1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.4 Legitimate Users Getting Caught Up in Moderation

Discussion in 'Troubleshooting and Problems' started by Amaury, Mar 10, 2015.

  1. Amaury

    Amaury Well-Known Member

    I've had to manually approve our last two legitimate users, @denisx04 and another user not part of this forum, due to them getting caught up in moderation.

    To quote Denis' words when he told me on his site:

    We recently changed from the standard reCAPTCHA to Google's reCAPTCHA. Could that be the problem?
     
  2. Martok

    Martok Well-Known Member

    It should have given you the reasons that the users were put into needing approval on the users waiting approval screen. What were they?
     
  3. Amaury

    Amaury Well-Known Member

    I think it was a match case with either their username (Denis and Angel for the last two) or their email.
     
  4. Martok

    Martok Well-Known Member

    If it's a match against a name, it's not surprising. Spammers will often register using real names and once they've been flagged up on the spam services, users on your site using the same or similar name will be put into approval. I've had the same happen on my site.
     
    Amaury likes this.
  5. Amaury

    Amaury Well-Known Member

    Gotcha. We also had Kirk from here sign up a while before with no problems, so I guess he was lucky. Heh.
     
  6. Martok

    Martok Well-Known Member

    More likely no spammers have been flagged up using the name Kirk.
     
    Amaury likes this.
  7. rainmotorsports

    rainmotorsports Well-Known Member

    If you are flagging on 1 flag then it will catch names once in awhile. The system should be redesigned to allow flagging on 1 ip or 1 email, versus having to set it to 2 only catching the ones with 2 matches.

    One way around this is https://xenforo.com/community/resources/tpu-detect-and-block-spam-registrations.2973/ setting email to moderate and ip to moderate for SFS. I don't tune it quite like that. The only false positives I have on my tuning is occasionally someone has a bunch of ports open that are suspect. Get maybe 1 a month like that. 0 spam at the moment after a week of tuning.

    With that dumping the captcha is nice.
     
    Amaury likes this.
  8. Amaury

    Amaury Well-Known Member

    Ah, here we go. Forgot there was a spam trigger log. It was the usernames, @Martok:

    upload_2015-3-10_1-15-42.png

    I know you didn't directly ask, but here are our spam settings (I think they're just the default):

    Spam 1.png Spam 2.png
     
  9. rainmotorsports

    rainmotorsports Well-Known Member

    Yup. The built in SFS settings kind of lack the ability to be very specific. If you could not flag on name only then it would save you the hassle of those but would end up letting through unique named spammers through in trade. To tune more specifically requires an addon. One of the things is the majority of the spam is coming from very identifiable sources, matching against a database is great but there are easier ways to stop them at the moment.

    Basically the system is functioning perfectly. There is nothing to troubleshoot, nothing wrong. Just a limitation. Spam bots use common names occasionally. More often it's legit users.
     
    Amaury likes this.

Share This Page