Moodle

Disable email signup in new installation - add danger warning

Details

  • Type: Improvement Improvement
  • Status: Closed Closed
  • Priority: Major Major
  • Resolution: Fixed
  • Affects Version/s: 1.8, 1.9
  • Fix Version/s: 1.8.6, 1.9.2
  • Component/s: Administration
  • Labels:
    None
  • Affected Branches:
    MOODLE_18_STABLE, MOODLE_19_STABLE
  • Fixed Branches:
    MOODLE_18_STABLE, MOODLE_19_STABLE

Description

many administrators do not understand danger of email signup, change the default and improve the docs

Issue Links

This issue has a non-specific relationship to:
MDL-15389 add info concerning spam dangers of open profiles Major Closed

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Petr Škoda (skodak) added a comment -

Helen Foster - 03/Jul/08 07:23 AM
Thanks for everyone's suggestions Here are mine:

configforceloginforprofiles:

This setting forces users to login using their account in order to be able to view the personal profiles of other users. If this setting is disabled, it results in the possibility of spammers using personal profiles for posting spam, since they are visible to the whole world.

selfregistration_help:

If an authentication plugin, such as email-based self-registration, is selected, then it enables potential users to register themselves and create accounts. This results in the possibility of spammers creating accounts in order to use forum posts, blog entries etc. for spam. To avoid this risk, self-registration should be disabled.

Show
Petr Škoda (skodak) added a comment - Helen Foster - 03/Jul/08 07:23 AM Thanks for everyone's suggestions Here are mine: configforceloginforprofiles: This setting forces users to login using their account in order to be able to view the personal profiles of other users. If this setting is disabled, it results in the possibility of spammers using personal profiles for posting spam, since they are visible to the whole world. selfregistration_help: If an authentication plugin, such as email-based self-registration, is selected, then it enables potential users to register themselves and create accounts. This results in the possibility of spammers creating accounts in order to use forum posts, blog entries etc. for spam. To avoid this risk, self-registration should be disabled.
Hide
Permalink
Petr Škoda (skodak) added a comment -

adding info that limiting of email domains helps too.

Show
Petr Škoda (skodak) added a comment - adding info that limiting of email domains helps too.
Hide
Permalink
Petr Škoda (skodak) added a comment -

default changed in 1.9.x, the lang string changed in 1.8x too
please add better text suggestion if needed and reopen

thanks everybody

Show
Petr Škoda (skodak) added a comment - default changed in 1.9.x, the lang string changed in 1.8x too please add better text suggestion if needed and reopen thanks everybody
Hide
Permalink
Helen Foster added a comment -

Still to do: Add warning to Moodle Docs

Show
Helen Foster added a comment - Still to do: Add warning to Moodle Docs
Hide
Permalink
Petr Škoda (skodak) added a comment -

oh, sure, could you please do that Helen?

Show
Petr Škoda (skodak) added a comment - oh, sure, could you please do that Helen?
Hide
Permalink
Petr Škoda (skodak) added a comment -

hmm, maybe Koen should notify translators to update langs too - seems important

Show
Petr Škoda (skodak) added a comment - hmm, maybe Koen should notify translators to update langs too - seems important
Hide
Permalink
Helen Foster added a comment -

No problem re. adding a warning to Moodle Docs. I'll do so before closing this issue.

Re. notifying translators about updating the lang string, I suggest the best way is to rename the lang string (see rule 15 in the coding guidelines http://docs.moodle.org/en/Coding ). I've added Koen as a watcher for him to comment.

Show
Helen Foster added a comment - No problem re. adding a warning to Moodle Docs. I'll do so before closing this issue. Re. notifying translators about updating the lang string, I suggest the best way is to rename the lang string (see rule 15 in the coding guidelines http://docs.moodle.org/en/Coding ). I've added Koen as a watcher for him to comment.
Hide
Permalink
Petr Škoda (skodak) added a comment -

Maybe it is not necessary to rename these strings in this case, because it is just an improvement - the new text is correct for all previous versions, the old one is not necessary at all.

Show
Petr Škoda (skodak) added a comment - Maybe it is not necessary to rename these strings in this case, because it is just an improvement - the new text is correct for all previous versions, the old one is not necessary at all.
Hide
Permalink
Anthony Borrow added a comment -

I tested this with a fresh install and the option to disable email based self-registration defaults correctly to disable. I noticed that tsala was listed as the official person for QA so I am not closing it at this time but my +1 for closing it. Peace - Anthony

Show
Anthony Borrow added a comment - I tested this with a fresh install and the option to disable email based self-registration defaults correctly to disable. I noticed that tsala was listed as the official person for QA so I am not closing it at this time but my +1 for closing it. Peace - Anthony
Hide
Permalink
Helen Foster added a comment -

Warning added to http://docs.moodle.org/en/Authentication and http://docs.moodle.org/en/Email-based_self-registration

Petr, thanks for fixing

Show
Helen Foster added a comment - Warning added to http://docs.moodle.org/en/Authentication and http://docs.moodle.org/en/Email-based_self-registration Petr, thanks for fixing

People

Vote (0)
Watch (3)

Dates

  • Created:
    Updated:
    Resolved:
Atlassian JIRA (v4.4.3#663-r165197) | Report a problem
Powered by a free Atlassian JIRA open source license for Moodle. Try JIRA - bug tracking software for your team.