Propose new functionalities for Decidim software
#DecidimRoadmap Designing Decidim together
Ability to ban users or IP addresses
**Is your feature request related to a problem? Please describe.**
Decidim comes with a content moderation tool which is cool.
However, this does not provide the ability to ban whole user accounts or possibly IP addresses. This is necessary in order to moderate the content on the website correctly.
We have had reports of such users spamming the content section full of junk content and advertisements. It is quite a big job to go over all these posts individually and moderate them as we are not even requiring the users to confirm their email address to allow them on the platform.
**Describe the solution you'd like**
There should be new moderation tools available for the system:
- Ban a user account
- Hide all content (automatically moderate it) posted by the banned account (this should be optional as there can be still users with valid content banned otherwise)
- Ban IP addresses (the user accounts are already storing the last IP address they used, so this information can be further utilized for the IP ban)
**Describe alternatives you've considered**
Currently we are adding the IP bans directly to the server configuration which is inconvenient to manage.
**Additional context**
There could be also automatic banning measures, e.g. if the same user has 5 messages hidden by moderation during the last hour, they are automatically banned.
**Does this issue could impact on users private data?**
Yes, storing of the IP address. But Decidim is already doing that.
List of Endorsements
Report inappropriate content
Is this content inappropriate?
2 comments
This is becoming more and more crucial.
Recently in one of the instances in Finland there has been an invasion of a Delhi based SEO company which has registered about a hundred accounts to the website in order to get link backs to their clients' sites and in order to increase their SEO relevance.
There is currently no means for admin users to ban and/or delete user accounts which are not following the terms of service and are trying to abuse the service.
In addition, it would be important for the admin users to be able to delete user accounts from the system. This need can arise when someone sends a manual GDPR request to forget all their info. Currently admin users are helpless in order to comply with these requests and they have to turn to the system maintainer to perform these requests.
Related:
➡️ Detect the use of spam-bots and ban non compliant users
➡️ Registro de bots (spam)
Add your comment
Sign in with your account or sign up to add your comment.
Loading comments ...