PLUGIN WEEKENDS
-
Haha, first I'd need to find a @girlfriend (DOH, didn't work) but that would mean I'd have to give up NodeBB time.... naaah.
-
I'd like to thank the academy.
-
Not thanking mom and dad?
-
@psychobunny oh yeah for Mom.
-
Thanks guys
-
I love this community, you guys make me laugh every time I see your posts. Especially @barveyhirdman & @psychobunny
-
So a new week has started...
Hey NodeBB community?
Everything is done from a plugin.
-
wow... you sir have won this week next week and the week after
-
I think unless somebody writes an awesome security plugin, @Mr_Waffle will be a winner from now til Thy Kingdom Come!
That is very cool!
-
@Mr_Waffle respect.
EDIT but creepy lol.
-
@planner said:
awesome security plugin
what do u have in mind? im bored.
-
A complete Web application firewall that offers login protection (brute force login attack protection), IP blocking, automated or manual site scan for intrusions, anti-spam, any feature we can think that will boost the security profile of the platform.
Maybe add the ability to put the site in maintenance mode, if it does not already have it.
Lock down of core files to prevent unauthorized modifications, etc
And I think we need some type of anti-spam for the registration page.
-
@planner said:
A complete Web application firewall that offers login protection (brute force login attack protection), IP blocking, automated or manual site scan for intrusions,
isn't easier to achieve that on the server level? doens't sound like a plugin.
Maybe add the ability to put the site in maintenance mode, if it does not already have it.
I don't think a plugin should be able to do that, sounds like a core NodeBB feature, but im with you on that one.
Lock down of core files to prevent unauthorized modifications, etc
again, server layer.
And I think we need some type of anti-spam for the registration page.
im working on one that uses this API http://stopforumspam.com/usage but im not too convinced, i think we might need something like Akismet
-
stopforumspam is nowhere near as effective as akismet, not neccessarily because it's bad, but akismet gets much more traffic thanks to wordpress, therefor better data and better sample size.
on an ipb forum that is on a site that sees a ton of traffic I switched from stopforumspam to akismet and it was night and day.
-
@planner not a lot.
I think we can have both filters, stopforumspam onuser.create
as a first line of defense, and the Akismet onpost.create
. I'll add Akismet tomorrow or tuesday, but API key is not free right? and I am little worried about latency with the API calls on every post creation. unless I call the Akismet API async but then remove the post if the response says it's spam. which is weird but it might work, since, hopefully most posts wont be spam