Skip to:
Content

BuddyPress.org

Opened 7 years ago

Last modified 5 months ago

#6049 closed enhancement

When certain spam filters are installed account gets activated due to spam filters following external link in the email.. — at Initial Version

Reported by: vimes1984 Owned by:
Milestone: 3.0 Priority: normal
Severity: normal Version:
Component: Members Keywords: has-patch needs-testing
Cc:

Description

Just had to fix this on a shared hosting account @ https://www.a2hosting.com, they run a spam filter called https://www.barracuda.com/products/spamfirewall
what this does it follow external links in any outgoing emails sent from the server in question. So when buddypress sends out it's activation link like so : http://example.com/activate?key=7678978978978789 it gets clicked on by the spam filter activating the account and rendering the activation link useless...
I think this is the ongoing issue with invalid activation links that some users are experiencing. I suggest we move the activate link to a actual button on page that needs to be physically clicked?
My temp fix was to add a deny from all into the .htaccess denying the server access to it's self.

Change History (0)

Note: See TracTickets for help on using tickets.