When users join your Higher Logic Vanilla (Vanilla) community, they have to be "verified." This verification is a security measure to prevent automated spam attacks in your community.
Admins can enable the Verify browsers of new members feature — and set a "number of days" threshold — so that new, not-verified members who have been in the community for less than that specified threshold are prompted to complete a Cloudflare challenge (either Captcha or Checkbox).
⚠️ IMPORTANT: This feature is not recommended for communities that do not have issues with spam.
What is a "not verified" user?
This feature only affects users who are not verified. But, what is a "not verified" user?
Check out the following discussion post to learn more:
Verification of new members
When someone first joins your community, they are, initially, considered "not verified."
If this feature is enabled, those "not verified" users will be prompted to complete a Captcha or Checkbox challenge in order to verify that they are a person rather than a bot.
✅ TIP: You can set a cutoff threshold to exclude existing, established members from this challenge.
Web browser caveat
The Cloudflare challenge that this feature uses is browser-based.
This means that, if a new member completes the challenge and then logs in again, but:
- via a different browser AND
- within the cutoff threshold…
…that user will have to again complete the challenge.
This caveat also applies to incognito windows; the challenge will display again.
Enable the verification
- Access the Dashboard.
- Navigate to Moderation > Settings > Premoderation Settings.
- Toggle the Verify browsers of new members setting to the right (enabled).
A confirmation message briefly displays in the lower left.
Now, all not-verified users who have been in the community for fewer than the specified number of days will be required to complete a Cloudflare challenge.
The next section describes the cutoff setting.
Set a cutoff threshold
Use this setting to set a "minimum number of days" threshold for the verification challenge.
📝 NOTE: This setting is dependent on the above verification feature; it has no affect in your community if that feature is not enabled.
How it works
The threshold is based on the number of days since a member's registration date. Members whose registration dates are older than this value are not presented the challenge.
Example
If you set the cutoff age to 7:
- Only not-verified members who registered less than 7 days ago will be required to complete the challenge.
- Verified members who have been in the community more than 7 days are exempt from the challenge.
This setting allows community admins to balance user experience with security precautions by ensuring that long-term community members are not challenged.
Use cases
- Active Spam Attacks: If your community is currently experiencing spam attacks, enable this feature in order to filter out potential spam bots. New, unverified members will have to verify their identity through the challenge.
- High-Risk Periods: Enable this feature during high-risk periods, such as after a major event or during high-traffic times, when the likelihood of spam attacks is higher.
Best practices
Security is paramount in any online environment, and especially so in a community that has members' personal data.
So, while security measures are necessary and appreciated, it's important that they are not overused to the point of annoyance to your members.
Overuse of this feature could be detrimental to the user experience in your community. So use it judiciously, especially if your community is not regularly targeted by spam attacks.
