Ryan Ashbrook

That is a bug in that version that manifests as a fatal error in later versions of PHP. The only fix is to upgrade, I'm afraid.

Unfortunately, not at this time.

There isn't really much we can do about that, honestly. All of those are being loaded directly by ReCAPTCHA itself, rather than the software.

This is intended currently. That link is always the last post made in the forum, and therefore always takes you to that post.

It does not.

On 9/18/2023 at 2:39 AM, opentype said:

I used the same method. I guess the problem is that those mail providers can just add new domains every week and the block list is never up to date. 

You've pretty much nailed it. The goal posts will constantly be moving so newer ones, or ones that have existed for a while but not used until recently, may not be identified immediately. As Charles mentioned in todays release chat, this is a constant ongoing battle. I update our blocklist regularly.

However, these domains, for example:

5 hours ago, SeNioR- said:

• cazlq.com
• viicard.com
• tenjb.com
• utwoko.com

I can't find on any lists, but I can confirm that they do appear to be disposable. So, I've blocked them manually.

2 minutes ago, ntxpla said:

This is awesome , thank you 🙂  

is there a log to see which accounts were blocked from registering based on this filter or not?

 

If a user attempts to register and is held for moderation, admin approval, or banned, then it will be noted as the reason in that accounts member history for both Disposable Emails and Geolocation filtering.

I suppose.

Sure. 🙂 

Closed per topic starters request.

I've unlocked your account.

4 hours ago, TheLlamaman said:

Also, does the work for users who register via SSO (e.g. Google Login)?

Yes, for our built in login methods. Truly custom Single Sign On integrations, which may not use our login handler system / OAuth, may need to implement spam checking, if it's desired (some may have a requirement that no further validation is done outside of their service).

1 minute ago, Askancy said:

But when a admin in our community reports a user as a spammer, does IPS Spam receive a report to learn new data? 

Yes, nothing has changed in that regard - if you mark a user as a spammer, then our spam defense learns from that. 🙂 

Spam has always been an ongoing battle for community owners as spammers find new ways to circumvent existing anti-spam practices.

We have seen an uptick in new ways spammers are breaking through existing defense.

As such, we here at Invision Community continue to look at new ways for community managers to combat against spam. For our September release, we have added several new tools that can prevent spammers from registering in the first place and help combat them even if they register successfully.

Let's take a look at these new tools and settings.

Geolocation based registration filtering

Oftentimes, spam attacks can originate using bots and servers from specific regions. Using our existing Geolocation service, we have now added filters that will allow administrators to hold registrations from specific regions for administrator review, or deny the registration entirely.

Using this, administrators whose communities are under a spam attack from a specific region, can temporarily filter registrations from that region. Multiple regions can be defined at once, and each individual region can either be held for administrator review, or denied completely.

Disposable Email Filtering

We have added an extra option to our spam defense system to filter users registering with throwaway disposable emails, which are often used by spammers to bypass email validation.

During Spam Defense checking, we now also check the domain in use for the registration against a frequently maintained list. If the user passes through the normal spam defense checking, but is found to have a disposable email address, then the administrator can define one of the following actions to be taken.

• Allow the registration to proceed
• Allow the registration, but moderate all posts (which an option to remove moderation after a certain amount)
• Flag the account for administrator review
• Register the account but immediately ban it
• Completely deny the registration

For both Geolocation and disposable email filtering, the existing Spam Defense Whitelist is always honored ahead of these filters.

Contact Us Email Verification

A common pain point has been the Contact Us page. While the spam does not go to a user facing location, it does still land in the administrators inbox, or other area defined by the sites Contact Us settings.

To help with this, if a visitor who is not logged in attempts to use the Contact Us page, then in addition to the existing CAPTCHA, the administrator can optionally require the person to verify their email address before the message is ever sent. This applies to all Contact Us behaviors, including any added by third party applications.

Cloud Content Analysis

For our Invision Community Cloud customers, we have also added an additional layer of spam prevention after registration.

After a user registers, or if the account has been dormant, then the first few content submissions will be analyzed using a custom developed algorithm within our platform.

The algorithm takes into factor many different elements of the content, and will rank the post between 1 (not spam) and 5 (definitely spam).

The algorithm can be constantly adjusted and improved based on trends without any intervention from the administrator, and without the need to update to new releases of Invision Community.

The administrator can then decide one of the following actions to take based on the score that was received.

• Allow the submission
• Hold the submission for moderator review
• Deny the submission completely

Of course, specific groups can be made exempt from this and not have their content checked at all, which is useful for sites with subscription based registrations which may not want to have this applied to new subscribers, but do want to have new non-subscribers checked.

Spam can quickly become a headache for most community managers, and these new tools will help further combat it at the source. For our enterprise and Invision Community Cloud customers, being able to check for spam when posting is a new tool which will further filter out more of those annoying topics and posts.

We hope these new features give you additional tools in the fight against spam.

The features and changes presented here are available in the following packages:

Geolocation based registration filtering, Disposable Email Filtering, Contact Us Email Verification: Beginner, Creator, Creator Pro, Team, Business, Enterprise, Invision Community Classic (Self Hosted).

Content Analysis: Beginner, Creator, Creator Pro, Team, Business, Enterprise.

View full blog entry

This should be fixed completely now.

It depends on your server. As long as those directories are writable by the software, then you will be fine regardless of what the actual permissions are.

Just now, annedi said:

So nobody knows what PHP/Image function changes the quality?

It would be the core of PHP doing any alterations, so would be out of our control in this case.

16 hours ago, annedi said:

Does GD resample the upload? Is there someplace I see what happens in the code?

Yes, the file will be compressed. If you need less compression to happen, you can change this in your Admin CP > Files > Image Settings > JPG and WebP Quality.

Setting that to 100 will provide the least amount of compression, however the image library (which is necessary for things like cropping, orientation, resizing, and so forth) may still alter the image slightly. You may also get better results by using ImageMagick, if you aren't already, however that would require your host to install it if it hasn't been already.

5 hours ago, Nathan Explosion said:

Issue again with the download...

Fixed.

34 minutes ago, Square Wheels said:

My licenses are current, I don't see a switch option.

It will be on the purchase page for each individual license, at the bottom of the page.

Can you try now?

These are a part of the converters application.

conv_password
misc

This should be resolved now. If you are still seeing an error, please go to your Admin CP > License Key and click Resync License Data.

We had a temporary error with the license server, which we have now resolved. If you go to your Admin CP > License Key and Resync License Data, the message should go away.

With the exception of deleting - you can optionally send an Alert to the member when hiding or moving their content. When sending the alert, you can also optionally allow or force them to reply, which will prompt them to start a PM conversation with you.