Spammers hitting my "Report to Administrator" Hard! Spammers hitting my "Report to Administrator" Hard!
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

Spammers hitting my "Report to Administrator" Hard!

Started by HardDriver, January 27, 2007, 05:47:47 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

HardDriver

January 27, 2007, 05:47:47 AM Last Edit: January 27, 2007, 08:39:14 AM by GauGau
About two days ago, spammers realized that they could report photos without being logged into an account - and since then, I've been getting hammered.  Is there any way to restrict photo reports to registered users only?  If not, this is a very serious issue and should definitely be considered in a future version of Coppermine.  Right now my only option is to disable the feature completely (if I can do that, I'm going to have to consult the documentation).  Regardless, it will not take long before other Coppermine installations start getting hit as hard as I am...

Joachim Müller

#1
January 27, 2007, 08:38:57 AM
Moving to feature requests.

Stramm

#2
January 27, 2007, 09:01:30 AM
in some way it's already implemented. It's connected to the ecards feature. If you disable sending ecards for guests (group control panel), then they also can't send reports to admins

HardDriver

#3
January 27, 2007, 05:55:13 PM
Thanks, Stramm, I wasn't aware of that!  This should definitely be made a little more clear - this could cause serious problems for other people who might not investigate the issue (or have their spam filter block all reported photos).

Tranz

#4
January 28, 2007, 07:14:07 AM
I think we talked about this when the feature was first implemented. The decision was to keep it simple for users by minimizing the options. Thus, have the option linked to the ecards permissions.

This is also in the documentation:
QuoteEnable reports

Enable reports. When set to "yes," this feature will allow users to report on uploaded files or comments to the site admin.

This setting is dependant on e-cards being enabled. Only users who have permission to send e-cards in the 'groups' settings are able to send reports. The report icon is hidden from those not allowed to do so.

lamama

#5
January 30, 2007, 11:58:21 AM
I wasn't aware of that. IMO it's no good idea to link ecards and report permissions. I maybe want to avoid guests sending ecards with my galleries pics to the whole wide world, but I may want guests to report without having to register first.

QuoteThe decision was to keep it simple for users
it makes the configuration more intransparent and confusing.

But perhaps it makes no sense to discuss that topic here?

Joachim Müller

#6
January 31, 2007, 08:44:47 AM
All features that result in emails being sent by the server should be reviewed extra carefully (applies both to ecards as well as reports), as they may be abused by spammers. Maybe we should re-design the feature to not send emails in the first place, but just show a link in the admin menu instead (similar to the upload approval link) if there are new reports and store/display the reports on the site (storing them inside the db only)?
Print
Go Up Pages1
User actions