Customizing the banned words list in the backend helps enhance auto-moderation and maintain security by filtering out inappropriate content.
How to manage your banned words
- In the backend, go to Config, then click on Banned Words.
You should see the below list - these are all generic banned words by default. - You can remove or add new ones anytime but you must have the corresponding permission added to your role to do so.
- You can find some tips at the bottom of the list. Read them attentively.
The user won’t be able to post if it contains one of these words.
Things to avoid
For security reasons there are some banned words that can apply to links. These are the following:
- "<svg"
- "<a"
- "<href"
- "<iframe"
- "<img"
- "<input"
- "<script"
- "src="
- "<alert("
- "javascript="
- "javascript:"
- "onmouseover="
- "onload="
- "style="
- "/>"
- "</"
Those words are blocked to prevent any hacking attemp.
Position of the asterisk: beginning, middle, or end
Asterisks can act as wildcards, replacing zero, one, or several characters in filtering systems. Here are the cases:
*pen
This means: "any word or string ending with 'pen'".
Example:
Matches "open", "happen", or even "pen".
Does not match "pencil" or "pending".
pen*
This means: "any word or string starting with 'pen'".
Example:
Matches "pencil", "pending", or "pen".
Does not match "open" or "happen".
*pen*
This means: "any word or string containing 'pen' at any position".
Example:
Matches "open", "pending", "happen", "penalty".
Does not match "run" or "fast".
Exact meaning in banned word lists
If these variants (pen, pen, pen) appear in a banned word list:
*pen: Blocks any word ending with "pen".
pen*: Blocks any word starting with "pen".
*pen*: Blocks any word containing "pen" anywhere.