Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Some users are currently experiencing over capacity errors. Check
http://status.vanillaforums.com/ for updates.
http://status.vanillaforums.com/ for updates.
Banning users
Hello, I'm seeking some feedback about banning trolls. We've got a user on the Car Talk board who has been causing all sorts of ruckus, and we've now banned him for community guideline violations for the second time. (I banned both IP addresses he has used for these inflammatory comments.) Problem is, he is re-registering and generating a new IP address for himself as soon as we ban him. Is there any other way to keep on top of the situation, or are we going to have to keep banning him as soon as he re-registers under a proxy or new IP? Thanks for any input.
This discussion has been closed.
Comments
Here are a few options that we've seen people adopt that helped them stop folks like this:
1. Admin-approval: require that new users enter some information about why they want to join and have moderators review the applications. It makes joining a bit of a pain, and may turn potential new users away as they don't get instant access.
2. Social-connect-only: only let your users gain membership access by connecting with their Twitter or Facebook accounts. This way the user will need to create a new bogus account at facebook or twitter every time they get blocked by you - which is a painful/difficult thing to do.
It's really a pain, because you need to draw the line between preventing the troll from getting in and not raising the walls of the palace so high that no-one else can get in either.
I've been thinking of making a new plugin for times like this where you mark the person as a troll, and instead of banning them or stopping their access, you can hide all of their comments & discussions from others - so only they can see their own comments, and they aren't even aware that they're hidden from everyone else. The idea is that they would never know that their contributions have been hidden and eventually they'd just leave because no-one is responding to them anymore. They'd just think that everyone is ignoring them.
1. Email Confirmation Feature - We have a feature in Vanilla that allows you to make new registrations confirm their email address. This means that they can't just make up bogus email addresses at random. The emails have to actually exist, and the users will not be able to sign in until they click a link in their email (we can help you set this up if you like).
2. Take Legal Action - Trolls hide behind their computers. Face them in real life, and they tend to run with their tail between their legs.
3. Do not EVER interact with trolls - Don't send them emails, don't comment on their discussions, don't comment on their walls. Any response from you will only spur them on.
The nature of the internet allows folks like this to randomly change their IP address. It's not something that a novice can do, but it is pretty easy for someone who works on the web. This is a problem that you're going to encounter with any community platform. There is no way to completely identify someone and block them. The "Ban by IP" is a false hope that most community platforms rely on to keep their customers happy - but it only works on those who don't know how to get around it.
This is why dealing with trolls and spammers is just so darn tough. We have a bunch of things we're working on for future releases of Vanilla that will greatly help with fighting these people, but the bottom line is that there is no silver bullet. Just a variety of options that have both positive and negative effects. We're happy to work with you to find the right combination of options that work for you.
I've written the plugin I mentioned above and I'm doing final testing on it now. I'll see about putting it onto your forum this morning and blocking this user. But if he has a bunch of accounts, it is simply going to require some dedicated administrative work to make sure he gets blocked.
68.69. I added two wildcard bans into your list: The%character stands for a wildcard which you can use too to prevent people with a block of ip addresses from registering to your site. I don't recommend using wildcards too much as you might inadvertently ban people that have an isp close to the offending person.Thanks for your thoughts. We have implemented e-mail confirmation, and our troll hasn't used all of his accounts. (They stay at the Confirm E-mail status.) We've also stopped interacting with him, and we're going to get in touch with the NPR lawyer today, most likely.
I understand how hard it is to truly ban someone who knows his way around the web stuff, and I thank you for your help. Todd, that's a good idea you had about the wildcard bans.
We're pretty much resigned to trailing after him and removing his posts and new accounts, but we appreciate your input greatly!
I think before we start marking people as trolls, we should see how Todd's IP banning works.
Also, part of my troll plugin fingerprints users so you can see which users are sharing accounts. As people log out of one account and into another, you'll start to see a "Shared Accounts" box in those user's profiles that shows all of the accounts they've signed in with. It should make tracking users across accounts a lot easier. Note that you will need to have "Edit User" permission in order to see that shared accounts box.
Finally, in one of your other correspondences with us, you mentioned that you turned on administrative approval, but you had a large number of people up for approval as soon as you did. This was because of misconfigured roles, and @Todd jumped in and fixed that for you. If you turn this feature on, it should only affect users moving forward.