I have set up a plugin which creates users for joomla, and have hacked the following files to change where the links to 'register new user', 'password remind' and 'username remind' point to
/components/com_user/views/login/templ/default_login.php
/modules/mod_login/templ/default.php
BUT - I have noticed that if someone knows it is a joomla site and manually types one of the following links:
index.php?option=com_user&view=register
index.php?option=com_user&view=remind
index.php?option=com_user&view=reset
They are STILL sent to the joomla registration/remind/reset pages - so can bypass the method I have set up to create users.
Can these pages be removed completely as they are not needed - or block access to these links?
remove create user page SOLVED
Moderator: General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
-
- Joomla! Apprentice
- Posts: 6
- Joined: Wed Dec 15, 2010 5:18 pm
remove create user page SOLVED
Last edited by owen2 on Wed Dec 15, 2010 9:48 pm, edited 1 time in total.
-
- Joomla! Apprentice
- Posts: 6
- Joined: Wed Dec 15, 2010 5:18 pm
Re: remove create user page
OK - solved it.....
Since I have SEF URL's activated in joomla, people can potentially type in 2 different URL's to get to the registration pages:
http://www.MYDOMAIN.COM/index.php?optio ... w=register
or
www.MYDOMAIN.COM//component/user/register.html
There are also 2 options to type in for lost password / username pages:
/component/user/reset.html
index.php?option=com_user&view=reset
/component/user/remind.html
index.php?option=com_user&view=remind
I am not wanting people to be able to access any of these pages, since I have used another plugin for the registration process, which unfortunatly does not take the above pages away... so people can type in the direct URL to get to any of these pages, and register for my site in a way I do not want them to register!
I tried redirecting plugins but found they only worked for some of the URL's and not others... and then I thought - how about redirecting with .htacess.... and when I tried that, it worked for some URL's and not others!
However, using BOTH methods, I have now been able to redirect all the above links!
I have used JRedirect plugin for the non SEF URLs' using the following in the plugin paramaters:
index.php?option=com_user&view=register|redirect-to-here.html
index.php?option=com_user&view=remind|redirect-to-here.html
index.php?option=com_user&view=reset|redirect-to-here.html
change 'redirect-to-here.html' to the URL's you want the pages to be redirected to.
THEN, put these line in your .htaccess files:
Redirect /component/user/reset.html http://www.MYDOMAIN.com/redirect-to-here.html
Redirect /component/user/remind.html http://www.MYDOMAIN.com/redirect-to-here.html
Redirect /component/user/register.html http://www.MYDOMAIN.com/redirect-to-here.html
Issue SOLVED - all redirections should work
I hope someone else finds this useful!
:-)
Since I have SEF URL's activated in joomla, people can potentially type in 2 different URL's to get to the registration pages:
http://www.MYDOMAIN.COM/index.php?optio ... w=register
or
www.MYDOMAIN.COM//component/user/register.html
There are also 2 options to type in for lost password / username pages:
/component/user/reset.html
index.php?option=com_user&view=reset
/component/user/remind.html
index.php?option=com_user&view=remind
I am not wanting people to be able to access any of these pages, since I have used another plugin for the registration process, which unfortunatly does not take the above pages away... so people can type in the direct URL to get to any of these pages, and register for my site in a way I do not want them to register!
I tried redirecting plugins but found they only worked for some of the URL's and not others... and then I thought - how about redirecting with .htacess.... and when I tried that, it worked for some URL's and not others!
However, using BOTH methods, I have now been able to redirect all the above links!
I have used JRedirect plugin for the non SEF URLs' using the following in the plugin paramaters:
index.php?option=com_user&view=register|redirect-to-here.html
index.php?option=com_user&view=remind|redirect-to-here.html
index.php?option=com_user&view=reset|redirect-to-here.html
change 'redirect-to-here.html' to the URL's you want the pages to be redirected to.
THEN, put these line in your .htaccess files:
Redirect /component/user/reset.html http://www.MYDOMAIN.com/redirect-to-here.html
Redirect /component/user/remind.html http://www.MYDOMAIN.com/redirect-to-here.html
Redirect /component/user/register.html http://www.MYDOMAIN.com/redirect-to-here.html
Issue SOLVED - all redirections should work
I hope someone else finds this useful!
:-)
-
- Joomla! Fledgling
- Posts: 1
- Joined: Tue Dec 28, 2010 12:03 pm
Re: remove create user page SOLVED
Hi,
I achieved the blocking of user registration, remind or reset with the following lines in .htaccess:
# Disable calls to user registration or password or username reset ("register", "remind", "reset")
RewriteCond %{REQUEST_URI} /component/user/(remind|reset|register)(\.html)? [OR]
RewriteCond %{QUERY_STRING} option=com_user&view=(remind|reset|register)
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
(I inserted the lines right above the section starting with "########## Begin - Joomla! core SEF Section".)
I'm using Joomla 1.5.22 on Linux.
I achieved the blocking of user registration, remind or reset with the following lines in .htaccess:
# Disable calls to user registration or password or username reset ("register", "remind", "reset")
RewriteCond %{REQUEST_URI} /component/user/(remind|reset|register)(\.html)? [OR]
RewriteCond %{QUERY_STRING} option=com_user&view=(remind|reset|register)
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
(I inserted the lines right above the section starting with "########## Begin - Joomla! core SEF Section".)
I'm using Joomla 1.5.22 on Linux.
-
- Joomla! Apprentice
- Posts: 18
- Joined: Wed Feb 16, 2011 3:58 pm
Re: remove create user page SOLVED
Hi Guys,
I updated this htaccess-trick for Joomla 3.4:
Regards, Gerard
I updated this htaccess-trick for Joomla 3.4:
Code: Select all
# RewriteBase /
# Disable calls to user registration ("register", this url ends with: view=registration))
# Send all blocked request to homepage, use Flag [F] for 403 Forbidden error!
RewriteCond %{QUERY_STRING} (view=registration) [NC]
RewriteRule ^(.*)$ index.php [R]
## Begin - Joomla! core SEF Section.
- Per Yngve Berg
- Joomla! Master
- Posts: 30923
- Joined: Mon Oct 27, 2008 9:27 pm
- Location: Romerike, Norway
Re: remove create user page SOLVED
Why are you doing all this? In Global Configuration, set New User Registration=No. That's all.