Couple of thoughts on the post before registering

[rgf100]

1) I like it.
2) They end up doing the captcha on the post page, and the fill in your details page. That seems rude. 
3) Would be helpful if language could be changed on the validation and details page: "Click the button below to validate your account and display your pending posts. " or similar
4) Eventually I think we should be collecting all details on the post page. You're already getting email address, you just need a username and password. Or even automatically generate those and send out an email with details?
5) Are there stats for us on how often this feature is being used? Can we see 'pending' posts anywhere? I'd like to keep an eye on them - if there's something really valuable, I might chase up a feckless register, for example.

[Platinumwealth.co.za]

Our forum gets spammed to death with Russian bots filling it in. 

 

No idea how IPS can prevent it, but I suppose this is going to be a problem.

[rgf100]

1) how do you know? aren't these hidden until the user validates? 
2) Does it make a difference to usual? It's the same captcha (do you have one?) and email validation process as before, just a bit more streamlined. 

[BankFodder]

I'm coming in in support of this idea.

Here's an exchange I just had with the Invision support guys: –

I respect of spam posts made using post before registering, I asked

Quote

When I tried to access his profile/details et cetera, I'm very surprised to receive this error message:

 

 

Clearly there is something in the permissions that I don't understand. We get huge amount of spam – overnight – and I suppose if post before registering becomes too much of a problem then we will have to decide not to use it – but at the moment I'd like to give it a go

However, as you can imagine – we need to be able to catch these people and ban their IP addresses et cetera.

Please can you advise.

Thanks

Invision replied

 

Quote

Hello,

The issue here is that you can see these at all unfortunately. What should happen is that these messages should not be visible to anyone (as they essentially dont exist) until that user has registered on the site. At present however, there is a bug within the platform which mean you can see them within the sidebar and other areas. This has been resolved in our next upcoming release of the platform.

Of course there is only yourself who can see these, and they would indeed be removed after 48 hours automatically if the user doesnt register. However the only other option in the meantime would be to disable that feature until the fix is released.

Kind Regards,
 

I responded:

Quote

Thanks for this, Marc.

I understand – but on the other hand it would be a useful opportunity to grab the guys IP address and to add it to our spam filters in case he wants to try and sign up again.

It would also give an opportunity to the site team to check these people and to prevent them confirming their registration so that their spam never gets onto the site in the first place.

So in summary, I think post before registration could be very useful in order to help the site team deal with spammers who decide to try and get into the site in that way.

Regards

So to recap, not only could post before registering be useful to attract new members to a community, but it could also be a useful way of catching spammers before they're able to get onto the forum and post – especially overnight.

We have a big overnight problem and despite years of practice, they very often managed to get their spam posted and also auto tweeted for up to 4 or five hours before a member of the site team delete it

[bfarber]

The intention of the feature is that the posts are not visible anywhere until the user registers. As a new feature, there were a few areas (the sidebar blocks you can add for displaying things like "latest posts" being one notable area) that were overlooked and the posts display there - this is corrected in our next maintenance release. In short, absent a bug (and all known bugs are already fixed and staged for release) they are not intended to display anywhere.

Just wanted to add that clarification as there's been some confusion.

[rgf100]

That makes sense (and while I have you here, does this also fix the bug with club content showing in those blocks? I have a ticket open on that). However I think admin staff should have the option to see those posts, perhaps in the ModCP alongside hidden content. There could be useful content I want to approve even if it gets credited to 'guest', or I might spot an easily bannable spammer, stuff like that. And... it's my site, I like to be able to see what's going on. 

[Adriano Faria]

2 hours ago, rgf100 said:

5) Are there stats for us on how often this feature is being used? Can we see 'pending' posts anywhere? I'd like to keep an eye on them - if there's something really valuable, I might chase up a feckless register, for example.

 

2 minutes ago, rgf100 said:

However I think admin staff should have the option to see those posts, perhaps in the ModCP alongside hidden content. There could be useful content I want to approve even if it gets credited to 'guest', or I might spot an easily bannable spammer, stuff like that. And... it's my site, I like to be able to see what's going on. 

I submitted a resource to the marketplace and it is currently awaiting for approval but I start to believe, due to staff replies here and in other topics, that it won't be approved because they want this feature to be the way they did. If it doesn't get approved here, I will probably sell this on my site. Screens:

 

[rgf100]

1 minute ago, Adriano Faria said:

I start to believe, due to staff replies here and in other topics, that it won't be approved because they want this feature to be the way they did.

I choose to believe it's because they'll be doing this themselves now I've suggested it 😀

[BankFodder]

Thanks for this clarification.

However, given that nothing will be visible at all – what about offering us a choice to make it visible and also to be able to track it down in order to log IP details. I'm a great believer in always offering people the maximum choice because then they can configure their way of working to suit their own circumstances.

So once again here's my suggestion

Quote

I understand – but on the other hand it would be a useful opportunity to grab the guys IP address and to add it to our spam filters in case he wants to try and sign up again.

It would also give an opportunity to the site team to check these people and to prevent them confirming their registration so that their spam never gets onto the site in the first place.

So in summary, I think post before registration could be very useful in order to help the site team deal with spammers who decide to try and get into the site in that way.

Regards

and also I agree very much with Adriano above that we ought to be able to see logs to understand how often the feature is being used. It doesn't sound very right to have a load of activity going on in the background and so not understanding the possibilities and whether post before registration is actually a good idea. But from my point of view, catching spammers before they actually get online to do harm – that would be a really useful feature. I realise that registered users can be placed on moderation at the outset. But it would be nice to be able even to pre-empt that in some cases and catch them before they get that far.

So: new feature please

[Platinumwealth.co.za]

1 hour ago, Adriano Faria said:

 

I submitted a resource to the marketplace and it is currently awaiting for approval but I start to believe, due to staff replies here and in other topics, that it won't be approved because they want this feature to be the way they did. If it doesn't get approved here, I will probably sell this on my site. Screens:

 

I do not want a plugin to handle a core function. 

[Adriano Faria]

19 minutes ago, Platinumwealth.co.za said:

I do not want a plugin to handle a core function. 

So don’t buy it. 👍

[Kjell Iver Johansen]

I've had several users complaining that they have written stuff on Iphone or Ipads in Chrome or Firefox. When they open links in email to post it the email leads them to Safari, and then all the stuff they have written are all gone. I think it's not possible to open a link in chrome on Apple devices..

[Adriano Faria]

6 minutes ago, Kjell Iver Johansen said:

I've had several users complaining that they have written stuff on Iphone or Ipads in Chrome or Firefox. When they open links in email to post it the email leads them to Safari, and then all the stuff they have written are all gone. I think it's not possible to open a link in chrome on Apple devices..

That’s an iOS thing. Apple force links to open in the bizarre Safari. You can’t set another browser as default. At least couldn’t when I checked it a few versions ago.

[opentype]

3 hours ago, Kjell Iver Johansen said:

I've had several users complaining that they have written stuff on Iphone or Ipads in Chrome or Firefox. When they open links in email to post it the email leads them to Safari, and then all the stuff they have written are all gone. I think it's not possible to open a link in chrome on Apple devices..

I agree with Adriano.

But I wonder why it was phrased as “all gone”. Sounds a little weird. They just changed the app after clicking the link. Everything they did in Chrome or Firefox is still readily available there. And the content posted to community suite is stored in the database. So I’m not sure what is gone exactly. 

[Adriano Faria]

3 minutes ago, opentype said:

But I wonder why it was phrased as “all gone”. Sounds a little weird.

I'm not sure I follow what the users says, but I guess he's right. Post Before Registering is based on a cookie and cookies aren't shared between browsers. Just made a test on Firefox:

Then I just open Chrome and it's not there:

So when iOS opens another app, data isn't there.

I think he's talking about that.

[socceronly]

I'm ready to kill it. 

It's like spam for the site, but it's just for me....

[BankFodder]

Well I think that it is a great honeytrap - if there was only some way to harvest the spammers who fly into it. I don't see what's wrong with choice and I think that we should be as free as possible to run our forums and workflows in the way that we want.

W are all unique - aren't we?

[rgf100]

Ultimately I think we might want a log-in / register box there. We're going to see people with accounts using it incorrectly otherwise. 

[Adriano Faria]

35 minutes ago, rgf100 said:

Ultimately I think we might want a log-in / register box there. We're going to see people with accounts using it incorrectly otherwise. 

It won’t allow to create the content if someone tries to create it using an existing email address. But if someone if tries to create the content and use a different email, then there’s no way for the system to know that is a register user without login.

[BankFodder]

Maybe it needs to be connected to a duplicate IP logger in some way

[BankFodder]

We've now had two or three instances of people who say that they have posted a topic and then couldn't find it. I think that this is linked to "post before registering" but unfortunately as I'm not aware that there are any logs or information which are available to admin in respect of this, it's difficult to track down and to understand what is happening.

I'm sure that it is probably because of user error – but on the other hand, we have to acknowledge that there are many people who are under confident and under competent with online communities and so we have to make sure that the system is as forgiving as possible. Otherwise it will only undermine those kinds of people even more and possibly have the effect of sending them away which is precisely the opposite of what is intended to be achieved.

So here's once again a call for a logging feature & clear evidence as to who is coming onto the forum and using this system and who is either failing or succeeding.

 

[Adriano Faria]

4 minutes ago, BankFodder said:

I think that this is linked to "post before registering" but unfortunately as I'm not aware that there are any logs or information which are available to admin in respect of this, it's difficult to track down and to understand what is happening.

 

[BankFodder]

Thanks. I've bought this application and I can see that it is going to have great potential.

I really hope that you are going to be able to develop it. I have no idea why IPS should impose constraints upon it. I posted a review, but here it is again in order to continue this discussion in this thread

Quote

 

 

*****

I've given this only four stars and not the full five stars because it needs a lot more features although it's a very good start. I understand that the lack of features may be because of constraints which have been imposed by IPS. If so that's a great shame.

This app installs extremely easily and then in the "community" section on the admin CP there is an opportunity to see a log of posts which have been made under the "post before registration" system.

This is what you get:

at the very least this gives you an idea of how many genuine people you have got trying to access your board by using the system. In the case I've listed below there are an overwhelming number of spammers – and as far as I'm concerned this is great because it means that by and large they never make it onto the public forum.

However, the functionality that is lacking here is really substantial.

The data should be disclosing the IP addresses and there should be an opportunity to flag those IP addresses as spammers and to ban them so they don't cause any more trouble and also to lock them with some spam service. It's great shame the constraints imposed upon Adriano are preventing this.

The other thing is that there should be a bulk delete so that anything that is not genuine can be got rid of straightaway rather than have to wait the 30 days. Additionally, it would be a great idea to be able to identify genuine posters and have some way of messaging them to ask them if they need any help.

It is entirely possible that some genuine posters have attempted to post using the system and then for some reason rather have given up and then come into the forum again may be on a different email address and eventually post it. It will be nice to identify those people.

Finally – (for the moment) it's a shame that we need to go to the backend to get this data. It will be very nice to have another notification icon alongside the bell and the envelope at the top right hand corner which might flag up to admin that there is another attempt to post before registration. In that case one might be able to react immediately with an instant message to that person may be by means of a sticky note asking them if they want any help. This might encourage engagement even more – which I understand is precisely what "post before registration" sets out to do.

Also, this data really should be available to the moderating team as well and so it seems to me that it will be extremely appropriate to have it available in the mod CP along with other items such as deleted items, approval queue et cetera. That would be very nice indeed and I don't really imagine that the IPS constraints have ruled out that possibility.

I'm certainly looking forward to the further development of this app.

I'm amazed that in the 12 days since we upgraded to 4.4.2 and activated the "post before registration" function, we have had at least 80 spammers which have attempted to post by this route.

It seems to me that the Invision team haven't fully appreciated that the "post before registration" function might be much more useful functioning as a spammers honey trap allowing pre-emptive banning of IP addresses and email addresses than encouraging the engagement of new members.

 

[Adriano Faria]

The full version had to features that I had to remove to submit to marketplace: assign the content to a member and delete the posting. Unfortunately IPS requested to remove it, otherwise I would be dropped from Marketplace. 

I will take a look in your other suggestions. 

[BankFodder]

Yes, I understand very well that you may have to comply with certain requirements. A big shame.

If you would consider the other suggestions then I would certainly appreciate it and I can imagine that others would also.

I can't imagine IPS would object to being able to flag IP addresses as undesirable at an early stage. This will be extremely useful – and as I said, if it can be done in the mod CP that would be great.