ARCHIVE: Australian Ham Radio Discussion Forum ( AHRDF )

Full Version: Forum setup issues
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3

VK3MEL

Is blocking of gmail etc really necessary? Whilst I have a ISP mail account it's rubbish, and I have no desire to have my email address change everytime I churn my ISP.

I've been using Gmail as my primary email for more than 10 years, I think the days these sorts of restrictions have long passed their use by date.

I'd ask that you reconsider this restriction
Quote:Is blocking of gmail etc really necessary?
It's common now for many forums.

It's easy for scammers and others up to no good to create an account with those, particularly using an amateur callsign they don't hold as the username, as the users of the previous version of VK Classifieds and other wanted/for sale sites found.
I agree with the Admin, too many bogus accounts are created with dodgy free email mobs like gmail, yahoo, etc.
I run a forum based on phpBB and I found the best way to limit bogus accounts is to stop the bots from registering. The captcha style authentication used in the registration window can be breached by bots - they can read the images. Much better to change the registration security method to a challenge question. The question required comprehension and understanding which only a human can do (for now). Once I moved from captcha to the challenge question the incidence of bogus accounts dropped to zero. Adam had a similar experience with VKlogger.

I have no limitation on email domains - in fact I encourage gmail as it seems to be the best of a mediocre bunch.

For example, imagine if the question was "What color is VK4ADC's beard?" Wink Only a human could interpret that question and provide the correct answer. Instant impenetrable security.

That's my 5 cents.
VK3ALB Wrote:For example, imagine if the question was "What color is VK4ADC's beard?" Only a human could interpret that question and provide the correct answer. Instant impenetrable security.

Hey, why pick on me just because I have an avatar loaded with an ugly dial on it ?? Why not ask what is the colour of Blackbeards beard ? Big Grin

Having seen an advert supplying little blue pills from a spammer already hit this forum, anything that precludes their access is the right way to go - and that includes banning free-mail addresses that could be used to confirm a user account.
vk3mel Wrote:Is blocking of gmail etc really necessary? Whilst I have a ISP mail account it's rubbish, and I have no desire to have my email address change everytime I churn my ISP.

I've been using Gmail as my primary email for more than 10 years, I think the days these sorts of restrictions have long passed their use by date.

I'd ask that you reconsider this restriction

The free email address limitation for new registrations is going to stay. That doesn't mean that you can't edit it in your profile after the confirmation process - although I don't know if that change will be accepted as I haven't tried to do it before.

VK3ALB Wrote:I run a forum based on phpBB and I found the best way to limit bogus accounts is to stop the bots from registering. The captcha style authentication used in the registration window can be breached by bots - they can read the images. Much better to change the registration security method to a challenge question. The question required comprehension and understanding which only a human can do (for now). Once I moved from captcha to the challenge question the incidence of bogus accounts dropped to zero. Adam had a similar experience with VKlogger.


This has been implemented using amateur radio related questions with simple one-word answers.


Please remember that this is a relatively new PHPBB install being configured by relative newbies trying to make sure the forum stays 'clean' of spammers and undesirable posts. Time will tell if the controls are too strict.

Admin
ADMIN Wrote:As from 24th September 2016, the domain names attached to user registration email addresses has been severely limited to prevent "free email addresses" being used. Basic ISP email addresses are ok but Gmail, Yahoo, Hotmail and their ilk have all been restricted from being used to activate a new user account on the forum.

If you have already registered using a 'free email address' then all is ok unless you have to re-register and then you will have to accept this new restriction.

The user IP at the time of signup is recorded and can be used to confirm country and ISP details if there is any doubt as to the validity of any new users credentials.

This process has been implemented to prevent spammers from creating user accounts and thus posting rubbish to the forum.

Use the Contact Us form option at the bottom of each and every page if the forum rejects your email address when you try to register so that your email address can be individually approved for forum access.

That contact form provides an IP address that allows us to locate approximately where you are located and if it turns out that you are indeed where a callsign search provides details for then you will be advised to try to re-register after the email address has been approved.

Blanket approvals of free-mail addresses will still be withheld.

Admin
I have added the following detail in the properties of a new shortcut on my Windows desktop:

http://www.ozlogger.net/forum/search.php...ive_topics

It makes it easy to just see the last 10 posts (or so) that have been made to the forum - like I used for the old VKLogger 'New Posts' when it was actively taking posts.

Posted in the interest of sharing something useful to interested forum users.

73 Doug VK4ADC
vk4adc Wrote:I have added the following detail in the properties of a new shortcut on my Windows desktop:

http://www.ozlogger.net/forum/search.php...ive_topics

It makes it easy to just see the last 10 posts (or so) that have been made to the forum - like I used for the old VKLogger 'New Posts' when it was actively taking posts.

Posted in the interest of sharing something useful to interested forum users.

73 Doug VK4ADC

Note: You must have logged in previously and used the Remember Me option at that login for it to work !!
Admin1 Wrote:
VK2KRR Wrote:Attachments
I've tried to add an image file to a post, but even though the image is only 164 kB the forum tells me the file is too large?

Attachments are limited to 25 kB at the moment to conserve resources (disk space, bandwidth).
This will be reviewed once the Forum is settled in.

Maximum image file size has been extended to 100KB.
This should be enough to allow a reasonable size/resolution image to be reproduced in JPG format.

Note that JPG is generally a smaller file than GIF (about 1/2 the size), and GIF is smaller than PNG for a given overall image size.


There are times when the forum appears unresponsive since the server change and occasionally an error 508, Resources Limit Exceeded, page appears. I am told by the host that this should be resolved once a new software update is applied to the web server (probably around the end of the month).

Please bear with us in the meantime and defer your visit to a later time when the server load is lower.

Thanks, Admin
The forum is temporarily back on an ADSL connection until the hosting web server has been updated and then the error 508 will go away - hopefully around the end of October, but maybe into November.
The image size remains at 100KB at this stage.

Admin
Hello Admin,
any news on the hosting? I can see it is still on DODO ADSL

[ IP ADRRESS INFO EDITED OUT BY ADMIN ]

Have the hosting company given you any idea when you can resume the hosted option as I get the feeling no one is committing to posting content while the forum is in limbo.

In that same vein if the outlook is not going to improve I believe people will pull up stakes and go.

ADMIN Wrote:The forum is temporarily back on an ADSL connection until the hosting web server has been updated and then the error 508 will go away - hopefully around the end of October, but maybe into November.
The image size remains at 100KB at this stage.

Admin

Regards,
Peter vk5pj
VK5PJ Wrote:Have the hosting company given you any idea when you can resume the hosted option as I get the feeling no one is committing to posting content while the forum is in limbo.

In that same vein if the outlook is not going to improve I believe people will pull up stakes and go.

Peter

The forum will continue for a long time regardless of where it is hosted. VKLogger went through a multitude of hostings before it ended up where it is and most of the time that hosting is transparent to the end user. You really only know because I noted it on the forum post you quoted back at me.

I was informed over this last weekend that the software update was performed on the external web server on Friday last week so that I can now activate it there once again. I have to update the forum database plus avatars etc to it to get it synced with the local server and that should happen later today. We should know fairly quickly if the Error 508 - Resources Limit Exceeded message re-appears.

I have been looking at an alternative forum package but need to make sure all existing content will transfer without issues before I will replace the existing PHPBB system. Fortunately I don't have to do testing on it on-line and thus affect the main forum. Any replacement will look different and work a bit differently but I don't want to change the character of the forum any more than I have to.

73 Doug VK4ADC

POSTSCRIPT:
The forum has been returned to the external web server as of about 10AM today, 7th Nov 2016.
Thanks Admin / Doug.

ADMIN Wrote:73 Doug VK4ADC

POSTSCRIPT:
The forum has been returned to the external web server as of about 10AM today, 7th Nov 2016.

With the image size limit in place while on ADSL people seem to have lost interest in sharing information that relies on some graphical content to explain things, this was my main concern as the activity in the form has withered with these restrictions in place.

Have fun testing a new package, a learning experience can be very rewarding.

Regards,
Peter.
VK5PJ Wrote:With the image size limit in place while on ADSL people seem to have lost interest in sharing information that relies on some graphical content to explain things, this was my main concern as the activity in the form has withered with these restrictions in place.

I have just reset the image size limit to 300KB as of a couple of minutes ago. The local server actually had greater capacity for images to be stored but the transfer of large numbers of many large files syncing from one server to the other was the technical (/real) reason for the limit.

VK5PJ Wrote:Have fun testing a new package, a learning experience can be very rewarding.

Actually it is very draining because I have a fairly good handle on PHPBB and now I have to see if I can achieve the same outcomes on the alternate forum software. I can see many many more hours involved before I get close enough to change it over.
Hey mate,

Applying this limitation will possibly, most likely reduce the audience of the forum. As an addition to your challenge question, you can implement the CAPTCHA functionality as well as IP reputation blocking via blacklists.

If you need a hand with this, let me know.

Smile

ADMIN Wrote:As from 24th September 2016, the domain names attached to user registration email addresses has been severely limited to prevent "free email addresses" being used. Basic ISP email addresses are ok but Gmail, Yahoo, Hotmail and their ilk have all been restricted from being used to activate a new user account on the forum.

If you have already registered using a 'free email address' then all is ok unless you have to re-register and then you will have to accept this new restriction.

The user IP at the time of signup is recorded and can be used to confirm country and ISP details if there is any doubt as to the validity of any new users credentials.

This process has been implemented to prevent spammers from creating user accounts and thus posting rubbish to the forum.
vk2ezt Wrote:Applying this limitation will possibly, most likely reduce the audience of the forum.

Too true HOWEVER there is a way around it: Use the "Contact Us" link at the centre of the bottom each page on this website to request approval of a specific email address regardless of domain name (eg gmail.com, yahoo.com etc....) to allow user registration.

That request provides the email address to be manually added to the list of emails approved for forum registration. The email account is checked several times a day so the delay in approval is typically less than 6 hours (daytimes, overnight about 12-15 hours). Any doubt I have as to the actual location of the requester can be resolved by the IP address whois lookup from the webserver-captured IP address. If it doesn't correlate then it won't be manually approved e.g. using a VPN won't help get your address approved. Only enquiries incorporating a callsign are even checked.

What this does is it maintains a stricter control on who can access the forum to post, between the signup questions relating particularly to AR plus the email addresses that are acceptable. We have already had the situation where someone in the Ukraine signed up and advertised little blue pills and, quite candidly, I would prefer lower numbers of users than that sort of rubbish happening.

You don't need to be registered to read the forum topics, only to post to it, so it only affects those who wish to place comments.

Doug VK4ADC, Admin

VK3YCQ

Hello Admin

I don't know if it is still relevant but my ISP on the NBN-we-were-forced-to-have does not give out webmail addresses for users as far as I can tell. I am already a registered user here obviously but others intending to join OzLogger.net may not be so fortunate if they are without an ISP email account. I do understand the problem with using gmail and other accounts as there are now more scammers, spammers and assorted miscreants than there are ordinary folks on the internet. I wonder if there is an alternative solution that may help increase the user base.

73s

Ian
VK3YCQ
VK3YCQ Wrote:Hello Admin

I don't know if it is still relevant but my ISP on the NBN-we-were-forced-to-have does not give out webmail addresses for users as far as I can tell. I am already a registered user here obviously but others intending to join OzLogger.net may not be so fortunate if they are without an ISP email account. I do understand the problem with using gmail and other accounts as there are now more scammers, spammers and assorted miscreants than there are ordinary folks on the internet. I wonder if there is an alternative solution that may help increase the user base.

73s

Ian

Email addresses such as vkxxxx@wia.org.au for WIA members are immediately accepted.

I also manually provide exceptions for Gmail (or other) accounts where I have done an IP lookup to confirm the country of origin. People who use the "Contact Us" ( http://www.ozlogger.net/forum/memberlist...dminoption ) in the footer area of EVERY Ozlogger page causes an email to be sent to me in the form..

"The message was sent from a guest who specified the following contact information:

Name: zzzz zzzz VK4XXXX
E-mail address: xxxxxxx@gmail.com
IP Address: xxx.xxx.xxx.xxx <-------- This is important to me as it provides country of origin


Message sent to you follows
~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hi, just tried to register but my email address was not permitted?
xxxxx@gmail.com

73 zzzz vk4xxxxxx"

Those email addresses are manually excepted each day (within 24 hours, and usually a lot less) after checking and the prospective users are individually emailed to advise that their email address is now OK. (ie. a permanent exception to the generic Gmail(, Yahoo,....) email rule now exists for only that specific address). If their email address is actually invalid (eg spammer) then they do not get the emailed account activation link on signup.

The forum is being kept clean by virtue of the registration requirements and I really don't want that to change. Using the contact form means a little more effort for the applicant and more for me but instant gratification is not always desirable.

Doug, Admin

VK3YCQ

Hello Doug

thanks for clearing that up. It seems you have a workable solution.

cheers,

Ian
Pages: 1 2 3