Bug? White listed spam host domains failing


(Lisa Wess) #1

Hi all,

We have a limit of 4 links in a post for a new user. We also have a few whitelisted domains:

However, despite that list - which hasn’t changed in a few days, we just received system notification for a moderation action:

So I have a few questions:

  1. Is this a bug?
  2. Does wildcarding work? If not - huge feature request from here; we have many subdomains.
  3. Why did the system block this and include “discuss.newrelic.com” in the list when it is whitelisted?
    Thank you!

(Jeff Atwood) #2

There is no wildcard support here. However, it was my understanding that listing the domain automatically allows all subdomains too.

I am also pretty sure that the site itself is not the source of spam, e.g. you do not need to have discuss.newrelic.com in there. Self links are always allowed…

In this case the other domains are likely the issue, eg coreos.com and deis.io


(Kane York) #3

Yep, the only entry actually doing anything there is github.com.


(Lisa Wess) #4

I find it confusing that it lists domains that are allowed; I did not find the error clear in that it was blocking only due to the other domains. Specifically:

The user is still able to create new posts that do not link to docs.newrelic.com, coreos.com, discuss.newrelic.com.

I find that I get messages from our mods on this as well. Perhaps a review of the verbiage for this one could make it more clear?


(Mittineague) #5

Inserting “external” ?
i.e.
“A list of external domains excluded …”


(Lisa Wess) #6

That would work so long as the ones that are whitelisted don’t appear. What threw me here was seeing domains that are in the Whitelist listed as ‘blocked’ in the private message.

In the error I quoted the PM should have listed only ‘coreos.com’ and deis.io’ - not our domains.

Make sense?


(Jeff Atwood) #7

What was listed in the message should have been the domains the user tried to post over and over in their posts – it is not listing anything except what the user entered.


(Lisa Wess) #8

I understand that now; I don’t understand that from the error though.


#9

Hello, Just to be sure I have well understood. Will the following setting allow anything coming from HTTP://anything.newrelic.com, HTTPS://anything.newrelic.com, HTTP://newrelic.com, and HTTPS://newrelic.com ?