Announcement

Collapse
No announcement yet.

New users bypassing admin manual moderation

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • New users bypassing admin manual moderation

    I've always had new user manual moderation on as it is one of the best spam-prevention techniques there is.

    Over the past few days I've noticed a few spammers getting through and assumed my fellow-admin had just been a bit lax with his moderation. I don't believe that's the case however.

    I've just deleted a spammer who registered only this morning. I'd not been into the Admin panel and my fellow admin has not been online all day. So I've done a search of new registrations from the past few days that are already in the 'members' category and there are loads.

    Somehow, people are getting around the need for their registration to be manually reviewed. I've just performed a test registration myself and the account is, correctly, sitting at awaiting moderation.

    I'm running the latest version of vB 4.2.2 PL4 so I'm assuming I don't have a legacy security vulnerability that is causing this.

    Any clues anyone?

  • #2
    Go to a users profile (in adminCP) that has bypassed moderation and click on [View change history] above the user-name. See what exactly happens, and when he is getting moved or from which group. Could by many reasons though, promotions setup? using any plugins? using mail verification?

    Comment


    • #3
      I'd suggest upgrading to 4.2.3 and disabling all of your addons for 24 hours.

      Comment


      • #4
        If you never followed the steps in Securing Your Site, then you can have intrusions from previous issues including third-party vulnerabilities.
        Translations provided by Google.

        Wayne Luke
        The Rabid Badger - a vBulletin Cloud demonstration site.
        vBulletin 5 API - Full / Mobile
        Vote for your favorite feature requests and the bugs you want to see fixed.

        Comment


        • #5
          Thanks all. The ones I looked at didn't have a View History option.

          I disabled all new registrations when I started this thread and due to general life busy-ness, I've only just had a chance to take a look properly. I'm pretty sure that all the rogue registrations were getting in through Tapatalk due to the way the settings for registration were, presumably as their default.

          I've reined all those in, making Tapatalk registrations go through the regular vB registration channel and will keep a very close eye on what happens.

          Comment


          • #6
            Do you allow Tapatalk registrations? if so, change the default group they are added to from 2 (registered users) to whatever you have moderate users set to (usually 3)
            http://scottishminis.com/forums/forum.php - for all things relating to the Scottish Mini scene
            http://theifonly.com/forums/forum.php - for all things relating to golf
            http://thebookjoint.com/forums/forum.php - for all things relating to books especially Jack Reacher

            Comment

            widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
            Working...
            X