[#MDL-15544] Disable email signup in new installation - add danger warning

Issue Details (XML | Word | Printable)

Key:	MDL-15544
Type:	Improvement
Status:	Closed
Resolution:	Fixed
Priority:	Major
Assignee:	Petr Škoda (skodak)
Reporter:	Petr Škoda (skodak)
Votes:	0
Watchers:	3

Operations

Add/Edit UI Mockup to this issue

If you were logged in you would be able to see more operations.

Moodle

Disable email signup in new installation - add danger warning

Created: 05/Jul/08 04:52 AM Updated: 22/Jul/08 09:00 PM

Component/s:

Administration

Affects Version/s:

1.8, 1.9

Fix Version/s:

1.8.6, 1.9.2

Issue Links:

Relates

This issue has a non-specific relationship to:

~~MDL-15389~~ add info concerning spam dangers of open profiles

Participants:	Anthony Borrow, Helen Foster and Petr Škoda (skodak)
Security Level:	None
QA Assignee:	Helen Foster
Resolved date:	05/Jul/08
Affected Branches:	MOODLE_18_STABLE, MOODLE_19_STABLE
Fixed Branches:	MOODLE_18_STABLE, MOODLE_19_STABLE

Description

« Hide

many administrators do not understand danger of email signup, change the default and improve the docs

All

Comments

Change History

Version Control

Sort Order:

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 05/Jul/08 05:15 AM

Helen Foster - 03/Jul/08 07:23 AM
Thanks for everyone's suggestions

Here are mine:

configforceloginforprofiles:

This setting forces users to login using their account in order to be able to view the personal profiles of other users. If this setting is disabled, it results in the possibility of spammers using personal profiles for posting spam, since they are visible to the whole world.

selfregistration_help:

If an authentication plugin, such as email-based self-registration, is selected, then it enables potential users to register themselves and create accounts. This results in the possibility of spammers creating accounts in order to use forum posts, blog entries etc. for spam. To avoid this risk, self-registration should be disabled.

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 05/Jul/08 05:16 AM

adding info that limiting of email domains helps too.

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 05/Jul/08 08:01 AM

default changed in 1.9.x, the lang string changed in 1.8x too
please add better text suggestion if needed and reopen

thanks everybody

[ Permalink | « Hide ]

Helen Foster added a comment - 06/Jul/08 03:59 AM

Still to do: Add warning to Moodle Docs

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 06/Jul/08 06:51 AM

oh, sure, could you please do that Helen?

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 06/Jul/08 06:52 AM

hmm, maybe Koen should notify translators to update langs too - seems important

[ Permalink | « Hide ]

Helen Foster added a comment - 06/Jul/08 10:49 PM

No problem re. adding a warning to Moodle Docs. I'll do so before closing this issue.

Re. notifying translators about updating the lang string, I suggest the best way is to rename the lang string (see rule 15 in the coding guidelines http://docs.moodle.org/en/Coding ). I've added Koen as a watcher for him to comment.

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 06/Jul/08 11:31 PM

Maybe it is not necessary to rename these strings in this case, because it is just an improvement - the new text is correct for all previous versions, the old one is not necessary at all.

[ Permalink | « Hide ]

Anthony Borrow added a comment - 10/Jul/08 10:03 PM

I tested this with a fresh install and the option to disable email based self-registration defaults correctly to disable. I noticed that tsala was listed as the official person for QA so I am not closing it at this time but my +1 for closing it. Peace - Anthony

[ Permalink | « Hide ]

Helen Foster added a comment - 22/Jul/08 09:00 PM

Warning added to http://docs.moodle.org/en/Authentication and http://docs.moodle.org/en/Email-based_self-registration

Petr, thanks for fixing

All content on this web site is made available under the GNU General Public License, unless otherwise stated.