Hi!
I just did a fresh in stall of Matomo (latest version 4.13.0) and noticed in the user management section that besides the user account which I created for me while doing the installation with Softaculous, there also pre-exists another user called anonymous with no access and the email anonymous@example.org .
What is this user, is this really only an example of a user account that I can safely delete now? Or is it an account used maybe by some Matomo system service, by Softaculous, my provider, etc. so that I should NOT delete it?
Thanks for any feedback / information!
If I am not wrong, this is the anonymous user. For example, in https://demo.matomo.cloud/ the anonymous user has read access to site #1
Anders
September 7, 2023, 9:01am
3
An e-mail was sent to anonymous@example.org when my System Admin was created.
Is there a way to avoid that?
I got:
anonymous@example.org an MX or SRV record indicated no SMTP serviceSubject: Security Notification
Hi @Anders ,noreply_email_address param (visible in Diagnostic > Config file )?
What if I don’t want any anonymous users to have access to anything?
Plus the email address ending on @example.org forces me to allow “example .org” as a possible “New user invite email domain”
Hi @janv8000
Just don’t allow anonymous user on any site…
As this is a built-in user. Then cannot be deleted.
Sorry, I don’t understand what you mean…?
Message displayed in Users Manager: see below
Error message displayed when trying to prune the example .org setting:
Hi @janv8000
(the anonymous user should not allow example.org as authorized domain…)
1 Like
Can’t include links in posts so plain text:
opened 02:31PM - 08 Mar 24 UTC
Potential Bug
To Triage
### What happened?
Presence of the anonymous@example.org users forces the Users… Manager to allow `example.org` as valid domain.
User anonymous can't be deleted:
Email domain `example.org` can't be deleted:
* UsersManager feature introduced in #20101
* Discussed in https://forum.matomo.org/t/what-is-user-anonymous-example-org-after-install-can-be-deleted/48791/6
### What should happen?
Presence of anonymous users should not prevent deleting/excluding example.org as valid domain
### How can this be reproduced?
* Goto index.php?module=CoreAdminHome&action=generalSettings&idSite=1&period=range&date=last7
* scroll to UsersManager
* try to limit the list to not include example.org
### Matomo version
5.0
### PHP version
_No response_
### Server operating system
_No response_
### What browsers are you seeing the problem on?
Not applicable (e.g. an API call etc.)
### Computer operating system
_No response_
### Relevant log output
_No response_
### Validations
- [X] Read our [Contributing Guidelines](https://github.com/matomo-org/matomo/blob/5.x-dev/CONTRIBUTING.md).
- [X] Follow our [Security Policy](https://github.com/matomo-org/matomo/blob/5.x-dev/SECURITY.md).
- [X] Check that there isn't already an issue that reports the same bug to avoid creating duplicates.
- [X] The provided steps to reproduce is a [minimal reproducible](https://stackoverflow.com/help/minimal-reproducible-example) of the Bug.
1 Like
> Diagnostic > Config file)?
