How do we handle spam users/ content on elgg-based web sites ?
We have experienced it. On a site we have not even opened to the public yet. A number of folks have left porn. We will moderate, but when users build porn blogs and whatever it's time-consuming to have to delete it all. And the users can only be banned, not deleted, which leaves a bunch of messy pics and files.
So rjcalifornia, how do you keep bad guys out of your site. And what do your moderators do with the user profiles and activitey when you ban them?
Do you admin approve groups. Or allow anyone to set up groups as they wish?
Do you admin approve all uers when they sign up, or can anyone signup whenever they please?
"not even opened to the public yet. A number of folks have left porn."
*** we are same --> closed site, still see spam and porn ;-(
And the users can only be banned, not deleted, which leaves a bunch of messy pics and files.
*** we're working on this code = "banned user" --> they and their content becomes *invisible*
Do you admin approve all uers when they sign up, or can anyone signup whenever they please?
*** for us --> anyone can sign up... BUT
if they are bad -- we do log their IP and other details AND they got nowhere to hide
I see Brett has left a message in another group about spammers they are having problems with here. It appears this is going to be an issue that we need to take seriously and fix however as effectively as we can. I realize it'll be an onoging issue, but we need to stay in front of it.
We are willing to admin approve every user, but there isn't any way that I know how to do that aside from Site Access which isn't being supported.
We are willing to admin approve every group before it's open, but I don't know of plugins that will be 1.7 compatible.
We're basically in a holding pattern until 1.7 gets further down the line and we see who comes up with what.
It's best for us to keep our communities as tight and clean from the start as possible rather than chasing down the bad guys. But it doesnt' appear there's anyway to do that quite yet.
I got a case where a the mod posted a link to rapidshare (music) which was against our policy, so I sent him a message and he changed to a link to Amazon Music Store....
It's been 30 years since my first bbs. We've been to the moon and back. I can't believe we can't stop spammers.
All we want is an effective way to watch over things. 1) admin approve all users. 2) admin approve all new groups. 3) EASILY delete bad guys and all their files. To much to ask of elgg?
Actually, best of all, although not mandatory, we'd like to admin approve everything. One porno message in a family-friendly site that a mother or child or teacher could see, is dangerous.
@ Dhrup - I remember reading in another group that you guys were working on something. Where are you with it? 1.7 compatible?
some sites let user pay for registration 5o cent per sms
and here are my spammers table :)
Bearbeiten Löschen 15 freet chat with singles yorchay 9639028730970ad42c1d46fc3be1c7cf 5030130c firstname.lastname@example.org no 1264947184 0 0 0
Bearbeiten Löschen 16 asian dating chat henpenn 1db0f5b2f671e141b0ae9d765a46c6a6 a8518f10 email@example.com no 1264949738 0 0 0
Bearbeiten Löschen 17 bbw dating ssbbw personals bbbw dating casplav 19235c0779875ad4d387cc6ffe93840d 14fe6f23 firstname.lastname@example.org no 1264954047 0 0 0
Bearbeiten Löschen 18 cheapest single trip travel insurance tamanevi e61e2cf913e97b9743683f35d2234b1d ba6cab5a email@example.com no 1264956547 0 0 0
Bearbeiten Löschen 19 chat sites for siberian husky owners zevharr 638d16200eac3889de8131346084b3f8 c9bb4a96 firstname.lastname@example.org no 1264957336 0 0 0
Bearbeiten Löschen 20 chat.com uepa dagnwakl 505e5860373e61e44f8182cbe09665ce d5410e4d email@example.com no 1264958431 0 0 0
Bearbeiten Löschen 21 long hair dating boston prafla edb416a3f9b8526f1a17eadcf4168cb5 749d72b1 firstname.lastname@example.org no 1264958637 0 0 0
Bearbeiten Löschen 22 free chat without inscription parralbi 145c00234e2c1ce5e5d13c9d8da83f00 e7b07f53 email@example.com no 1264958784 0 0 0
Bearbeiten Löschen 23 relationship questions and answers ferrkel 8cf699fa53310c9241585cf4c96833eb 5f3fd262 firstname.lastname@example.org no 1264959959 0 0 0
Bearbeiten Löschen 24 reviews online dating phylyahb 7632a16beb8ab14a09d9dde5fccbacc7 e2eb5c14 email@example.com no 1264959960 0 0 0
Bearbeiten Löschen 25 free chat rooms without register makcjess 9c19161ad97acbd4683b56779f4f792f 4a7cd329 firstname.lastname@example.org no 1264961286 0 0 0
Bearbeiten Löschen 26 Brain Injury Chat Rooms evamec eda4933faa5bba90d8c1d07b55f031f9 cefed759 email@example.com no 1264984262 0 0 0
Bearbeiten Löschen 27 Russian Dating News mahlosy 9f82541e291c67540ebe8b7797ee4dfb bfc47eab firstname.lastname@example.org no 1264987557 0 0 0
Bearbeiten Löschen 28 Completely 100 Free Dating In America maisjava a182ea78998a6922ca18a6bed36314c6 b4cd69cd email@example.com no 1264988705 0 0 0
Bearbeiten Löschen 29 50-50 Relationship nandned f8c1a739cf0e754a71f735fb890d0644 f9fb8996 firstname.lastname@example.org no 1264990263 0 0 0
Bearbeiten Löschen 30 Russian Dating News mahlosyn 703d7a3b2b5954a58b460b572cc2c1de fe3b6c03 email@example.com no 1265014517 0 0 0
Bearbeiten Löschen 31 50-50 Relationship nandnedj 5cd7c33a3b4207433ef48ec020c39eda ae60cf37 firstname.lastname@example.org no 1265014599 0 0 0
Bearbeiten Löschen 32 Brain Injury Chat Rooms evamecz eb0ee51fa5f35d1cfb8d84997f75f116 253d1ac2 email@example.com no 1265018480 0 0 0
Bearbeiten Löschen 33 Completely 100 Free Dating In America maisjavab 713ad8f845cefa5a8e9aa96b5e1ddadc 50214a94 firstname.lastname@example.org no 1265021267 0 0 0
Bearbeiten Löschen 34 Free Birthday Greeting Ecard jansleas c7ee6faac2c67cb897cd7c7a69c3ca96 43d1f382 email@example.com no 1265035496 0 0 0
Bearbeiten Löschen 35 Free Birthday Greeting E-mail Cards lazaorlo 84c4f5f36fb9f935e620687753c20b45 76a00672 firstname.lastname@example.org no 1265041219 0 0 0
Bearbeiten Löschen 36 Free Bisexual Gallery Post elejoli db62fcd51899155fb883ecdce62d068e b9d2b112 email@example.com no 1265042277 0 0 0
Bearbeiten Löschen 37 Free Bisexual Gallerys syredimi 5ca9175feb50a2bc62f96139630b80f0 b20d89
@ alfalive - same kind of stuff we are getting. How are you handling it?
What we do now.
1) Ban the jerks.
2) Change their profile name so the dirt and promo doesn't appear in activity
3) Change email address so it doesn't appear anywhere.
4) But, unfortunately, the generic icon for the user still appears in our new members on the home page. It's not clickable, but it's there. Really looks ugle, cause now we have lots of new users with no purpose.
5 -- Then they come back and we do it all over again, and again, and again, and again, and again.
We now have 3 sites in the making, 2 production sites waiting for 1.7 so we can test and open and 1 development site. Only one of the 3 sites is being spammed. If the other two get it, it'll be too much wasted time and I think we may just give up on these projects.
As said before, we would want, an effective way to watch over things. 1) admin approve all users. 2) admin approve all new groups. 3) EASILY delete bad guys and ALL their files.
I've only gotten a few spammers coming in a week. Banning doesn't really help hide the info (though it would presumably help with them signing up again with the same address) so using the Dashboard to see what they've done I go through and delete the spammer and any posts they made.
That cleans them up, but doesn't prevent them from signing in again with the same address afterwards, though that has not happened yet.
@ douglerner -You said you "delete the spammer". I'm under the impression that we should NEVER NEVER EVER delete a user. I've seen this mentioned a few dozen times in various groups that has strictly warned against doing so.
Are you saying that you "DO" delete the users? And if so, could someone please clear this up for me, can we or can we not delete users? I was under the impression that if we do, it will corrupt our database. Or is there some times we can delete them and other times we can't??
If necessary, I can trace the various conversations about this down, as long as they are not ones in groups that have recently been deleted.
In summary - can we or can we not delete users? I'm assuming in 1.7 we will be able to. Does anyone know the facts about this?
I have been deleting those users. There is no other way of getting rid of them from showing up in various places. Banning still leaves a lot of stuff visible.
Maybe deleting is something that is ok in 1.6.1?
I haven't noticed any issues after deleting these users. But I still have a small database, if that matters.
i have 1.6.1 and i can tell you that i had a horrible issue with loosing my css and database after deleting users, as far as i know the fix is on 1.7 but as of now i am not del any users, i will change their account info so they cant log on, i have a default hash that i use for the password so they cant log in but i wont del anyone till i have a fix in place.
I have 1.6.1 and that's what I've been hearing - that horrible things can happen when deleting users. Maybe it only happens if the user is very active and has opened groups and discussions and added files and pics and videos. Don't know, so we never do it. I'm very glad to hear that it will be fixed in 1.7 cause like doug says there is no way of getting rid of them from showing up in various places.
The whole thing is quite messy right now. Glad we didn't go live with our sites and am waiting till 1.7. Hope things will be better then.
To clarify the situation on deleting users:
If a user owns a piece of content that is managed by a custom class associated with a plugin that has been de-activated, then the attempt to delete all the content owned by that user may fail, and you may end up with an inconsistent database.
There are not that many plugins that create their own custom classes. (Files or tidypics are examples.)
In general, it is a bad idea to deactivate such plugins on a live site.
This issue is described here:
If you are not in this situation, you will probably not have any problems deleting users in Elgg 1.6 or higher. At least I am unaware of any other problems with deleting users and have deleted many test user accounts myself.
The deactivated plugin issue will not be addressed in Elgg 1.7 so far as I know (Brett or Cash please correct me if I am wrong about that).
Thank you Kevin for clearing this up. Other than the fact that Tom said ....
"Ok, I was not aware the problem was still present as such. I know
Dhrup wrote a lot about it...
"Rough info: 1 month ago we had clean install of 1.6.1, v 2009072201,
on a new *dedicated* server with nothing else running. Made about 20
test users. Deleted one user and could not start the members Tool to
list that user. It would show a blank page where it was supposed to
list that specific user. Later found that one table had the right
number of users (19) and another still had 20 users. Sorry I forgot
details and table names so my info is now useless for Trac. However, I
will try to replicate error and with more sensible info make a new
ticket in Trac."
It appears that we should be ok deleting spammer users as long as they haven't gone balistic in entering pics and files. I think I'll cross my fingers and give it a try. I assume that if there is any problems they will show up immediately and not pop up six months from now or during an upgrade to 1.7 - correct?
This sounds like good news. Thanks again, Ron
Hi Dhrup, shelved a Elgg project for few weeks and came back to see my site completely taken over by spammers .. sad and disillusioned .. I have several moodle project sites and they all remain untouched.. why can't there be some manual registration only plugin for elgg.. is this something too much to expect from elgg.. Thanks JP
(edited) ..sorry! ...whoops!
I was considering implementing a few questions at the time of registration. Three very basic trivia style questions pertaining to the purpose of the social networking site. If the user can't get ONE of them right, then alarm bells should probably go off that they are either intellectually impeded or a spammer.
Just a random thought - haven't looked thoroughly into how i'm going to achieve this.
Happy spam free elgging...one day....for everyone :)
1) STOP cut/ paste from MsWord b/c the Ms cwapz comes thru lolz ;-)
2) We ourselves kinda (99%) have spam-free elgging..
3) Spammerz on our main elgg-site get hit v-e-r-y hard within about 1- 4 hours of their spam
4) We have blocked *whole countries when the spammer was bouncing their ip#s
5) We have some sophisticated (non-gpl, $commerical only) utilities to track spammerz and hackerz
Sometimes I wonder how it is.. that FbdKids.Com can spot a spam user within minutes of their posting funky spam on their own messageboards.. I will be working on an automatic detector for particular types of spam and yes there is an automated solution! so that we can block this as it happens for our own (biggest in the universe ~156,000 users!) FbfKids.Com.I have called this AI solutiion of mine - "Zaptor" - because it "zaps" those spam suckkerz...