What to do with the trash?

  • Resolved PSCGOhio

    (@pscgohio)


    9 years, 12 months ago

    All these sites are using 4.0.1 w/ 2.1.3 of the plugin.

    Unless I’m missing it, there’s no report on who hasn’t confirmed and therefore is more than likely bogus? It’s letting them sign up, they get a temp PW to try to log in again, then hit Rublon. That’s OK, but there’s no way to tell that I can find if they’ve completed things?

    And then of those who don’t, how do we know to get rid of them? And they get an IP in their confirmation e-mail, but we don’t see that on the Admin side at all. If they’re from certain areas, we’d have the option to IP block them on the server if we had a clue what IP they were using. It’d also let us see if the same target(s) are taking shots at us.

    https://www.ads-software.com/plugins/rublon/

Viewing 6 replies - 1 through 6 (of 6 total)
  • Thread Starter PSCGOhio

    (@pscgohio)

    Oh, if nothing else for simplicity, if those conf e-mails could CC the Admin since that’d be inside WP’s basic info that would help resolve things as the Admin could see what’s going on. Clicking on the R icon in Users would be easier to see the status or that R not appearing until they’ve confirmed themselves.

    Plugin Author Rublon

    (@rublon)

    Hey PSCGOhio

    Thank you for your suggestions. We currently do not provide an analytics dashboard for Rublon that would allow you to see all the data and statistics that you are writing about. We do plan to make one available in the future.

    CC’ing anybody besides the user himself on the confirmation emails would not make it possible to verify the identity of the user because we would not be able to determine who really clicked on the confirmation link.

    Thread Starter PSCGOhio

    (@pscgohio)

    Gotcha, hopefully we’ll see that soon! Not so much the analytics but more just an indication who’s signed up and failed Rublon verification after X amount of time. That way we’d know what to get rid of, we had to blow out a group based on what ‘appeared’ to be bogus and the lack of login action afterwards using the Log Analyzer plug in. Just was wondering if there was a simpler way to set a timer to expire the bogus attempts so they don’t clog the Users.

    Plugin Author Rublon

    (@rublon)

    Hi PSCGOhio

    Thank you for your suggestions. Do we correctly understand that you would like to use Rublon not only for account protection, but also to get rid of bogus accounts that get registered on your WordPress website? Accounts with email addresses that are fake and thus nobody has access to them, resulting in not being able to make it past Rublon during login?

    All the best
    Rublon Team

    Thread Starter PSCGOhio

    (@pscgohio)

    Absolutely correct!

    Basically if there was a ‘timer’ that starts when someone creates an account and then fails to complete the Rublon verification within X amount of time (we define that variable in Rublon settings) then it either marks that User account for review pending deletion and/or marks the User account to just be deleted completely. That way the abusers can’t overload a ton of bogus accounts they’ve made and if someone is trying to create a fake account as someone else who doesn’t do the verification they’d also get cleaned out.

    Doing it manually now, I have to review the event log to see if that User account’s ever even tried to log in again which is time consuming.

    Plugin Author Rublon

    (@rublon)

    PSCGOhio, that is a great suggestion. Thank you! We will discuss it internally and put it on our backlog. Please ping us at [email protected] and we will keep you up to date on this feature.

    We’re marking this topic as resolved.

    All the best
    Rublon Team

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘What to do with the trash?’ is closed to new replies.