| Author |
Message |
dad7732
RavenNuke(tm) Development Team
Joined: Mar 18, 2007
Posts: 1242
|
 Posted:
Mon May 11, 2009 11:40 am |
|
I have had three users that were deactivated AND removed in the last 48 hrs for TOS breach. Today, all three have re-applied from the same IP's and the same usernames, etc.
My suggestion would be to make "remove" permanent, they cannot re-apply, and in cases where a user asks to be reinstated via email, we can do so, just like in Sentinel where you can unblock a user.
Cheers |
| |
|
|
|
jakec
Site Admin
Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom
|
| Posted:
Mon May 11, 2009 11:59 am |
|
Either leave them as deactivated, or add their username to the blocked username strings. |
| |
|
|
|
|
dad7732
|
| Posted:
Mon May 11, 2009 12:28 pm |
|
Actually what I did with the three mentioned was to remove and block their IP's in Sentinel. Where do you block a "username" ? Musta missed that one. |
| |
|
|
|
|
jakec
|
| Posted:
Mon May 11, 2009 12:30 pm |
|
Click on the Limits tab in RNYA. |
| |
|
|
|
|
dad7732
|
| Posted:
Mon May 11, 2009 12:53 pm |
|
Saw that (didn't realize you could enter an actual username), but what if a user changes their blocked username from "Charlie" to "Pete"? Back to my original suggestion I guess - one click they're gone, one click they're back. There are always several hoops to jump through to affect an issue, the less moves the better IMHO.
Cheers, thanks for the suggestions. |
| |
|
|
|
|
jakec
|
| Posted:
Mon May 11, 2009 1:02 pm |
|
If you want the option to bring them back leave them as deactivated. |
| |
|
|
|
|
dad7732
|
| Posted:
Mon May 11, 2009 2:27 pm |
|
Ok ... where is the table in the DB with deactivated users? If I had to guess, it would be in the usual "users" table and flagged as "active = 0". |
| |
|
|
|
|
duck
Involved
Joined: Jul 03, 2006
Posts: 273
|
| Posted:
Mon May 11, 2009 10:49 pm |
|
Just so you're aware it is IMPOSSIBLE to keep someone from your site who wants there who knows what they're doing. |
| |
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
|
| Posted:
Mon May 11, 2009 11:32 pm |
|
duck, that is quite true. It's just a question of making it as difficult for them as possible with the least amount of effort - proxy blocking, string blocking, IP blocking etc.
For the record, I think there was some discussion when RNYA was being developed about automatically banning username/email address/IP for users who were 'deactivated' but I don't know if that is still being planned or even viable for the future or not. |
| |
|
|
|
dad7732
|
| Posted:
Tue May 12, 2009 6:26 am |
|
Effective use of "hosts.allow" and "hosts.deny" is a wonderful tool if you know how to use it. But yes, you can't keep every undesirable element from accessing the server BUT you can employ some limitations that make it difficult such as "admin approval". The more control the better.
Cheers |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
