Tighten security on CBOX demo site registration
Gary in IT had some good suggestions for tightening security on the CBOX demo site (which is currently in limbo as we await discussion of where it should be placed):
1. Maybe a robust CAPTCHA would suffice to keep out the bots?
2. Can we check the validity of the email used to register?
3. Can we limit the number of registrations from a given source IP per time period?
The captcha seems like an easy implementation and #3 seems worthwhile if there is an easy way to do it. I think WP already does 2, though I'm not sure what Gary means by "validity"
#1 Updated by Boone Gorges about 3 years ago
- Status changed from Assigned to Resolved
The demo.commonsinabox.org site has a CAPTCHA for registration.
About a year ago, I built a system for the site that clears out all data - accounts and content - once daily. This seems to have solved most of the spam issues, so I'm going to mark this one resolved.