Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-39503

Avoid telling Google that site allows signup

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.4, 2.5, 2.6
    • Fix Version/s: 2.5.1
    • Component/s: Authentication
    • Labels:

      Description

      My site is open to all and allows e-mail reg account creation. Despite Captcha mode, I was plagued until recently with bogus accounts being opened on a daily basis. I stopped them dead by simply renaming 'signup.php' and assoc. form file to something meaningless and linking from login.php.

      Although my open site is still 1.9, I assume the same applies to 2.x and changing the filename would stop MOST opportunistic abuse. My solution also includes a security question based on the open site text content. Most casual spammers would be too bored to bother chasing this up whereas genuine visitors will probably have frehly read the info.

      Related posts - https://moodle.org/mod/forum/discuss.php?d=227637

      Regards

      Alan Hess

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Votes:
                  0 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:
                    Fix Release Date:
                    8/Jul/13