This site uses cookies. By continuing to browse the site, you agree to our use of cookies. Find out more about cookies.

Propose new functionalities for Decidim software

#DecidimRoadmap Designing Decidim together

Phase 1 of 1
Open 2019-01-01 - 2030-12-31
Process phases Submit a proposal
Back to list

Ability to ban users or IP addresses

Avatar: Antti Hukkanen Antti Hukkanen
07/04/2020 14:53  

**Is your feature request related to a problem? Please describe.**
Decidim comes with a content moderation tool which is cool.

However, this does not provide the ability to ban whole user accounts or possibly IP addresses. This is necessary in order to moderate the content on the website correctly.

We have had reports of such users spamming the content section full of junk content and advertisements. It is quite a big job to go over all these posts individually and moderate them as we are not even requiring the users to confirm their email address to allow them on the platform.

**Describe the solution you'd like**
There should be new moderation tools available for the system:

  • Ban a user account
  • Hide all content (automatically moderate it) posted by the banned account (this should be optional as there can be still users with valid content banned otherwise)
  • Ban IP addresses (the user accounts are already storing the last IP address they used, so this information can be further utilized for the IP ban)


**Describe alternatives you've considered**
Currently we are adding the IP bans directly to the server configuration which is inconvenient to manage.

**Additional context**
There could be also automatic banning measures, e.g. if the same user has 5 messages hidden by moderation during the last hour, they are automatically banned.

**Does this issue could impact on users private data?**
Yes, storing of the IP address. But Decidim is already doing that.

Endorsements count7
Ability to ban users or IP addresses Comments 2

Reference: MDC-PROP-2020-04-15224
Version number 1 (of 1) see other versions
Check fingerprint

Share link:

Please paste this code in your page:

<script src="https://meta.decidim.org/processes/roadmap/f/122/proposals/15224/embed.js"></script>
<noscript><iframe src="https://meta.decidim.org/processes/roadmap/f/122/proposals/15224/embed.html" frameborder="0" scrolling="vertical"></iframe></noscript>

2 comments

Order by:
Avatar: Antti Hukkanen Antti Hukkanen

This is becoming more and more crucial.

Recently in one of the instances in Finland there has been an invasion of a Delhi based SEO company which has registered about a hundred accounts to the website in order to get link backs to their clients' sites and in order to increase their SEO relevance.

There is currently no means for admin users to ban and/or delete user accounts which are not following the terms of service and are trying to abuse the service.

In addition, it would be important for the admin users to be able to delete user accounts from the system. This need can arise when someone sends a manual GDPR request to forget all their info. Currently admin users are helpless in order to comply with these requests and they have to turn to the system maintainer to perform these requests.

Avatar: Daniel Daniel

Add your comment

Sign in with your account or sign up to add your comment.

Loading comments ...