Project

General

Profile

Actions

Task #3795

open

Create a Discourse plugin to enforce manual approval of posts for users from certain IP ranges

Added by Beluga Beluga 9 months ago. Updated 3 days ago.

Status:
In Progress
Priority:
High
Category:
AskLibO
Target version:
-
Start date:
Due date:
% Done:

0%

Tags:

Description

Due to a targeted spam campaign, our authentication system currently blocks a whole Autonomous System Number (ASN) of an ISP. As the spam targeted Discourse, it would be optimal to implement a less heavy-handed anti-spam measure on Discourse's side.

A solution could be to "remix" these two plugins:

https://meta.discourse.org/t/force-specific-users-through-moderation/58179
https://github.com/leodavidson/discourse-forcemoderation

https://meta.discourse.org/t/geo-blocking-plugin/227824
https://github.com/communiteq/discourse-geo-blocking

Basics of plugin development:

https://meta.discourse.org/t/developing-discourse-plugins-part-1-create-a-basic-plugin/30515

The Geo Blocking plugin author even proposed reusing his code for this exact purpose in a recent discussion

Actions #1

Updated by Beluga Beluga 9 months ago

Guilhem noted that Discourse's Watched Words feature might also be hooked into somehow to implement the approval of posts:

https://meta.discourse.org/t/watched-words-reference-guide/241735

Here is one plugin that messes with watched words:

https://github.com/discourse/discourse-watched-word-exceptions

Actions #2

Updated by Beluga Beluga 9 months ago

Another comment from Guilhem:

for the asn databases, we already have some logic in place to keep it up to date (atm it's only used by matomo but it's generic and could be applied elsewhere). I assume there is a ruby api to query that db, otherwise we could let the httpd do the lookups and stamp the requests before passing them along to rails

Actions #3

Updated by Juan José González about 1 month ago

  • Status changed from New to In Progress
  • Assignee set to Juan José González
Actions #4

Updated by Juan José González 17 days ago

Hello,

I forked the geo blocking plugin and integrated some logic to force moderation on posts of comments and new topics.

https://github.com/juanjosegzl/discourse-geo-blocking

It needs a free apikey from maxmind to IP reverse lookup.

Actions #5

Updated by Guilhem Moulin 17 days ago

It needs a free apikey from maxmind to IP reverse lookup.

I'm fairly sure 3rd party requests would violate the privacy policy. But we have GeoIP files (.mmdb) respectively mapping IPs to City+Country and IPs to ASNs, so the lookup can happen locally without leaking sources to external entities.

Actions #6

Updated by Juan José González 3 days ago

Hello Guilhem

sorry for the weekend message

I have confirmed you can upload /workspace/discourse/vendor/data/GeoLite2-{City,ASN}.mmdb to use the local databases with the plugin

My changes are currently on a pull request to the main repo https://github.com/communiteq/discourse-geo-blocking/pulls

Actions

Also available in: Atom PDF