He's setting the failed login attempts to 99, the user (or bot) has to pass captcha before being presented with login screen. It's a setting under security settings to prevent brute force attacks on an account.Mick wrote: Thu Feb 22, 2024 5:23 pm The main reason I mentioned putting the user on MQ (by whatever method) was the issue of emails. If it’s a genuine user who’s old email address is redundant he’ll never see the password reset email.
From my read of the extension Auto Groups featuresKevC wrote: Thu Feb 22, 2024 9:03 am Why is it impossible to put accounts in to another group?
If you could run a query (or even have a regular cron) that puts any account that hasn't logged in for, say, 2 years, in to the NRU or a group of your choosing with a mod queue on it, why not? People who leave forums for that amount of time rarely come back, and if they do, they could still post but it would need approval which is fine. If it's a hacked account being used for spam it wouldn't show on the forum and could be dealt with quietly by the team. Win win.
If I understand that correctly then it could be used to put them into either the Newly Registered Users (NRU) group or a "On Moderation Queue" group.Auto Groups Features wrote:Add users to group(s) based on days passed since their last visit.
Although so far my boards have escaped the onslaught that it what I have done to pre-empt the problem.P_I wrote: Fri Feb 23, 2024 12:29 am From my read of the extension Auto Groups featuresIf I understand that correctly then it could be used to put them into either the Newly Registered Users (NRU) group or a "On Moderation Queue" group.Auto Groups Features wrote:Add users to group(s) based on days passed since their last visit.
Excellent spot. That sounds like the perfect solution.
https://alldomains.hosting/en/whois.html
or for examplehttps://www.whois.com/whois/meettomy.site
Code: Select all
UPDATE phpbb_users
SET user_login_attempts = 99
WHERE user_type = 0
AND user_inactive_reason = 0
AND user_lastvisit < 1704063600;
I wish that were true. Despite posting repeated reminders on boards that I'm running we regularly find email notifications being bounced because members do not keep their email addresses updated and current. For far too many once they register and activate that's the last time they update their email address.ssl wrote: Mon Feb 26, 2024 10:00 am Furthermore, serious users always have an up-to-date email address.
... and even with a board wide notice reminding everyone, no one does anything about it.P_I wrote: Mon Feb 26, 2024 12:59 pm For far too many once they register and activate that's the last time they update their email address.