HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Limiting HTML and Links in Posts

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#100910 (In Topic #19796)

Non-joined user

Hello
In the forum can I as an administrator limit what html code or links are permitted in the posts? I have a lot of comment spammers I want to stop?
Back to the top
 
Posted
Rating:
#100911

Honoured member

Hmm, not too sure about the HTML and Links, but you can employ the captcha module every where it can be used, and also use the Spammer checking level option.  Look in your "Admin Zone / Security" section for those settings.  You could use Global permissions, but that would limit any guest as well as spammers.
Back to the top
 
Posted
Rating:
#100914

Non-joined user

Thanks for getting back to me.  However, I have used Captcha and many other spam prevention techniques but removing the bbcode capability from certain members is a big need for our forum.

Back to the top
 
Posted
Rating:
#100916
Avatar

I don't think there's a straight-forward way to limit things further in the system. By default it prevents insecure HTML and Comcode for unprivileged users, and it makes any posted links get marked with nofollow.
We also automatically flag hackattacks when posters try and use multiple different HTML and bbcode methods for posting a link at once (as that's a clear case of a spambot).

Are you hoping that a spam bot will get an error screen when posting any kind of link, because guests would not have access to do that? And then, they'd automatically de-list the site from their list of potential targets, or just the bot would never try posting without any links? I'm not sure if this would work in practice, as spambots often post without any links, in what some security experts think is an intentional tactic to disincentivise these kinds of limits. But, the CAPTCHA should block this kind of thing anyway - are the bots bypassing the CAPTCHA on your site? If it is a human, I would think they'd spot the nofollow and not target the site further.

This is the advanced filtering system for ocPortal, which I guess could be configured to block Guests posting content with "http://" in it:
ocPortal Tutorial: The form field filter system - ocPortal.com


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#100953

Non-joined user

Thanks for gettting back to me with the answer.
Back to the top
 
There are too many online users to list.
Control functions:

Quick reply   Contract

Your name:
Your message: