NOTE: This mitigation strategy is only applicable to customers who are integrated with an AMS or CRM. In addition, it is effective for closed communities and you will need Higher Logic's assistance to implement it.
Arguably the most important tool governing user access to your site is Security Groups. You can think of Security Groups as the high-level categories to which your users belong; they're powerful tools enabling you to determine what users are allowed to view and access across your site, in terms of both navigation and content.
You can also use Security Groups to limit initial access, which can be effective at stopping spam accounts from accessing your site.
Two configuration settings can used to add your users to Security Groups:
- LimitBy is a setting in the site's integration configuration that admins can use to set which Security Groups their community members must belong to in order for their data to sync into your site. Members who are not in any of the listed Security Groups will be automatically "de-synced."
NOTE: LimitBy overrides any settings for the ExcludeBy setting (described below).
- ExcludeBy is a setting in the site's integration configuration that admins can use to set which Security Groups will trigger the automatic de-syncing of its listed members. A community member who is not in any of the Security Groups in the ExcludeBy configuration parameter list will remain "de-synced," unless the member is specifically re-synced by being added to a LimitBy Security Group (described above).
Configuring Security Groups
Security Groups are an effective way to prevent bot accounts gaining access to your site because access is limited to the users who you assign to your Security Groups.
Higher Logic can help you configure your Security Groups.
- To limit or exclude users via Security Groups in your site, create a case.
- We will walk you through the steps to configure your list of Security Groups according to your preference.