Automatically put new accounts with the same IP into approval queue


(Joshua Rosenfeld) #1

Update: It seems an option for this already exists max new accounts per registration ip?, however this completely blocks registration without notifying staff in any way. Would like to see this modified to put the user into an approval queue as opposed to outright blocking. See post 7 for more details.

Over at Stonehearth we got hit with a huge barrage of spam, mostly in Korean, early this morning. We just finished deleting 41 spam accounts, and blocking their IPs, as well as cleaning up the new posts (nicely flagged by our community). When going through the IP addresses we were surprised that some of the accounts had identical IPs, and even more surprised that Discourse didn’t flag these accounts in any way.

Looking through site settings, there is an option to flag sockpuppets. However that only flags them if 2 new users with matching IPs post in the same topic. Can we get an option to flag accounts the moment a new account is created with the same IP, ideally blocking the new account until reviewed?

`levenshtein distance spammer emails` should flag accounts that are similar even if no accounts have been marked as spammers yet
(cpradio) #2

Doesn’t this fall under max new accounts per registration ip? (defaults to 3)

Or are they all not “new” accounts, and thus not being caught by that setting?

(Jeff Atwood) #3

This feature already exists.

The only thing that would prevent them from being BLOCKED FROM SIGNING UP as new accounts from the same IP is if:

  • the IP belongs to a user at trust level 2, if an IP belongs to a user that is already at TL2 we assume that IP can be trusted

  • the IP belongs to a staff member, if an IP belongs to a staff member we assume that IP can be trusted

basically, all the IP use must be from new users, for it to work. (And as @cpradio pointed out, the threshold needs to be at a reasonable value)

(Joshua Rosenfeld) #4

Missed that setting while searching site settings, thanks @cpradio.

So this completely blocks registration…we would never see the account in that case. How does this work for users behind NAT?

(Kane York) #5

One user reaches TL2 and Discourse assumes that the NATed IP is okay.

(Matt Palmer) #6

And if none of the users behind the NAT box get to TL2, all new subs get rejected… not the most NAT-friendly setup, given that the vast majority of users don’t get to TL2 (it’s a 1:10:20 ratio on meta, for TL2+:TL1:TL0).

(Joshua Rosenfeld) #7

Alright, then back to feature request here - instead of simply preventing registration, could they be let through and put into an approval queue like the setting “approve new accounts” does? At the moment it seems very unfriendly, and not visible to staff if a user is blocked from registering.