-
Improvement
-
Resolution: Fixed
-
Major
-
2.4, 2.5, 2.6
-
MOODLE_24_STABLE, MOODLE_25_STABLE, MOODLE_26_STABLE
-
MOODLE_25_STABLE
-
w23_
MDL-39503_m26_signup -
-
My site is open to all and allows e-mail reg account creation. Despite Captcha mode, I was plagued until recently with bogus accounts being opened on a daily basis. I stopped them dead by simply renaming 'signup.php' and assoc. form file to something meaningless and linking from login.php.
Although my open site is still 1.9, I assume the same applies to 2.x and changing the filename would stop MOST opportunistic abuse. My solution also includes a security question based on the open site text content. Most casual spammers would be too bored to bother chasing this up whereas genuine visitors will probably have frehly read the info.
Related posts - https://moodle.org/mod/forum/discuss.php?d=227637
Regards
Alan Hess
- caused a regression
-
MDL-57734 SEO - Create admin setting to be able to enable or disable search engine indexing for sites with forcelogin
- Closed