Universal Sea
Fri 8th Dec '00, 11:28am
this would save a lot of hassle down the road in terms of security. two weeks ago we banned a bunch of people for no reason other than they did not fit it with our community's future and were too negative all the time. we have a history of not banning people regardless of what they do, but times do change. the natural reaction when banned is to either try to get the board shut down (hi James :) ) or register more aliases to return and cause problems.
i think the latter could be avoided by the following:
the IP should be logged when the person signs up for a new account and that should be made viewable to admins. this way, admins would be able to see if the IP matches any of our old users, or if they are from the same area (assuming the admins know about Trace Route or more advanced programs), and make a decision based on that. we have gotten so many new members in the past two weeks, i am not sure if they are from our recent marketing push, increased radio exposure, or troublemakers registering all over again. being suspicious of everybody does not make the newbies feel welcome. Also, people don't sign up for new accounts with Anonymizer or similar IP-masking services, because they dont think we can see their IP just for logging in. (note to other admins: ban these IP strings immediately anyways, don't trust people who surf anonymously...)
i do really, really enjoy the "one account per computer" cookie, however if cookies are cleared then this doesnt stop anything. also, the "one email address per username" option is also great, but all of our troublemakers are a little savvier, and like myself, have access to unlimited email addresses spanning multiple domains.
the object of "security" in general is "fending off problems before they arise" and i think this is a viable solution.
next idea:
Selective Administrative Priviledges
we have a third admin on our board that i really worry about giving full administrative powers to. not that i dont trust her, but one simple mistake could take down our entire board, and i would hate to be called in the middle of the night with the news "what happens when you prune everything older than 1 day from all forums?"
there should be a happy medium. perhaps the main administrator (the person who is the board "owner" - who should never, ever be allowed to be deleted or locked out, btw, as it happened to me last month) can assign the sections of the admin panel that may be accessed by other admins. For example, i do not want other people to be able to touch the templates or any other highly crucial elements of the site.
Finally: i am sure it has been discussed here, but just to reiterate the need for this - mass-moving and pruning by checkboxes is a must. i spend a couple of hours a week moving old threads one at a time to a permanent "classics" forum. on the old ezboard we could select all of the necessary threads from a page and move them or delete them at once. returning to the original forum rather than the new forum would also be more convenient.
thank you and good day.
i think the latter could be avoided by the following:
the IP should be logged when the person signs up for a new account and that should be made viewable to admins. this way, admins would be able to see if the IP matches any of our old users, or if they are from the same area (assuming the admins know about Trace Route or more advanced programs), and make a decision based on that. we have gotten so many new members in the past two weeks, i am not sure if they are from our recent marketing push, increased radio exposure, or troublemakers registering all over again. being suspicious of everybody does not make the newbies feel welcome. Also, people don't sign up for new accounts with Anonymizer or similar IP-masking services, because they dont think we can see their IP just for logging in. (note to other admins: ban these IP strings immediately anyways, don't trust people who surf anonymously...)
i do really, really enjoy the "one account per computer" cookie, however if cookies are cleared then this doesnt stop anything. also, the "one email address per username" option is also great, but all of our troublemakers are a little savvier, and like myself, have access to unlimited email addresses spanning multiple domains.
the object of "security" in general is "fending off problems before they arise" and i think this is a viable solution.
next idea:
Selective Administrative Priviledges
we have a third admin on our board that i really worry about giving full administrative powers to. not that i dont trust her, but one simple mistake could take down our entire board, and i would hate to be called in the middle of the night with the news "what happens when you prune everything older than 1 day from all forums?"
there should be a happy medium. perhaps the main administrator (the person who is the board "owner" - who should never, ever be allowed to be deleted or locked out, btw, as it happened to me last month) can assign the sections of the admin panel that may be accessed by other admins. For example, i do not want other people to be able to touch the templates or any other highly crucial elements of the site.
Finally: i am sure it has been discussed here, but just to reiterate the need for this - mass-moving and pruning by checkboxes is a must. i spend a couple of hours a week moving old threads one at a time to a permanent "classics" forum. on the old ezboard we could select all of the necessary threads from a page and move them or delete them at once. returning to the original forum rather than the new forum would also be more convenient.
thank you and good day.