Allow to disable "Edit own comments" to limit Spam in large public trac
|Reported by:||Owned by:|
Users are able to edit comments, and there is no email notification to let the admin know, a comment was edited. This can cause a lot of hidden spam in large public trac instances.
Proposals for a fix:
- Please add a new Permission TICKET_COMMENT_EDIT
- Set by default to logged in users for new Trac installs & possibly update
- We will disable it for our trac instance
- (optional but would be very nice) Add setting to enable email notifications on comment edits.
We take great pride in keeping our Trac clean, free of spam, and high quality bug descriptions, comments, and community. New comments sent email notifications. We can verify each email from trac, and see if users added links in the content. This way we edit the comments, or delete the tickets, that are spammy.
However, email notifications are not sent when users edit their comments. Therefore, users can create a legit comment (or copy paste a previous comment which we wouldnt notice), then update it to add spam links in it.
we have already noticed one link added this way to a dodgy site.
I manage a large fully publicly available Trac instances, 3500 tickets some with hundreds of comments, for a major open source project. We were using an old version of Trac. we have updated to 1.0 and now use DB rather than sqlite which helps with performance and stability. Some of our tickets contain original research and a lot of interesting information, are linked from other websites etc. as a result, we also have a huge amount of spam of links from the trac to benefit from the SEO.
Thank you for your consideration of this and to release a new version. Thanks for Trac it's an amazing tool !!
Change History (26)
comment:2 by , 8 years ago
|Component:||general → notification|
|Milestone:||next-stable-1.0.x → next-dev-1.1.x|
|Priority:||high → normal|
follow-up: 26 comment:12 by , 8 years ago
|Milestone:||next-dev-1.1.x → next-stable-1.0.x|
|Type:||enhancement → defect|
comment:25 by , 3 years ago
|Status:||new → closed|