Task #3795
openCreate a Discourse plugin to enforce manual approval of posts for users from certain IP ranges
0%
Description
Due to a targeted spam campaign, our authentication system currently blocks a whole Autonomous System Number (ASN) of an ISP. As the spam targeted Discourse, it would be optimal to implement a less heavy-handed anti-spam measure on Discourse's side.
A solution could be to "remix" these two plugins:
https://meta.discourse.org/t/force-specific-users-through-moderation/58179
https://github.com/leodavidson/discourse-forcemoderation
https://meta.discourse.org/t/geo-blocking-plugin/227824
https://github.com/communiteq/discourse-geo-blocking
Basics of plugin development:
https://meta.discourse.org/t/developing-discourse-plugins-part-1-create-a-basic-plugin/30515
The Geo Blocking plugin author even proposed reusing his code for this exact purpose in a recent discussion
Updated by Beluga Beluga 9 months ago
Guilhem noted that Discourse's Watched Words feature might also be hooked into somehow to implement the approval of posts:
https://meta.discourse.org/t/watched-words-reference-guide/241735
Here is one plugin that messes with watched words:
https://github.com/discourse/discourse-watched-word-exceptions
Updated by Beluga Beluga 9 months ago
Another comment from Guilhem:
for the asn databases, we already have some logic in place to keep it up to date (atm it's only used by matomo but it's generic and could be applied elsewhere). I assume there is a ruby api to query that db, otherwise we could let the httpd do the lookups and stamp the requests before passing them along to rails
Updated by Juan José González about 1 month ago
- Status changed from New to In Progress
- Assignee set to Juan José González
Updated by Juan José González 17 days ago
Hello,
I forked the geo blocking plugin and integrated some logic to force moderation on posts of comments and new topics.
https://github.com/juanjosegzl/discourse-geo-blocking
It needs a free apikey from maxmind to IP reverse lookup.
Updated by Guilhem Moulin 17 days ago
It needs a free apikey from maxmind to IP reverse lookup.
I'm fairly sure 3rd party requests would violate the privacy policy. But we have GeoIP files (.mmdb) respectively mapping IPs to City+Country and IPs to ASNs, so the lookup can happen locally without leaking sources to external entities.
Updated by Juan José González 3 days ago
Hello Guilhem
sorry for the weekend message
I have confirmed you can upload /workspace/discourse/vendor/data/GeoLite2-{City,ASN}.mmdb
to use the local databases with the plugin
My changes are currently on a pull request to the main repo https://github.com/communiteq/discourse-geo-blocking/pulls