How could one abuse the delete post feature?

[zzlpolitics]

A forum I post on was absorbed by another company that also uses XF. They disabled the delete post function because they said years ago, it created major headaches and was abused.

I’m only asking this because I’ve thought about it more than I should have and I just cannot come up with an answer for how people could abuse that.

Anyone?

 

[Sim]

If you allow users to delete their own content long after it was posted, you'll eventually be subject to rage-quit mass post deletion by a user.

Solution: limit post editing time to a few hours. I also allow premium members to edit their own posts up to 24 hours after posting and my "business" members up to 2 days after posting.

We also have a silly issue with one of our user at the moment who was liking literally thousands of posts and photos per day - so we removed his like privileges. So instead, he has started posting a "I like this" type post and then deleting it a while later - which is hardly a disastrous thing, but definitely annoying.

 

[zzlpolitics]

If you allow users to delete their own content long after it was posted, you'll eventually be subject to rage-quit mass post deletion by a user.

Solution: limit post editing time to a few hours. I also allow premium members to edit their own posts up to 24 hours after posting and my "business" members up to 2 days after posting.

We also have a silly issue with one of our user at the moment who was liking literally thousands of posts and photos per day - so we removed his like privileges. So instead, he has started posting a "I like this" type post and then deleting it a while later - which is hardly a disastrous thing, but definitely annoying.

Thanks for the response. This particular forum allows you to edit your posts for an infinite amount of time but there is no delete ability.

I will have to get under the hood to see what the delete/edit time functionality is. I'd forgotten about it and that may be a solution.

Thanks!

 

[Sim]

Thanks for the response. This particular forum allows you to edit your posts for an infinite amount of time but there is no delete ability.

Yes, you can end up with the same issue with post editing - someone in the process of rage-quitting could go through and edit a bunch of their posts to remove the post content.

We had this with our photo galleries a couple of years back too - I had forgotten to disable the ability to edit posts (cropping, rotating, etc), and had one user rage-quit and go through thousands of photos they had uploaded, editing them to crop to as small as they could get - basically the same thing as editing a post and removing the content.

I would definitely limit both post editing and post deletion.

 

[Mendalla]

We implemented a no-delete, 15 minute timeout for edits after a member got called on a post and promptly edited it to remove all the content. Fortunately, the people who called him out quoted him. The twit eventually got banned for a couple years.

 

[zappaDPJ]

I’m only asking this because I’ve thought about it more than I should have and I just cannot come up with an answer for how people could abuse that.

Imagine if you decided to delete or even just edit the two posts you've made in this thread. The thread would almost certainly lose context. Now imagine that times one hundred or more. Suddenly your forum is full of threads filled with what might seem like random posts. At best the threads would now lack continuity.

I would never allow a member to delete a post but I would always consider a request to do it on their behalf. Conversely I think it pretty essential that you give members a short grace period to edit a post in order to correct spelling, grammar or just change content. 15-30 minutes seems to be the norm.

 

[Sim]

The other thing we've seen is spammers make posts that seem to be on-topic and relevant to the thread, but then go back days later to edit in hidden links. This can be difficult to detect since you don't tend to pay attention to changes to posts - we aren't notified about post edits.

 

[Harpers Tate]

This will depend on how you moderate your board. We proactively check everything that is posted. As we have quite a large team of Moderators some of whom share responsibility for (a) given forum(s), we don't want them to be repeating each others' work.

We use an add-on "Moderator Checkpoint". This places a marker against a post - not visible to members, but visible to Moderators - to say whether it has been seen/checked.

Importantly: if a post is later edited by the OP, that un-marks the "checked" status of the post. So we are in effect alterted to later modifications (such as the addition of spam links; such as edits to remove meaningful content by disgruntled members; and so on). It does not alert on deletions (since it is only concerned with posts that are live), and we don't allow members to self-delete posts. It doesn't stop them from editing, but then we would be alerted.

Moderator Checkpoint System

Apr 4, 2019

Track which posts have been checked by your moderators to save duplication of work

• Stuart Wright
• moderators
• Add-ons [2.x]

 

[Wildcat Media]

If you allow users to delete their own content long after it was posted, you'll eventually be subject to rage-quit mass post deletion by a user.

Yes, you can end up with the same issue with post editing - someone in the process of rage-quitting could go through and edit a bunch of their posts to remove the post content.

Over the past 23+ years, I've had exactly this same thing happen. I disabled editing/deleting early on, to save us the headache of rage-behaviors. We still get asked why we have a 10 or 15 minute timeout, and that is the exact reason. If it's a long-time trusted contributor, they get added to a usergroup which removes that restriction, same as the staff. Otherwise, we tell members to report a post if they want to have it deleted or mildly changed.