Deanonymizing forum posts

Rohan · May 22, 2022, 2:25pm

Unfortunately I have a student who’s using anonymous forum posts to violate our site’s terms of service. How can I determine which account was used to post the messages so they can be banned?

Tim_McCormack · May 23, 2022, 1:38pm

I didn’t know you could make anonymous posts! Interesting.

Assuming that posting anonymously still requires you to be logged in, there should be a field in the DB record. (I don’t know where exactly to look, unfortunately.) But depending on how your logging is set up, and if no one else chimes in with better information, it might be faster to cross-check the timestamps of their posts with log messages:

nginx logs should have their IP address, and their IP address may also be on other traffic from their client that reveals their identity
LMS logs should have a [user 12345] element that indicates the authenticated user.

Andres.Aulasneo · May 24, 2022, 12:54pm

Hi @Rohan!
If you have direct access to MongoDB, you can use these commands to get all the posts:

use cs_comments_service
db.contents.find()

If you want to filter by course id, you can do:

db.contents.find({"course_id": "<course_id in the form 'course-v1:org+course_num+course_run'>"})

dave · May 24, 2022, 2:09pm

Just wanted to make sure you knew that there are separate advanced settings toggles for making discussions anonymous to other students (Allow Anonymous Discussion Posts to Peers) vs. making it anonymous to everyone (Allow Anonymous Discussion Posts):

https://edx.readthedocs.io/projects/open-edx-building-and-running-a-course/en/open-release-maple.master/manage_discussions/discussions.html#allowing-learners-to-make-anonymous-discussion-posts

Rohan · June 14, 2022, 1:25pm

Thank you, this seems viable. However, how do I connect to MongoDB on a tutor instance?

Andres.Aulasneo · June 16, 2022, 1:01pm

You can access the Mongo shell with mongo <mongo host or ip> -u <mongo user> -p <mongo password>. You can get these parameters from lms.auth.json and lms.env.json, or the yaml config files, depending on your installation.

Rohan · June 17, 2022, 4:10pm

I tried mongo on my Tutor AMI, and it just says command not found.

Eventually I found that the correct tutor-specific way to do this is

tutor local exec mongodb bash

There was no password prompt needed then after that.

And then I could do a variant on the recommended comment lookup command (seeing by specific title rather than everything in the course, since I want to deanonymize a specific post.)

use cs_comments_service
db.contents.find({"title": "<Forum post title>"})

commands.

Thanks @andres !

Topic		Replies	Views
Install MFE, not Tab discussions Site Operations Help discussion , tutor , mfe	4	186	November 7, 2023
Problem with admin and staff accounts being labeled as "student" Authoring	3	430	May 16, 2022
Configure mongodb to be remotely accessible Tutor Help how-to , tutor , mongodb	0	148	May 23, 2023
Discussion emails don't get sent for question-type posts but do for discussion-type posts Site Operators	1	275	April 10, 2022
Hide Email Address Educators	2	358	September 7, 2020

Deanonymizing forum posts

Related Topics