Like Cloudflare, Jetpack causes problems for visitors. Virtualmin’s use of it forces people in countries outside the US to jump thru hoops, if they can get in at all.
Please stop using it.
Thank you.
You’re the first person I’ve ever seen suggest that.
Do you have links for docs about what problems is causes?
We have to have it enabled for tax calculations, but if there are features of it that we can turn off that cause problems, I’ll be happy to do that.
Hi,
FYI: Will be different thing behind this, we have several servers in Netherlands (AMST) and we have never experienced this.
Well you have now.
So, it’s not about countries outside of the US, it’s about Tor. But, I don’t see any reason it should be hard for people using Tor to connect to our site, so I’ll look into it.
Then again, we are trying to prevent spam registrations, which have been absolutely insane for the past several years; we had nearly 100,000 registered users on the old site, and only about a third of those are “real”, as far as I can tell, but there’s no good way to tell with certainty which ones are real and which are spammers in progress until they post spam. Even with reCapctha on the registration page, we still seem to be getting a lot of spam registrations getting through.
I didn’t even know this was a thing Jetpack does. I’ve never seen it. So, I need to understand what it is. Maybe we actually want it (and will apologize to folks who run into it). If it prevents spam, I’m here for it, though I don’t really care for a third party asking our users for email. I need to see how that works.
It has nothing to do with Virtualmin or Cloudflare or Jetpack.
Your IP is on the blacklist. Either you or someone that has your IP before has been up to spamming and or other things and got reported.
Such a narrow-minded way of dealing with IP addresses is what causes problems. I happen to use a VPN, which is highly recommended for all people. We can’t go about blacklisting every VPN out there. That is stupid and causes no end to problems.
Yes and no.
A VPN is useful for browsing to maintain your privacy, but as far as being a vehicle for what is supposed to be a legitimate internet presence, no. It isn’t. At all.
VPN’s are the most abused forms of communication on the internet. Everybody knows that now. It’s what they use for everything from DDoS attacks to Brute Force attacks to all things in between.
Running VPN’s pretty much assures you that at some point you’re going to occupy one that has been abused.
Running the IP assigned to you by a reputable provider eliminates all of that. Unless, of course, what you’re doing isn’t really what you’re supposed to be doing and that’s why you’re not using it to begin with.
Edit to add: That’s what Cloudflare will also do for you: hide your actual IP while providing one for you that only traces to them. It’s the same thing.
Unless, again, you’re doing something you’re not supposed to be doing. Then of course Cloudflare would boot you off the network.
I understand if you are frustrated but this is not true for all VPNs… 
but nowadays you have to do serious IP lists and/or filtering
BTW:
pls. choose a serious VPN provider who cares about IP reputation
@KitchM “Such a narrow-minded way of dealing with IP addresses is what causes problems.”
and I completely disagree with this, sorry 
2 Likes
A good sysadmin will find a better way to handle problems than blocking IP addresses. There must be a million ways to solve any problem, and we humans are so stupidly narrow-minded. It is a wonder we get anything done.
When we do not focus on the needs of others, we always fail. I hate the company web sites that stop me from visiting them when I am abroad. Shame on them. That is simply lazy. Such behavior remains without excuse.
You are the one refusing to make a simple change to solve all of your problems and blaming everybody else for them.
Again, the narcissism you are displaying is unbelievable. You are the one with the problem. It is not everybody else.
Take some responsibility. Make a simple change. Then you will have no problems.
2 Likes
This is getting personal. If y’all can’t keep it polite, just don’t reply.
I’ve said I’ll look into it, but I also consider preventing spam a very high priority. If a free-for-all is your requirement for participation, @KitchM, this will never be that. I do want everyone to be able to login and participate with minimal hassle, and I don’t have any desire to do invasive tracking or user data gathering…but, also, I won’t waste my life battling spam and abuse. Never again. This is our private community, and it has requirements for participation. I hope I can minimize the hassle for you, but turning off all the automated tools that prevent abuse is not an option I’ll consider (but turning off this particular feature of JetPack might be, if I find a reasonable alternative).
2 Likes
@KitchM as you said
,I happen to use a VPN, which is highly recommended for all people. We can’t go about blacklisting every VPN out there. That is stupid and causes no end to problems.,
well I use VPN to connect home only, VPN does not protect your privacy at all it protect you from hack into network you are connected to…since you just hide your IP which is okay with me, the end point server see it, yeah VPN was designed to secure you from home to private network not from wild net… if you believe opposite, I guess I will leave it with you… there is tons of video’s or wikis about this.
it’s not stupid it is just showing you how stupid people can be when they use wrong decisions with wrong technologies 
I disagree, if you do not understand what VPN was designed for you’re light years away form sys admin not to mentioned DevOps.
@Joe just readed your post, you’re right just lock this thread or delete it. it’s amazing how many just cheawing… btw if he wants support in ,his practicular and precious way, let him pay virtualmin team with support ticket, I’m sure he would be glad to resolve his issue with your team 
edit so happens to you @KitchM I would suggest to change your VPN provider as well -if you on spammers IP from them, they must have previously pretty rubbish and fake recommendations…just you know I happen to send weekly reports to sites which check those ips and when hack or spam or any abuse on that IP was done, it’s done and dusted on internet…even in USA. so if they resel that IP it will be almost always flagged as dirty… that’s my 2 cents to you.
edit 2 records on dirty ips are hold for 3 years and I think then it’s deleted but not sure.
Knowing for “whom” virtualmin is and what you can do with it, I expected that there won’t be topics like it.
It’s amazing to see how close this topics gets to the one where @Joe was “attacked” from that one kid (just the truth).
I ran bigger communities in the past and worked with quite big sides together and I can tell, fighting spam is a big issue which requires a lot of work and it is quite annoying because “they” adapt too.
If the OP doesn’t like the function, simply using a VPN which is not blacklisted (or better to say a more professional one) is the solution.
I wouldn’t switch off a function which helps to prevent spam, even if that causes a little issue for legit users.
Sorry to say it like that, but keeping the page clean from spam or as clean as possible is more important than one extra step for real users (and yes, I know how “annoying” something like that can be for users).
3 Likes
My small, personal site has 32 members. The registration software automatically checks blacklists and spam reports to help mitigate the spam registrations.
What it does is allows them to register but then instantly bans them so that they can’t register with that username or email again. My blocked lists of spam members is in the thousands.
To date I’ve only received one email from someone saying they didn’t understand why they were banned on sign up. I explained the automated system to that person and white listed him. He fully understood and thanked me and that was that.
He certainly didn’t expect the entire internet to change everything they do just for him.
1 Like
And that is how “normal” people handle such things. 
1 Like
Thanks, Joe. You are quite correct; it is getting way too personal.
I totally understand your need to use the mechanism you do, and I get that you may have not yet found a better method. So I followed your link to fix the login process.
I do not know where you got the impression that I wished for a free-for-all environment. Isn’t the very reason a web site requires a username and password the accepted way to handle that question? This has been the traditionally accepted methodology for decades. I have confidence that you can find a way to stop your spam problem and still have a functional site.
BTW, there are only so many top rated VPN providers who do not keep logs. That limits the options for those who are privacy- and anonymity-conscious. I cannot begin to imagine a better choice in this regard. Please advise, Joe, if you have better info.
In any case, my personal experience was that I had to select the Jetpack option to send me an email to sign up with it. It appeared to work.
However, today that did not work. It forced me to do it yet again. Also, the process appeared to have changed. When I tried today, I got the same process to send me an instructional email to follow. However, I got a warning that it might not be a legitimate site (no certificate?) and it would not take my user name and password. I tried three times. When I attempted to start over, a page displayed with a json error “bad request” “invalid input”.
When I started over again once again, it never accepted my credentials. I had to log into my account thru the Virtualmin home page. I’ll keep that in mind next time.
Two questions:
- Do people have to do this every time they log in to your web site with their proper username/email address and password?
2.Do I understand correctly that if I purchase your product, this process goes away, as others have implied?
Thanks again.