WordPress.org

Making WordPress.org

Opened 7 months ago

Closed 6 months ago

Last modified 6 months ago

#4035 closed enhancement (fixed)

Remove 'Edit' Capability for forum accounts flagged for moderation

Reported by: Ipstenu Owned by: dd32
Milestone: Priority: normal
Component: Support Forums Keywords:
Cc:

Description

In reviewing some of the more recent issues with user harassment and abuse, one of the tactics abusers have engaged in is editing a post to disguise their actions.

That is, they'll post something harmful, make sure it was emailed out, and then edit their post. We mitigate this, somewhat, with flagging users for moderation. This prevents @-messages and emails from being sent.

However from this, a new trend of abusive commenting has come to light. That is, people post a seemingly innocuous message, get it approved, and then edit it to be vile. This was used by a recent company banned from plugin hosting. They would actually triple edit.

In order to prevent this behaviour, and for the protection of users, I propose we alter the ability to edit a post on the forums. In addition to not permitting edits after 60 minutes have passed, I recommend we also prohibit the editing of posts if an account is on moderation watch.

Doing this would prevent them from abusing and harassing the community under the guise that because their post was approve, the moderation team condoned their actions.

Change History (7)

#1 @dd32
6 months ago

One side effect of this would be flagging the fact they've been modwatched by the fact they can no longer edit comments, as AFAIK we don't show that status anywhere else?

Is that a concern here at all? I'm not against making it clear they've been limited, but it might cause such people to bounce between new non-watched accounts?

Last edited 6 months ago by dd32 (previous) (diff)

#2 follow-up: @Ipstenu
6 months ago

IIRC they get alerted when they post that their post is held for moderation, so they already know that.

#3 in reply to: ↑ 2 @dd32
6 months ago

Replying to Ipstenu:

so they already know that.

Ah IIRC you're correct indeed. In that case, removing edit from such accounts gets a firm +1 from me.

#4 @dd32
6 months ago

  • Owner set to dd32
  • Resolution set to fixed
  • Status changed from new to closed

In 8041:

Support Forums: Moderation: Block users who are on modwatch from editing their threads/replies.

Fixes #4035.

#5 @dd32
6 months ago

Blocked.

There's also the option that we could allow them to edit their topics/replies *before* it's approved by a moderator, so minor corrections could be made.

However, I didn't implement it like that and instead removed the capability entirely, the primary reason was if you're on the edit screen and loose the capability, it causes an endless redirect that I couldn't figure out the source of.. so editing a post and having a moderator approve the previous variant of it would cause a deluge of requests to occur.

This ticket was mentioned in Slack in #forums by dd32. View the logs.


6 months ago

#7 @dd32
6 months ago

In 8117:

Support Forums: User Moderation: Allow modwatched users to edit posts, prior to the topic/reply being approved.

This is a follow up to #4035 where posting a new topic would result in a 404 page rather than the pending thread, simply allowing edits prior to approval seems the easiest solution.
Modwatched users are still unable to edit approved topics/replies as per #4035.

See #4035.
Fixes #4087.

Note: See TracTickets for help on using tickets.