Project

General

Profile

Feature #3692

Tighten registration security on commonsinabox.org

Added by Matt Gold over 4 years ago. Updated over 4 years ago.

Status:
Resolved
Priority name:
Normal
Assignee:
Category name:
commonsinabox.org
Target version:
Start date:
2014-12-02
Due date:
% Done:

0%

Estimated time:

Description

Hi Boone,

Can you please see if there are a few simple steps (CAPTCHAs, etc) that we can take to make the sign-up process on commonsinabox.org a bit more resistant to spammers?

History

#1 Updated by Raymond Hoh over 4 years ago

There is already a BP registration honeypot plugin running on cbox.org.

Here are some other suggestions:

Cookies For Comments + Cookies For Logins / BuddyPress:
https://wordpress.org/plugins/cookies-for-comments/
https://github.com/r-a-y/cookies-for-logins

This is a lightweight combo that is in use on the Commons. Try this first.


Hashcash.io: http://hashcash.io

This works by needing the user to click on an unlock button, which then requires the web browser to solve some mathematical sets and unlocks the form for submission afterwards. This is designed to slow down spammers and to prevent them from performing a brute force attack.

Test out the demo here:
http://wpdemo.hashcash.io/wp-login.php

The WP plugin for Hashcash.io supports BP's registration page:
https://wordpress.org/plugins/wp-hashcash/

#2 Updated by Matt Gold over 4 years ago

Many thanks, Ray.

#3 Updated by Boone Gorges over 4 years ago

  • Status changed from Assigned to Resolved

Thanks for the suggestions, Ray! The cookie plugins are added in https://github.com/cuny-academic-commons/commonsinabox-org/commit/a41e7e082cb63af28fff8add605cc5c18deb88e0 and are live on the site. I've also hacked together CAPTCHA protection, which is replacing the humanity check https://github.com/cuny-academic-commons/commonsinabox-org/commit/80ed14f78867af034a042a8799525e09650ec98b

Going to mark this resolved. Please reopen if we continue to have problems (though if we do, it's likely that automated solutions won't help much).

Also available in: Atom PDF