down as the conversation progresses.
  • Pandaundefined

    Nodebb design

    Solved General nodebb
    2
    1 Votes
    2 Posts
    844 Views
    phenomlabundefined
    @Panda said in Nodebb design: One negative is not being so good for SEO as more Server side rendered forums, if web crawlers dont run the JS to read the forum. From recollection, Google and Bing have the capability to read and process JS, although it’s not in the same manner as a physical person will consume content on a page. It will be seen as plain text, but will be indexed. However, it’s important to note that Yandex and Baidu will not render JS, although seeing as Google has a 90% share of the content available on the web in terms of indexing, this isn’t something you’ll likely lose sleep over. @Panda said in Nodebb design: The “write api” is preferred for server-to-server interactions. This is mostly based around overall security - you won’t typically want a client machine changing database elements or altering data. This is why you have “client-side” which could be DOM manipulation etc, and “server-side” which performs more complex operations as it can communicate directly with the database whereas the client cannot (and if it can, then you have a serious security flaw). Reading from the API is perfectly acceptable on the client-side, but not being able to write. A paradigm here would be something like SNMP. This protocol exists as a UDP (UDP is very efficient, as it is “fire and forget” and does not wait for a response like TCP does) based service which reads performance data from a remote source, thus enabling an application to parse that data for use in a monitoring application. In all cases, SNMP access should be “RO” (Read Only) and not RW (Read Write). It is completely feasible to assume complete control over a firewall for example by having RW access to SNMP and then exposing it to the entire internet with a weak passphrase. You wouldn’t do it (at least, I hope you wouldn’t) and the same ethic applies to server-side rendering and the execution of commands.
  • Pandaundefined

    adding some console.log to Nodebb

    Solved Customisation nodebb
    4
    1 Votes
    4 Posts
    1k Views
    phenomlabundefined
    @eeeee if you’re using the console, you could try node app.js > app.log 2>&1 This would redirect stdout to a file named app.log and redirect stderr to stdout. I’m not sure about standard logging under NodeBB, but there is an error log located at logs/error.log. Failing that, you could always stop the NodeBB service then use ./nodebb dev from the console which would then provide debug output.
  • phenomlabundefined

    v3 & Harmony diary / thoughts / code snippets

    Announcements harmony v3.beta1 nodebb
    55
    5
    36 Votes
    55 Posts
    12k Views
    phenomlabundefined
    @DownPW I see why. The code relies on the existence of [component="topic/quickreply/container"] However, this by definition means that the below has to be enabled [image: 1679077966615-aeef638f-4188-489d-a9f2-f3a26dbca9d8-image.png] It will then work [image: 1679077992245-7fb38631-e0f3-46ef-b652-00929d927b13-image.png] For some unknown reason, this is hidden in Harmony, and only shows if you select it. In v2, it seems that the <section> is deleted altogether in Persona if “Quick Reply” is disabled, meaning it won’t fire as it can’t locate that specific component. The downside is that you might not want the quick reply function, but I think it’s a PITA to scroll up to the top of the post just to reply, so I have it on
  • cagatayundefined

    How to fix size of photos & videos NodeBB

    Solved Customisation nodebb nodebb size
    7
    3 Votes
    7 Posts
    1k Views
    phenomlabundefined
    @crazycells pleasure. Using percentages makes much more sense in this case. It’s the same argument with px vs pt vs em with fonts, margins, padding, etc., in the sense that em is generally preferred over px and pt https://stackoverflow.com/questions/609517/why-em-instead-of-px
  • cagatayundefined

    Post Style View

    Solved Customisation post style sudonix nodebb
    67
    2
    18 Votes
    67 Posts
    17k Views
    DownPWundefined
    @cagatay Just add margin-left on the element like @phenomlab said to you : topic [component="post/parent"] { margin-left: 10px; } [image: 1669191112290-aa08c62b-4223-4cba-8c0f-c73d50474c0d-image.png] Maybe @phenomlab have a better way
  • JACundefined

    Forum registration email goes to spam

    Moved Solved Configure
    6
    1 Votes
    6 Posts
    1k Views
    JACundefined
    @phenomlab emails mate, although I seem to have used a different email on each browser to remain logged in for cough cough posts .
  • JACundefined

    Display tweets in widget [NodeBB]

    Solved Customisation
    29
    4 Votes
    29 Posts
    8k Views
    JACundefined
    @phenomlab brilliant, many thanks Mark