[buddypress-trac] [BuddyPress Trac] #6049: When certain spam filters are installed account gets activated due to spam filters following external link in the email..
buddypress-trac
noreply at wordpress.org
Wed Nov 26 23:39:15 UTC 2014
#6049: When certain spam filters are installed account gets activated due to spam
filters following external link in the email..
--------------------------+-----------------------------
Reporter: vimes1984 | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Core | Version:
Severity: normal | Keywords:
--------------------------+-----------------------------
Just had to fix this on a shared hosting account @
https://www.a2hosting.com, they run a spam filter called
https://www.barracuda.com/products/spamfirewall
what this does it follow external links in any outgoing emails sent from
the server in question. So when buddypress sends out it's activation link
like so : http://example.com/activate?key=7678978978978789 it gets clicked
on by the spam filter activating the account and rendering the activation
link useless...
I think this is the ongoing issue with invalid activation links that some
users are experiencing. I suggest we move the activate link to a actual
button on page that needs to be physically clicked?
My temp fix was to add a deny from all into the .htaccess denying the
server access to it's self.
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/6049>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list