Skip to main content

Cookie settings

We use cookies to ensure the basic functionalities of the website and to enhance your online experience. You can choose for each category to opt-in/out whenever you want.



Analytics and statistics


This proposal has been implemented

  • Funded by by Decidim Association
  • Developed by Alexandru Lupu
  • Available in release 0.28 via #10039

Automatically report potential spam users

Avatar: Aram

The problem & context

There are many so-called “profile spammers” in all instances of Decidim. They create a profile, fill in the personal URL and bio, and then do nothing on the website, or sometimes post some content.

Proposed solutions:

The first time a user posts a link on their profile or elsewhere (comments, etc.) Automatically report this user with 1st option filled (Contains clickbait, advertising, scams or script bots).

  1. Strip links from profile and other places, until admins resolve its automatic report for the first time.The criteria for reporting will be something like: registered users in the last 60 days who completed a link in the profile bio or in the comments for the first time.

The proposed solution aims to deter “spammer users” by quickly detecting suspected spammers, automatically reporting and strip links to neutralize their clickbait function.

How do we propose to implement this?

It’s better to implement it in core, because it’s a general problem.

  • But many instances of Decidim need to fix this issue in a short time, and we also appreciate the possibility of implementing it as a module if it is not feasible to implement this improvement quickly in the core. What do you think about it, Product?

Funded by:

Some clients can collectively fund this improvement.

📌 Related issues recently “resolved”:

Some improvements already implemented on dev:

  • 3.2) Add no follow to profile urls #8779
  • 3.3) Add noreferrer and ugc to profile urls #9047

📌 Related discussions:

  • Related to Fighting Spam aka The Clone Wars #8239

📌 Other related issues in Meta:



Please log in

The password is too short.