• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.4 Legitimate Users Getting Caught Up in Moderation

Amaury

Well-known member
#1
I've had to manually approve our last two legitimate users, @denisx04 and another user not part of this forum, due to them getting caught up in moderation.

To quote Denis' words when he told me on his site:

Your robot verification thing gave me a bit of issues, had to register like 3 times before it finally let me go through.
No just told me I didn't check the robot thing when I did
We recently changed from the standard reCAPTCHA to Google's reCAPTCHA. Could that be the problem?
 

Martok

Well-known member
#2
It should have given you the reasons that the users were put into needing approval on the users waiting approval screen. What were they?
 

Amaury

Well-known member
#3
It should have given you the reasons that the users were put into needing approval on the users waiting approval screen. What were they?
I think it was a match case with either their username (Denis and Angel for the last two) or their email.
 

Martok

Well-known member
#4
If it's a match against a name, it's not surprising. Spammers will often register using real names and once they've been flagged up on the spam services, users on your site using the same or similar name will be put into approval. I've had the same happen on my site.
 

Amaury

Well-known member
#5
If it's a match against a name, it's not surprising. Spammers will often register using real names and once they've been flagged up on the spam services, users on your site using the same or similar name will be put into approval. I've had the same happen on my site.
Gotcha. We also had Kirk from here sign up a while before with no problems, so I guess he was lucky. Heh.
 

rainmotorsports

Well-known member
#7
If you are flagging on 1 flag then it will catch names once in awhile. The system should be redesigned to allow flagging on 1 ip or 1 email, versus having to set it to 2 only catching the ones with 2 matches.

One way around this is https://xenforo.com/community/resources/tpu-detect-and-block-spam-registrations.2973/ setting email to moderate and ip to moderate for SFS. I don't tune it quite like that. The only false positives I have on my tuning is occasionally someone has a bunch of ports open that are suspect. Get maybe 1 a month like that. 0 spam at the moment after a week of tuning.

With that dumping the captcha is nice.
 

Amaury

Well-known member
#8
Ah, here we go. Forgot there was a spam trigger log. It was the usernames, @Martok:

upload_2015-3-10_1-15-42.png

If you are flagging on 1 flag then it will catch names once in awhile. The system should be redesigned to allow flagging on 1 ip or 1 email, versus having to set it to 2 only catching the ones with 2 matches.

One way around this is https://xenforo.com/community/resources/tpu-detect-and-block-spam-registrations.2973/ setting email to moderate and ip to moderate for SFS. I don't tune it quite like that. The only false positives I have on my tuning is occasionally someone has a bunch of ports open that are suspect. Get maybe 1 a month like that. 0 spam at the moment after a week of tuning.

With that dumping the captcha is nice.
I know you didn't directly ask, but here are our spam settings (I think they're just the default):

Spam 1.png Spam 2.png
 

rainmotorsports

Well-known member
#9
I know you didn't directly ask, but here are our spam settings (I think they're just the default):

View attachment 100770 View attachment 100771
Yup. The built in SFS settings kind of lack the ability to be very specific. If you could not flag on name only then it would save you the hassle of those but would end up letting through unique named spammers through in trade. To tune more specifically requires an addon. One of the things is the majority of the spam is coming from very identifiable sources, matching against a database is great but there are easier ways to stop them at the moment.

Basically the system is functioning perfectly. There is nothing to troubleshoot, nothing wrong. Just a limitation. Spam bots use common names occasionally. More often it's legit users.