Site-Related > News
Admin approval is now required for all account registrations
Spectere:
I honestly never thought the spam situation would get bad enough for things to come to this, but I've had it with this bullshit.
It doesn't help that SMF's development is pretty much glacial at this point, to say nothing for the plugin ecosystem, so trying to combat this by tweaking the settings or installing an addon has been pretty much futile. The methods that I used to use no longer install cleanly into 2.0.15 and I was pretty much over manually installing mods all the way back in the arch0wl.com days, so this is about the best "compromise" I could come up with.
All in all, I suspect it's going to be way easier to mass-delete inactive accounts every few days than deal with "hot fortnite xxx cock pussy creampie viagra" threads popping up daily, so that's the route I've decided to take. ¯\_(ツ)_/¯
Spectere:
Turns out these spammers also will occasionally register accounts and then keep them on the DL for a few weeks before posting with them. I dealt with that in a heavy-handed way by doing a comprehensive member list purge (i.e. anyone with zero posts whom I don't recognize). For the first time in quite a while the member count here is actually accurate!
Also, it's kind of surprising to me how many accounts were waiting in the e-mail approval filter (4200 over the span of two years!). I went ahead and purged that.
Bobbias:
Well considering what this site actually is, I'd say it's not a big deal. If someone from years ago shows up, either they have an existing account or they make a new one. If they make a new one, and actually care about posting I'm sure they will find a way to get it activated.
Spectere:
Yeah, that's what I figured. Considering the last legit-looking registration was from late 2017, I'm not too worried. I'll check it periodically, but I don't think it's going to require much in the way of maintenance.
I've also strongly considered jumping ship to another forum given SMF's frighteningly slow development pace. The last bugfix release of SMF 2.0 came out in November 2017. That's a long time for a PHP application to go without security fixes, and I constantly worry about having to deal with more than a few spam bots. I do have Apache running under its own user so I'm not too worried about someone rm -rf'ing my server, but you don't need root to make legit servers do some nasty things.
What's worse is that they aren't even keeping pace with PHP. I dare not ask how much many times the string "8192: Function create_function() is deprecated" appears in my SMF database. That was deprecated in PHP 7.2 (which was released over a year ago) and Simple Machines seems to have no plans to fix the issue. Sigh.
Upgrading to SMF 2.1 is also not a viable option, since the latest packaged beta was released even before 2.0.15 (June 2017). Sure, development is active on GitHub, but I'm not going to go through that song and dance.
So I dunno. Maybe I'll flip back to phpBB. I never thought I'd say this but that seems like a far better option at this point. They're actively releasing builds and third-party support for it has always been strong. I remember testing phpBB 3 when it was still fairly new and it was pretty solid (far better than the mess that was phpBB 2...woof), and I can't imagine it would have gotten worse over time.
Bobbias:
I... I don't even know what to say to that. I'm not comfortable with the idea that phpBB might actually be better than SMF now.
Navigation
[0] Message Index
[#] Next page
Go to full version