What was supposed to be in XF 1.2?

[Chris D]

Spam also isn't a "critical bug". It's not an inherent problem with the software. The software has been targeted and that is not something XenForo can help.

Sure, they can change the names of fields so current bots get confused. Yeah they can add another CAPTCHA system.

But all that will happen is those measures will be circumvented and the spam will come back.

 

[Slavik]

So the official interpretation of the current spam attacks targeting Xenforo boards is not "critical"?

Using nothing but the basic xenforo Q+A with my own questions rather than the inbuilt ones, my board hasn't been subject to any spam.

Since changing the questions here at XenForo.com we also have had barely any registrations and the spam has been greatly reduced (the spam being posted is from accounts created before we changed the questions on Monday)

Put simply... the Q+A works

 

[MagnusB]

Put simply... the Q+A works

... For a while

 

[high1976]

Yes the official support is being mostly handled by myself and Jake now

well...how long will you and Jake do the job if the trail is again delayed for months?
if someone isn't able or interested to simply change Q&As for a month now...how can anyone seriously expect that a security fix is handled within a reasonable time?

 

[Digital Doctor]

...how can anyone seriously expect that a security fix is handled within a reasonable time?

Xenforo has done quite well on the security front itself. There has never been any delays in fixing security issues ... ever. So your inquiry is pure speculation.

If you like fixing security problems for your site, maybe IPB is good software for you.

 

[Slavik]

I cant speak for Jake but i'm happy to help out for as long as needed.

Anyway this isn't a Q+A session. So back on topic.

 

[Chris D]

I'm sure there is no time limit on how long Slavik and Jake would like to continue doing their jobs.

They are, of course, free to leave at any time. At which point, I imagine that new moderators would be appointed just like Jake and Slavik were after Brogan left.

how can anyone seriously expect that a security fix is handled within a reasonable time?

http://xenforo.com/community/threads/xenforo-security-fix-for-1-0-0-1-1-2.32890/

EDIT: DOUBLE NINJA!

 

[high1976]

I'm sure there is no time limit on how long Slavik and Jake would like to continue doing their jobs.

sure they will but reality sometimes strikes back

http://xenforo.com/community/threads/xenforo-security-fix-for-1-0-0-1-1-2.32890/

bad example. It was fixed more than a month after being published and even days after being reported here (with no warning to endusers until the fix was done while deleting the file and switching to no flash-uploader would have been enough as a quick fix).

to end here, everythings fine and we will all be happy soon. Ok?

 

[feldon30]

I do not expect 1.2

FIFY

 

[Shelley]

Spam also isn't a "critical bug". It's not an inherent problem with the software. The software has been targeted and that is not something XenForo can help.

Sure, they can change the names of fields so current bots get confused. Yeah they can add another CAPTCHA system.

But all that will happen is those measures will be circumvented and the spam will come back.

That's an excuse chris. When sites have to close registrations it reflects badly on the product and exposes the products weak points. Developers always strive to strengthen their products when weaknesses are exposed and xenforo's weakness is definitely combating spam out of the box. http://adminextra.com/threads/current-spam-attacks.6197/

Stating there's nothing xf can do to combat it, I flat out disagree with you on. Nothing against you chris (i know how posts like this are frowned upon).

 

[Chris D]

No forum software has a strength in combating spam out of the box. XenForo is no better nor is it any worse than any other product out there.

 

[craigiri]

Asking the developers to stop spammers is akin to asking them to insert fine content and nice members on my site. We've went through 1.2 million plus posts and spam has never been a problem for us. Never. Open registration in this day and age is, IMHO, foolish without LOTS of checks and balances. Of course, that is a matter of opinion - obviously.....

Getting back to 1.2 and above - there is not a single thing in there which I need since developers have filled in the blanks....like stopping countries, stop forum spam, etc. - When it comes, I'm sure it will have lots of surprises.....

My wish list is very short.....if I could have one feature it would be greatly improved member management - all of the possible options being rolled into the ACP. Examples include pruning members who haven't posted in X days and have no posts, etc.
Yes, there are add-ons which can go part of the way - but I don't trust them to mass delete. I'd rather have something in the core.

 

[MagnusB]

That's an excuse chris. When sites have to close registrations it reflects badly on the product and exposes the products weak points. Developers always strive to strengthen their products when weaknesses are exposed and xenforo's weakness is definitely combating spam out of the box. http://adminextra.com/threads/current-spam-attacks.6197/

Stating there's nothing xf can do to combat it, I flat out disagree with you on. Nothing against you chris (i know how posts like this are frowned upon).

I have to disagree on this part. Sure the tools for combating spams could be better in xF, but the administrator has a responsibility as well. Any CAPTCHA in the default package, would be next to useless, cause it would be prioritized by spammers anyway. As Slavik has pointed out, he has no problem with spam, and he doesn't use any addon. I was also able to handle it before it got out of hand, and others have as well. I use one of the free adaptation of Are You A Human, and before that I stemmed the tide by Q&A. Jake also have a resource detailing how you can handle it and what is available in terms of spam combat. Not at any point have I been forced to close down registration to deal with it.

AFAIK, the only measure for combating spam that was planned in 1.2 was SFS integration, which most seems to look at as the "one" solution. I don't, so I would still rely on addons to stop spam.

 

[Adam Howard]

v6 IP address support needs to be on their top propriety list.

(please. for the love of god)

 

[Shelley]

I have to disagree on this part.

Don't worry, most will be disagreeing with me on this. where would the fun be if we all agreed?

 

[Andy.N]

Spam control - Check. (sonnb, xenutiles, etc)
Mobile - Check. (Arty's responsive addon)
Resource Manager - Uncheck.

That's the only thing I'm still waiting for on 1.2 but borlode is making some addon that can be used instead.

 

[Digital Doctor]

Wishlist for 1.2:
- Mike and Kier come back
- IB to go away

 

[Shelley]

Wishlist for 1.2:
- Mike and Kier come back
- IB to go away

we don't ask for much but that would be nice so development to continue. My frustration lies with an excellent software left in a stagnated stage.

And for Brogan to get his backside back we are sorely in need of a good moderator/support staff to pair up with Jake Bunce. But of course, you have to remain realistic and I don't see any of that coming to pass.

 

[cmeinck]

No forum software has a strength in combating spam out of the box. XenForo is no better nor is it any worse than any other product out there.

I'd have to disagree with you also. I got hit with a massive attack -- some users posting over 4500 spam posts. This happened on a few of my XenForo sites. There was no way to easily delete users and their threads. I had to rely on some helpful folks here and many mySQL scripts. This created a major headache for me in many ways. These guys create backlinks to the spam they created. That gives you an unhealthy backlink profile. For newer sites, it's hard to recover from that.

I actually killed off one of my newer sites because it had so much remaining 'soft deleted' spam. I couldn't stand to look at it.

I now use a healthy combination of third party add-ons, some paid.

I still to this day get spammed daily in the About section of peoples profiles. Even sites that have the spam tools are getting hit with regularity. Just this week I received a note from Google about a 'manual spam' action for user generated spam. It's definition is usually found in online profiles, forums or comments. I'm doing what I can to clean it up using XenUtils and mySQL scripts and submitting for reconsideration. That's a lot of work and there is no guarantee that Google will accept my request.

These are real issues affecting sites. When it becomes a full time job, it's time the core software provided for tools to prevent and remediate.

 

[Chris D]

My comments were made in the context of preventing spam, more than the removal of spam. I am aware there is more that can be done in terms of cleaning up after it.