HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Recommend problem.

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#73254 (In Topic #15330)
Avatar

Community saint

On one of my sites I got yesterday and today tons of mails sended from my domain to unkown e-mailadresses.

They use the recommond mod to get them out.
Some of the mail use doggyhack .

Someone has this before or know something about it?


http://digiflash.nl Photo community  (dutch)
Back to the top
 
Posted
Rating:
#73257
Avatar

Turn on CAPTCHA.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#73261
Avatar

Community saint

Thanks Chris, but I have this standard on to all my sites.


http://digiflash.nl Photo community  (dutch)
Back to the top
 
Posted
Rating:
#73262
Avatar

Hmm, so the CAPTCHA has been broken? There's a more advanced one if you type this into OcCLE:

Code

:set_value('css_captcha_only','1');


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#73263
Avatar

Community saint

I will try that, and see if this gives a solution.

Thanks.


http://digiflash.nl Photo community  (dutch)
Back to the top
 
Posted
Rating:
#75509
Avatar

Fan in action

Chris,
Could you elaborate a little on where and how I would type the code to get the more advanced captcha?

Also, how would this help if it is an individual using the personal message section of the recommend to send out messages?

I have a new site that I have been working on for a number of months. My sister and I are the only members at this point. Over the past 3 months there have been 250 to 300 views of the recommend page per month, most of them getting there directly, not finding the site and clicking on the recommend link. So far today, even though we have not accessed that page there are 19 views of it and that is after I removed the link so that only logged in members can see it.

Alternately, until I figure this part out, can I just turn off the recommend feature?

I really like its idea but if it is going to be an avenue for spammers to send out email leading to my domain being banned by AOL and others then I would rather just turn it off.

Thanks.
Back to the top
 
Posted
Rating:
#75510
Avatar

Community saint

This is correct, I have seen this many times before, and in the beginning of our sites also.  I had to set some countrys to to our server blacklist for this.


http://digiflash.nl Photo community  (dutch)
Back to the top
 
Posted
Rating:
#75511
Avatar

There's not much more to elaborate on. Find OcCLE in the Admin Zone, paste that command in and press the button. If you don't see an error, it worked, and CAPTCHAs work via a more complex method.

Recommend feature is an addon, may be uninstalled.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#75512
Avatar

Fan in action

Thanks Chris.

I am also looking at another option. It looks like under the permission tree I can make it so that guests can not access it (view it) and that I could have it only accessible to registered guests and paying members.

Am I understanding the permission setting correctly?
Back to the top
 
Posted
Rating:
#75514
Avatar

Community saint

This is, to me, another case of the XML sitemap being over-inclusive. From my perspective, I want the search engines to find my content so I think that sitemaps should contain only content links, not call-to-action links (e.g., recommend, pr int, join, login, logout, Facebook, twitter, etc).

I am sure someone will explain to me why I am wrong but it seems to me that you want people to be on your site when they choose one of these options. A join link in SERPs is just a shortcut for spammers to try getting into your site.

Bob


Last edit: by BobS
Back to the top
 
Posted
Rating:
#82115
Avatar

Fan in action

The comment by BobS is beyond me but I did want to post a follow up to the general thread.

In limited testing it does seem that setting access permissions through the permissions tree does successfully limit who can access the recommend page.

However, because the people who were abusing it to send out nefarious messages (I am assuming with inserting their own links into the personal message portion) seem very willing to go through the registration process to create a free "registered guest" account, I would need to limit access to paid members only and maybe they are getting enough return off of their activity that they would even be willing to sign up for a paid membership in order to mask the true source of the emails they are sending.

Limiting it to paid members significantly limits its benefit, especially at the stage that you need it most, when the site is new and trying to get traction or established.

Chris if you see this post (or anyone else who can answer) - Is it possible to leave the recommend module active and not limit access to it but have the outgoing messages held for review by an administrator or moderator?

That way I could keep the recommend feature active and visible for all, keep the nefarious messages from going out and identify which user was sending them so that I could ban that user.
Back to the top
 
Posted
Rating:
#82116
Avatar

There's no feature for that. There was another topic very similar to this the other day, which I summarised on the tracker:
0000413: Limit message sending - ocPortal feature tracker


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#82122
Avatar

Community saint

I personally prefer the idea suggested in the other thread by temp1024 using a limit by usergroup per 24-hour period. This requires the least amount of administrative overhead and really takes away the incentive to spam from a site..

But, perhaps, there could be some reporting built in to identify (frustrated) would-be spammers.

Bob
Back to the top
 
Posted
Rating:
#82125
Avatar

Fan in action

Thanks Chris. (And thanks BobS for your input.)

I think the recommend feature is potentially very useful for me but only on a more limited basis until it is tightened up somehow.

The issues tracker is a portion of the website that I have not poked around in up to this point. I will try to find some time to take a look at it, especially to become more familiar with the support credits and ways to help support refinements.

Again, thanks.
Back to the top
 
Posted
Item has a rating of 5 (Liked by Chris Graham)  
Rating:
#82136
Avatar

Community saint

iamageneralist said

Thanks Chris. (And thanks BobS for your input.)

I think the recommend feature is potentially very useful for me but only on a more limited basis until it is tightened up somehow.

The issues tracker is a portion of the website that I have not poked around in up to this point. I will try to find some time to take a look at it, especially to become more familiar with the support credits and ways to help support refinements.

Again, thanks.
One of the best things about the forums are that ideas get tossed around and often Chris comes up with a better solution as the result.

The issues tracker is also full of good ideas just waiting to to be sponsored to the benefit of the whole community. I have had the good fortune to fully or partially sponsor a number of items and it  is a great feeling providing support to product and a community that makes all our sites possible and, with new features, more powerful and more flexible.

Bob


Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Contract

Your name:
Your message: