• Home
  • Categories
  • Recent
  • Popular
  • Top
  • Tags
  • Users
  • Groups
  • Documentation
    • Home
    • Read API
    • Write API
    • Plugin Development
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
v3.5.2 Latest
Buy Hosting

How to enable Email verificatiion

Scheduled Pinned Locked Moved General Discussion
19 Posts 4 Posters 5.2k Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • meetdilipM Offline
    meetdilipM Offline
    meetdilip GNU/Linux
    wrote on last edited by
    #1

    The bot attack is still there for me. I badly need a Q & A plug in. Or a mass bot cleaner. Like delete users who have not been online for more than one minute in last 10 days etc.

    Saving that request for a later point of time, I have installed Mandrill plugin on my site. Would nice if someone can tell how to enable email verification and if possible an option to delete non verified accounts. Thanks.

    A 1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    wrote on last edited by
    #2

    I've enabled email verification through the admin panel - though I haven't verified if users can post without verification or not. I'll give ti a quick test.

    In the mean time:
    Admin > General Settings > User >"Require Email Confirmation"

    meetdilipM 1 Reply Last reply
    1
  • A Offline
    A Offline
    a_5mith
    replied to meetdilip on last edited by a_5mith
    #3

    @meetdilip Ninja'd...

    Make sure mandrill is working before you do this. You will need to confirm your own account too.

    1 Reply Last reply
    1
  • ? Offline
    ? Offline
    A Former User
    wrote on last edited by
    #4

    I was just able to create a new account, not verify email, and create a thread on my board.

    Perhaps once we get some more groups, there will be a group for those unactivated which will allow for some permissions to be set.

    1 Reply Last reply
    0
  • barisB Offline
    barisB Offline
    <baris> NodeBB
    wrote on last edited by
    #5

    https://github.com/akhoury/nodebb-plugin-spam-be-gone helps a lot.

    ? meetdilipM 2 Replies Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to <baris> on last edited by
    #6

    @baris, thanks for the link. An issue I've ran into the past is that many bots are beating Captcha and Recaptcha. Hopefully in the future we'll see other potential spam plugins. For the time being, however, this is definitely getting installed!

    A 1 Reply Last reply
    0
  • A Offline
    A Offline
    a_5mith
    replied to A Former User on last edited by
    #7

    @Albus Get an api key from honeypot. I've had 0 registrations since enabling it.

    ? 1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to a_5mith on last edited by
    #8

    @a_5mith With Project Honeypot and Recaptcha both working on registrations, there shouldn't bee too much of an inconvenience to the user, though it doesn't seem like both would be necessary. I've been looking into Project Honeypot since you suggested it, and it seems promising. Might not keep spammy users away, but at the least it should prevent the bots. Thanks for the tip! 🙂

    A 1 Reply Last reply
    0
  • A Offline
    A Offline
    a_5mith
    replied to A Former User on last edited by a_5mith
    #9

    @Albus It keeps away known spammers, but not those targeting just your site for the sake of being annoying. But that's probably where someone builds the hellban plugin. 😆

    warn: [plugins/spam-be-gone] Wrong Captcha
    warn: [plugins/spam-be-gone] wjrezbvletaj | [email protected] was detected as spammer and was 
    denied registration.
    warn: [plugins/spam-be-gone] Wrong Captcha
    warn: [plugins/spam-be-gone] wjrezbvletaj | [email protected] was detected as spammer and was 
    denied registration.
    

    Working nicely.

    ? 1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to a_5mith on last edited by
    #10

    @a_5mith is there a hellban plugin yet?
    If not seems simple enough to create once user permissions progress a bit.

    1 Reply Last reply
    0
  • meetdilipM Offline
    meetdilipM Offline
    meetdilip GNU/Linux
    replied to A Former User on last edited by meetdilip
    #11

    @Albus said:

    I've enabled email verification through the admin panel - though I haven't verified if users can post without verification or not. I'll give ti a quick test.

    In the mean time:
    Admin > General Settings > User >"Require Email Confirmation"

    I cannot find that option. Early adopter of 0.4.3 . I see " Allow local log in " though.

    A 1 Reply Last reply
    0
  • meetdilipM Offline
    meetdilipM Offline
    meetdilip GNU/Linux
    replied to <baris> on last edited by
    #12

    @baris said:

    https://github.com/akhoury/nodebb-plugin-spam-be-gone helps a lot.

    I have it installed. But friends complained that they were not able to register. So had to put it down. No way to delete bots as a whole as well. Q & A would have helped, I guess. Now clicking rows of bots one by one and deleting them. 😞

    1 Reply Last reply
    0
  • A Offline
    A Offline
    a_5mith
    replied to meetdilip on last edited by
    #13

    @meetdilip Not sure when this option was added, might be after 0.4.3 stable.

    ? 1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to a_5mith on last edited by
    #14

    @a_5mith then would running commands to update to the latest commit solve the matter for @meetdilip ?

    meetdilipM A 2 Replies Last reply
    1
  • meetdilipM Offline
    meetdilipM Offline
    meetdilip GNU/Linux
    replied to A Former User on last edited by
    #15

    @Albus said:

    @a_5mith then would running commands to update to the latest commit solve the matter for @meetdilip ?

    Ah ! Don't mention it. If not for @a_5mith , my site would be down trying to use the latest version.

    1 Reply Last reply
    0
  • A Offline
    A Offline
    a_5mith
    replied to A Former User on last edited by
    #16

    @Albus Texhnically, yes. But that depends on whether he wants to risk running on master branch (not recommended for a live environment).

    However this guide outlines the upgrade process. However with 0.5.0 just around the corner, it may be more beneficial to wait until then for the stability.

    ? 1 Reply Last reply
    0
  • meetdilipM Offline
    meetdilipM Offline
    meetdilip GNU/Linux
    wrote on last edited by
    #17

    Yep, it too am waiting for 0.5. Hope whoever is behind this bot attack will help us build a good antispam system.

    1 Reply Last reply
    1
  • ? Offline
    ? Offline
    A Former User
    replied to a_5mith on last edited by
    #18

    @a_5mith Thanks for such a thorough answer, and the advice. This even answered a question I had earlier today as well.

    1 Reply Last reply
    1
  • meetdilipM Offline
    meetdilipM Offline
    meetdilip GNU/Linux
    wrote on last edited by
    #19

    ping @julian @baris @psychobunny

    1 Reply Last reply
    0

Copyright © 2023 NodeBB | Contributors
  • Login

  • Don't have an account? Register

  • Login or register to search.
Powered by NodeBB Contributors
  • First post
    Last post
0
  • Home
  • Categories
  • Recent
  • Popular
  • Top
  • Tags
  • Users
  • Groups
  • Documentation
    • Home
    • Read API
    • Write API
    • Plugin Development