I just had to spend ages in MySQL restoring everything because this thing decided in the cron that my #1 admin's username matched a spammer and it deleted every fricken blog on my whole site!!!! Grrrrrr

Can you please make it check and not allow it to nuke someone flagged as staff or admin???

TY

Comments

bengtan’s picture

Hi,

Oops. Sorry :)

There is a check on the user/NN/spambot page to not touch the admin account (Account #1), but there isn't a corresponding check in the cron code. Yes, I should add this check in.

However, this will only prevent actions against account #1. It won't prevent any actions against specific roles because spambot doesn't know which roles are important or and which are not.

bengtan’s picture

Status: Active » Fixed

Hi,

Fixed and committed.

I've added a new permission 'protected from spambot scans'. Any user accounts with this permission (assigned with roles), including user #1, will only be logged during account scans. They won't be blocked or deleted.

This allows you to protect accounts by assigning the relevant roles and permissions.

The commit for this issue is:

http://drupalcode.org/project/spambot.git/commit/b0ca549fd85b7a3fd00cabc...

for 6.x-3.x and

http://drupalcode.org/project/spambot.git/commit/b17ba85358f004a64182253...

for 7.x-1.x.

Development snapshots should be available shortly.

Thank you.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.