Loading...
 
Skip to main content

History: Anti-spam

View published page

Source of version: 18 (current)

Copy to clipboard
            ! {{page}}
{DIV(float=right,width="200px")}^::Related Topics::
* ((Spam Protection))
* ((Security))
* ((Comment moderation))
* ((How to Ban many IP from fake registrations))
* ((How to Remove SPAM))
* See also: [http://tiki.org/How+to+deal+with+spam|How to deal with SpamBots]
^{DIV}

Measures to protect sites against spam

!!# Tiki registrations: Passcode to register + show it for humans
!!!# Using pretty tracker template
Using "Use tracker to collect more user information" (admin -> login) you can design your own registration page by setting "Use pretty trackers for registration form".  Activate the passcode option and enter a number (8 for example). In your registration pretty tracker template enter some text like "How much is 5+3" and add the field {$register_passcode}. As long the user is not human an not entering the number 8 in the field, registration will fail.

!!!# Newer versions: using an admin setting
In the most recent versions of 6.x, 9.x, 10.x and 11.0 this is now a feature. Just visit __tiki-admin.php?page=login__  and activate "__Require passcode to register__", save your settings. And then activate the new option that you will see saying: "__Show passcode on registration form__".

!!!# Older versions: setting it by hand
If you can't see the option "__Show passcode on registration form__" in the security admin panel, then you can still use passcode and show it in the registration screen by configuring this behavior by hand.

An easy trick (by luci: thanks!)
# Enable the option "__Passcode to register__" (Admin > Login > ...)
## Enter the passcode the users will need to use and save by clicking "Change preferences". For this example, assume the passcode is __foobar__.
# Code to add before the end < /body> tag. (__Admin > Look & Feel > Customization > Custom end code__):
## If you are using some user tracker to collect more information from users at registration time, use this code:
++ {CODE(colors="javascript", ln="1", caption="code to add in Admin > Look & Feel > Customization > Custom end code")}
{if $mid eq "tiki-register.tpl"}{jq}$("form[name='editItemForm1']").prepend("<b>Passcode to Register:</b> <i>foobar</i> <br/>");{/jq}{/if}
{CODE}
## If you just use the basic registration form by default (no user tracker to collect more information from users at registration time), then use this other code:
++ {CODE(colors="javascript", ln="1", caption="code to add in Admin > Look & Feel > Customization > Custom end code")}
{if $mid eq "tiki-register.tpl"}{jq}$("form[name='RegForm']").prepend("<b>Passcode to Register:</b> <i>foobar</i> <br/>");{/jq}{/if}
{CODE}
# ''(optional)'' If you're comfortable editing files and have access, line 12 or so of the __templates/register-passcode.tpl__, which has the description of the passcode field, could be changed to refer to the passcode as follows:
+ {CODE(wrap=1)}
<em>{tr}Not your password. Enter passcode to register shown above. The code is case sensitive.{/tr}</em>
{CODE}

{REMARKSBOX(type="note" title="Note")}
To make the passcode a bit trickier to fetch properly by robots we can also write it with some html tags inside (or affecting half the passcode). E.g.: 
{CODE()}foo<i>bar</i>{CODE}
instead of just 
{CODE()}foobar{CODE}
or
{CODE()}<i>foobar</i>{CODE}
This way, the user will read the same word that they have to type in: -+foo''bar''+-, but robots will potentially read the html code, with the italic html tags in between, etc.
{REMARKSBOX}

!!# Banning Users or IPs
See ((How to Ban many IP from fake registrations))

You can also mass ban ips from comments pending moderation. See ((Comment Moderation))

Or you can ban many ip's at once directly through the ((Action Log)) interface.


!!# Remove Spam
If you got spam before you applied the measures to avoid it, see ((How to Remove SPAM))



-= Alias names for this page =-
(alias(Spam)) | (alias(Anti Spam)) | (alias(Antispam))