Announcement

Collapse
No announcement yet.

Banning doesn't work, user access doesn't work :(

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Banning doesn't work, user access doesn't work :(

    I have vb 2.0 beta 4 installed (i've updated the sessions.php to fix the security breach though) and apparently I can't ban members...

    I tried to edit individual user accesses but they still post no problem.. how comes?

    Those of you who know a lot about banning people from a forum please post your thoughts.
    design and technology / mano1.com
    resource and community for musicians / FutureProducers.com

  • #2
    Umm... using the 2.0.3 sessions.php won't fix any other issues with beta 4.

    My first recommendation would be to do a full upgrade to 2.0.3 as there are a lot of bug fixes and and such old beta versions aren't supported anymore (that thing's at least 5 or 6 months old!).

    Second, can you enter your customer info into your profile? See link in sig for more info. Thanks!

    Comment


    • #3
      I don't think you can successfully ban any member these
      days.
      1. In the old days with dial up Internet service, you could.

        But with DSL and assigned IP addresses at random, plus
        several stealth websites available for free, I think it's
        impossible.

        Our solution has been to go easy on members with less
        ego maniacs moderating the boards, and more education.
      2. We have a three-strike rule before we "suspend" anyone,
        and the suspension is usually a few days to cool off. And
        that's only after three private emails (or phone calls) to
        the member. Guess what? With the 3-warnings, we have
        never had to suspend anyone!
      3. The other solution is to set up some forums based on
        proof of their identity. We have some paid forums, which
        require a nominal charge to enter. With their credit card
        information, billing address, and phone number . . . if
        we need to we could suspend easy.
      4. Another solution (only a recent change in policy) is that we
        now require a real first and last name to register. In the past
        we have seen names like RoughMama or BadTemper, and those
        names tend to lead to that kind of forum participation, while
        other names like John Stevens or Jill Martin lead folks to write
        under their true name, which leads to more respectful
        behavior on the boards. Our registration page now gives
        over 6 samples on how to use their real name without
        duplicating a name that may already be taken. When we
        changed to full names we thought we would lose members.
        To the contrary, we have gained more new members.
      5. But for what I have seen, the banning days are over and
        the move to gently encourage members to live up to your
        policy is more important to the safety of your board. If
        you HACK OFF a members arms and self esteem, you'll
        likely make an enemy who will make it their mission in
        life to HACK DOWN YOUR BOARD TO RUIN.

      If I can help, let me know.

      David

      DAVID COPELAND
      Licensed VB Holder Since 2000
      Celebrating 20 Years with VB

      Comment


      • #4
        Very good advice and I think you are right . I've learned my lesson in attempting to ban people and it's a lot easier to try to be more laid back....especially when it comes to message boards.

        Kara

        Comment


        • #5
          Originally posted by David Copeland
          Our solution has been to go easy on members with less
          ego maniacs moderating the boards, and more education.

          We have a three-strike rule before we "suspend" anyone,
          and the suspension is usually a few days to cool off. And
          that's only after three private emails (or phone calls) to
          the member. Guess what? With the 3-warnings, we have
          never had to suspend anyone!
          We prefer to take the same approach, and much of our moderating is quietly done off-board. In fact we call our moderators 'forum guides' - to us, a forum guide should rarely be seen doing their job, and should try to keep the 'guiding' off-site. We're not a clique, we're not net cops, we're just keeping the peace.

          However, we have been having problems with one ex-member who has constantly ignored warnings and has, therefore, been banned for life. This, I should point out, is after several suspensions ranging from 2-7 days - and each of those has only been done after a similar "three strikes" policy. So, as you can see, he is a real troublemaker.

          He is now attempting to hack our board by posting off-topic rubbish - until we spot him and take action - despite a formal ban produced with assistance from a lawyer.

          We have a 'Suspended (Quietly)' option where the person can read but not post, while we clean up the mess, and then, once the posts have been removed, switch them to 'Banned' - which blocks them altogether.

          We require unique e-mail addresses for each username, so at least this person has to come up with a new name and e-mail account (mainly Hotmail/Yahoo) each time they want to register. We also require e-mail confirmation, which prevents bogus e-mail addresses from being used.

          This person is on a dial-up (via AOL) and, while IP addresses unique to him have been blocked, those which show use by other members have been left clear.

          We have also been turning registration off overnights, when there is less likely to be a forum guide around, and when this particular person tends to do some of his posting.

          However, we don't like this 'siege situation'. so we would welcome any advice as to how to deal with this persistent troublemaker.

          Fortunately, the overwhelming majority of our members are no problem at all, and with the remaining few, a polite "please don't do that again" e-mail usually does the trick.

          TIA

          Comment


          • #6
            Our forum deals with private investigation, including tricks of the
            trade to find people. Once this person receives a respectful phone call through a trace, he will cease.

            One tip would be to use this guys email address (yahoo, etc) and
            set up a pretext (phony offer) to entice him to call for free
            offer. Using a toll free number would do the trick, as you would
            capture his home phone number (or work), and then have
            a live person take his name and address for sending him
            that free laptop, plus $5 shipping on his credit card.

            The other would be to set up a RCF line (remote call forwarded
            line) from a large city that forwards to your inbound 800
            number at your home office. If he's extra smart, he will
            know not to knowingly call on a suspected 800 number
            because his private number will be exposed through the
            800 caller ID. But a direct number can be forwarded to a
            800 number and he will think it is still blocked . . . but
            is not.

            In the VB whosonline feature in the latest version, you can
            actually see his IP address live through AOL. There might
            be some information there that you could work with at
            a security agent at AOL. They're pretty smart in capturing
            jerks who abuse.

            And the other suggestion I have for you is really sweet:

            Check out:
            Lisa's HTML Forum

            Lisa prohibits free email addresses (yahoo, hotmail, etc) from
            even registering because if past abuse. There must be a
            feature in her registration process that allows you to block
            these free addresses for a few weeks until things settle
            down. It should not affect current users, but it's worth
            checking out.

            If I can be of more help, let me know.

            David

            DAVID COPELAND
            Licensed VB Holder Since 2000
            Celebrating 20 Years with VB

            Comment

            Loading...
            Working...
            X