Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-39503

Avoid telling Google that site allows signup

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Major
    • 2.5.1
    • 2.4, 2.5, 2.6
    • Authentication

    Description

      My site is open to all and allows e-mail reg account creation. Despite Captcha mode, I was plagued until recently with bogus accounts being opened on a daily basis. I stopped them dead by simply renaming 'signup.php' and assoc. form file to something meaningless and linking from login.php.

      Although my open site is still 1.9, I assume the same applies to 2.x and changing the filename would stop MOST opportunistic abuse. My solution also includes a security question based on the open site text content. Most casual spammers would be too bored to bother chasing this up whereas genuine visitors will probably have frehly read the info.

      Related posts - https://moodle.org/mod/forum/discuss.php?d=227637

      Regards

      Alan Hess

      Attachments

        Issue Links

          Activity

            People

              skodak Petr Skoda (Inactive)
              manxli Alan Hess
              Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
              Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Clockify

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.