Barry's Blog Registration Working?

Puppy related raves and general interest that doesn't fit anywhere else
Post Reply
Message
Author
foggy
Posts: 2
Joined: Sun 09 Feb 2014, 22:08

Barry's Blog Registration Working?

#1 Post by foggy »

Its been an hour now and I still haven't received my password in my email when I tried to register to contact B.K.

The registration for the forum at about the same time, was instantaneous.

User avatar
Karl Godt
Posts: 4199
Joined: Sun 20 Jun 2010, 13:52
Location: Kiel,Germany

#2 Post by Karl Godt »

Does not look like ..
I am bot Posted on 8 Feb 2014, 13:29 by gungsukma
Barry should use REAL CAPTCHA.

Comments disabled Posted on 7 Feb 2014, 22:10 by admin
Comments are disabled again, hopefully temporarily.

I am bot Posted on 7 Feb 2014, 12:09 by x6255
Barry should use REAL CAPTCHA.

I am bot Posted on 7 Feb 2014, 12:10 by x5565
Barry should use REAL CAPTCHA.
Smeagol I guess ..

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#3 Post by BarryK »

Yes, I disabled registration again.

That "person" used a "disposable" email address to send more pornographic comments.

I see, the Contact Me page also needs registration. I didn't think that was disabled though.

efia, the author of pe_pplog, might be running out of enthusiasm, modifying pe_pplog to fix my security problem.

In which case, I might borrow a "Perl 101" book from the library, and have a go myself. I have ideas how to fix the problem, just lack Perl coding ability.
[url]https://bkhome.org/news/[/url]

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#4 Post by Flash »

Good luck. Too bad there's no way to trace it back to the source. :(

User avatar
RSH
Posts: 2397
Joined: Mon 05 Sep 2011, 14:21
Location: Germany

#5 Post by RSH »

That "person" used a "disposable" email address to send more pornographic comments.
Good luck. Too bad there's no way to trace it back to the source.
Isn't that also a 'nice' part of the 'Net-Security' everyone is asking and looking for, like anonymous surfing, anonymous access (to what the web provides) etc.pp.?

I think, the web should be closed/locked permanently for such tools and also persons!
[b][url=http://lazy-puppy.weebly.com]LazY Puppy[/url][/b]
[b][url=http://rshs-dna.weebly.com]RSH's DNA[/url][/b]
[url=http://murga-linux.com/puppy/viewtopic.php?t=91422][b]SARA B.[/b][/url]

efiabruni
Posts: 69
Joined: Tue 18 Oct 2011, 15:55

registration

#6 Post by efiabruni »

I added some fixes to the registration process and uploaded it on github.
Alas, if he really wants to be destructive there are ways around this. Even if he just registers via valid email addresses and then spams.

Anyway, if anyone feels like having a look, the code is here: https://github.com/efiabruni/tree/comment_registration
I think, the web should be closed/locked permanently for such tools ...
I have friends who are activists, these "tools" are important, we are lucky to have them!

Jasper

#7 Post by Jasper »

Hi efiabruni ,

My understanding is almost zero, but I wonder:

* would it be possible to place all comments in a holding directory so that BarryK could review them and then delete them or transfer them if, as and when he may have time to review them?

and/or.

* could BarryK appoint say, six or ten trusted moderators from various time zones to delete any "unpleasant" comments?

My regards and thanks for supporting BarryK

ozsouth
Posts: 858
Joined: Fri 01 Jan 2010, 22:08
Location: S.E Australia

Text-only?

#8 Post by ozsouth »

Would it be better to have text-only comments? Barry could still put pictures in his original posts.

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#9 Post by BarryK »

Yes, there are various extra steps.

If one of the legitimate email providers is used, they can be notified. That provider can also be blacklisted.

Possibly we could have a whitelist, only allow certain email providers that have a rigorous registration process.

Or, BB-code can be disabled in comments. Which is what I might do if the fellow persists.

Efia did originally suggest to me that a good method would be for me to approve each registration. At the time, I didn't like the idea, because it would mean more work for me. But rethinking it, it might be a good solution.
Perhaps instead of sending the password to the new registrant, the email could be sent to me, with the username and email address, and I can forward it if I approve -- or request further identification from them if I am suspicious.

...perhaps that could be an optional extra security precaution.
[url]https://bkhome.org/news/[/url]

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#10 Post by Flash »

It might at least limit the damage if someone who had just registered were allowed to post only one time until a moderator cleared him to post more than that. If the moderator still wasn't sure, he could adjust the count so the new member could post x more times without further control. It's easier to remove just one offensive post than a whole bunch of them scattered all over the website.

User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#11 Post by Barkin »

BarryK wrote:... Possibly we could have a whitelist, only allow certain email providers that have a rigorous registration process...

There are blacklists of email accounts [& IP addresses] used for spamming, e.g. ... http://www.stopforumspam.com/
They are mostly gmail accounts, i.e. gmail's rigorous registration via mobile [cell] phone can be defeated.

User avatar
RSH
Posts: 2397
Joined: Mon 05 Sep 2011, 14:21
Location: Germany

#12 Post by RSH »

That "person" used a "disposable" email address to send more pornographic comments.
Looks like is he using the forum now, to do such things.

User treeair did sent pornographic picture to me by pm.
[b][url=http://lazy-puppy.weebly.com]LazY Puppy[/url][/b]
[b][url=http://rshs-dna.weebly.com]RSH's DNA[/url][/b]
[url=http://murga-linux.com/puppy/viewtopic.php?t=91422][b]SARA B.[/b][/url]

User avatar
Flash
Official Dog Handler
Posts: 13071
Joined: Wed 04 May 2005, 16:04
Location: Arizona USA

#13 Post by Flash »

Treeair's account has been disabled.

User avatar
RSH
Posts: 2397
Joined: Mon 05 Sep 2011, 14:21
Location: Germany

#14 Post by RSH »

Thanks.

But now comes in mind:

- I did not sent the image and/or pm to you (I immediately removed it), so you could not proof.

How to do next time?

I'm just asking because without something to proof (image, pm etc.) everyone could just say user x has done y - and he might be banned, even if it would not be the truth.
[b][url=http://lazy-puppy.weebly.com]LazY Puppy[/url][/b]
[b][url=http://rshs-dna.weebly.com]RSH's DNA[/url][/b]
[url=http://murga-linux.com/puppy/viewtopic.php?t=91422][b]SARA B.[/b][/url]

User avatar
BarryK
Puppy Master
Posts: 9392
Joined: Mon 09 May 2005, 09:23
Location: Perth, Western Australia
Contact:

#15 Post by BarryK »

RSH wrote:
That "person" used a "disposable" email address to send more pornographic comments.
Looks like is he using the forum now, to do such things.

User treeair did sent pornographic picture to me by pm.
I got one also, have not deleted it yet.

I wonder if the forum has in place any information capturing, such as the fellow's IP address?
[url]https://bkhome.org/news/[/url]

User avatar
ardvark
Posts: 1448
Joined: Tue 02 Jul 2013, 03:43
Location: USA

#16 Post by ardvark »

RSH wrote:User treeair did sent pornographic picture to me by pm.
Unfortunately, I received one, too. :(

Regards...

Post Reply