Gossamer Forum
Home : Products : Gossamer Forum : Discussion :

banning users

Quote Reply
banning users
Can you ban a user by the email address they use to sign up? This would be an extra deterrent against users who try to sign up again with a different name and on a different IP. Can you ban by cookies? Again, not foolproof, but if cookies are set on a users machine could they be used to ban that user?

Jason
Quote Reply
Re: [wickedmoon] banning users In reply to
One suggestion...You should double check the email address upon account creation. This would reduce duplicate email accounts. Of course, if someone has unlimited email aliases, then this wouldn't work.

The problem with cookies is that someone could simply delete the cookies.

The only workable solutions at this time would be using IP address and UserID as two methods of "Banning" users.

Unfortunately, there is no foul-proof method of banning users.
========================================
Buh Bye!

Cheers,
Me

Last edited by:

Heckler: Dec 8, 2001, 7:52 PM
Quote Reply
Re: [Heckler] banning users In reply to
I was thinking in terms of most users being ignorant of the various banning methods, and so if you have three methods of banning as opposed to two, you're a few steps closer to achieving your aim, even though acknowledging there is no foolproof method. I mention cookies as it's one of the things we're thinking of implementing as a means of banning in some software I'm developing.

I don't know if any of this has been mentioned before, but if I ban a user from a forum how do I remove the ban? They don't show up from Users > Edit Bans in admin. Maybe this has been changed in v1 (I'm still on 0.9.4). It would be handy to have a "ban all forums" button with easy access for moderators from the forums themselves to edit banned users and IPs.

Jason
Quote Reply
Re: [wickedmoon] banning users In reply to
To add to the above, could we make it easier to manage banned users by having a list (like the list of IPs) of emails that are not allowed to use the forum? Of course people can use other email addresses to sign up, so to make these banning features more effective I would suggest allowing any email address to be verified when signing up, but if that address matches one on the ban list then the user is sent confirmation "you are a member", but when they try to login to the site they just get an "error has occurred" message.

Jason
Quote Reply
Re: [wickedmoon] banning users In reply to
And maybe a feature to add all IPs logged in the forum that a user has written messages through, to save having to collect them by hand.

Jason
Quote Reply
Re: [wickedmoon] banning users In reply to
And again, you missed my point. Banning by email address is not a wise idea since people may have multiple alias addresses, which means they can continue to create new accounts and thus use your forum.

Yea, okay, let's play devil's advocate...so, people have multiple alias addresses...so, you could ban by domain, which again would disenfranchise legitimate users on that domain.
========================================
Buh Bye!

Cheers,
Me
Quote Reply
Re: [Heckler] banning users In reply to
Someone's missed a point, but it isn't me. We already know no method is foolproof, I don't know whether I need to mention that twice or a dozen times before it's understood, but we're not talking about certainties, just raising the odds of keeping your average user banned.

Banning by domain of course is stupid, that doesn't even need to be mentioned. Yes, you'd "desenfranchise" all those Yahoo and Hotmail users. Users who have their own domains, where the method might work, are generally webmasters who aren't going to fall for it anyway.

Jason
Quote Reply
Re: [wickedmoon] banning users In reply to
Well, again, even if users don't have aliases on certain email domains, the user can still get another email account and come into your forums.

Don't underestimate even the "average" computer user who probably knows enough to do the following:

1) Delete cookies on a periodic basis.
2) If they're banned based on email address, they'll get another one.

I guess my point is that the only methods that would be non-intensive to maintain would be banning by IP address and by their UserID.

If you're interested...I provided codes for banning users by IP Address/Domains in the Links v.1.X Forum (includes creating tables for the IP Addresses and Domains) for adding links, which can be ported into the GT forum software.

Goodbye and good luck!
========================================
Buh Bye!

Cheers,
Me

Last edited by:

Heckler: Dec 11, 2001, 7:41 AM
Quote Reply
Re: [Heckler] banning users In reply to
In Reply To:
2) If they're banned based on email address, they'll get another one.
Of course, but that's why I said it's best implemented with a login/error has occurred message. With all these methods the average user won't know what's coming at them. Of course, banning by IP is one of the best methods, that goes without saying, but that doesn't mean the other methods aren't useful. I know there's been a lot of fuss over cookies, but I don't give mine a second thought. The last time they got deleted was when I had to reformat the drive. Whether that's wise or not is another story, but I think it demonstrates the level of apathy you can expect.

In Reply To:
Goodbye and good luck!
Thanks for the feedback :)

Jason