[52]Antispam Protection

Locked
User avatar
LocaLizeR
Joomla! Explorer
Joomla! Explorer
Posts: 331
Joined: Thu Sep 15, 2005 4:44 am
Location: Hungary
Contact:

[52]Antispam Protection

Post by LocaLizeR » Sun Feb 17, 2008 6:04 pm

1. Summary
When you have a high ranked site by the search engines, later or sooner the spam robots will find it. They register on your site, try to claim lost passwords and they use the contact form for spamming or make any other spamming attempts.

2. Goals
There are several technologies or services on the web, like captcha to protect your site againts the spammers. Integrating a solution for entering a security code would harden the spammers their attempts, and your site would be more secure.

3. Affects
3.1 Backward compatibility
The backward compatibility should be affected, but some solutions by 3pd developers are already available.
3.2 3PD extensions
A very good default antispam protection would be used by the 3rd party extensions (comments, guest books, forums etc.) as well what they could integrate instead of developing their own solutions.
Jozsef Tamas Herczeg // Member of the Hungarian Joomla Translation Team :: Follow me on Twitter: @jtherczeg
:: "Do not give fish to the hungry man teach him how to fish instead" ::

User avatar
Hackwar
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 3762
Joined: Fri Sep 16, 2005 8:41 pm
Location: NRW - Germany
Contact:

Re: Antispam Protection

Post by Hackwar » Sun Feb 17, 2008 7:48 pm

It would be interesting to introduce more events here, which render possible captcha images and before save, check the content and then throw an error in case of a false input. This would be introduced in the model somewhere... I wouldn't want to implement this as a fixed solution in Joomla, but encourage the community to produce different solutions to this. The community could very nicely produce different methods, like captcha or calculations. Still, nice idea.
god doesn't play dice with the universe. not after that drunken night with the devil where he lost classical mechanics in a game of craps.

Since the creation of the Internet, the Earth's rotation has been fueled, primarily, by the collective spinning of English teachers in their graves.

Geoff
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 3193
Joined: Sun Apr 16, 2006 12:20 am
Location: 127.0.0.1

Re: Antispam Protection

Post by Geoff » Mon Feb 18, 2008 6:48 am

Not sure if this is a reasonable idea but it would be interesting to see some sort of capatcha implemented in the administrator backend login. I know gallery2 has an option for this when users login.
Backup, backup, backup!
The "Master" .htacess file by Nicholas http://snipt.net/nikosdion/the-master-htaccess

User avatar
LocaLizeR
Joomla! Explorer
Joomla! Explorer
Posts: 331
Joined: Thu Sep 15, 2005 4:44 am
Location: Hungary
Contact:

Re: Antispam Protection

Post by LocaLizeR » Mon Feb 18, 2008 9:48 am

Telling you the truth, I suggested this feature because the use of the current extensions (e.g. Security Images or Bigo Captcha) is possible by altering the core files. It would be more convenient for the end users to see this as a core feature.
Jozsef Tamas Herczeg // Member of the Hungarian Joomla Translation Team :: Follow me on Twitter: @jtherczeg
:: "Do not give fish to the hungry man teach him how to fish instead" ::

roundtrip
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Thu Sep 06, 2007 9:59 pm

Re: Antispam Protection

Post by roundtrip » Thu Feb 21, 2008 10:52 am

In light of the rise in levels of spam and bots in general, it would be great to see a more integrated approach via something like a Captcha option. Having the option for people to hook into this security to harden things further would be an added benefit.

Too many of the 3rd party solutions require hacking about with core files, which for new Joomla users or folks new to PHP is a recipe for disaster.

Please can we have some kind of core level security that can deal with the spammers! ;-)

User avatar
trouble
Joomla! Intern
Joomla! Intern
Posts: 92
Joined: Tue Jul 31, 2007 9:27 am
Location: UK

Re: [52]Antispam Protection

Post by trouble » Tue Jul 08, 2008 2:38 pm

I'm getting spammed to death right now from a contact form on one of my web sites :-\

It's going to come a bit too late for me, but it's great that this has been accepted!

roundtrip
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Thu Sep 06, 2007 9:59 pm

Re: [52]Antispam Protection

Post by roundtrip » Tue Jul 08, 2008 2:54 pm

Sorry to hear of your spam problem.

I'm just a little disappointed that it wasn't part of the core from day one of the 1.5 release. :( Comment spam has been a big issue for years and years now, so it shouldn't be a big surprise that the spammers are banging on our websites!!!

Good that we're going to see something done about it... eventually!

User avatar
trouble
Joomla! Intern
Joomla! Intern
Posts: 92
Joined: Tue Jul 31, 2007 9:27 am
Location: UK

Re: [52]Antispam Protection

Post by trouble » Tue Jul 08, 2008 3:44 pm

roundtrip wrote:Sorry to hear of your spam problem.

I'm just a little disappointed that it wasn't part of the core from day one of the 1.5 release. :( Comment spam has been a big issue for years and years now, so it shouldn't be a big surprise that the spammers are banging on our websites!!!

Good that we're going to see something done about it... eventually!
I'm with you all the way on your post!

User avatar
bobbravo2
Joomla! Apprentice
Joomla! Apprentice
Posts: 39
Joined: Sun Jul 22, 2007 10:45 pm
Location: Orlando, FL
Contact:

Re: [52]Antispam Protection

Post by bobbravo2 » Tue Nov 11, 2008 7:57 pm

There are a few J! 1.5 3p extensions avaliable on the directory:
http://extensions.joomla.org/component/ ... Itemid,35/
http://extensions.joomla.org/component/ ... Itemid,35/

These extensions use reCAPTCHA which I highly recommend as it helps to digitize books, and is accessible to users that are visually impaired.

Joomla! needs to have CAPTCHA as a part of the CORE because user interaction is a primary reason that we use Joomla! in the first place, one shouldn't have to add a 3p extension to stop spam - especially since they require modifying the core, which may create security vulnerabilities

mariusvr
Joomla! Guru
Joomla! Guru
Posts: 554
Joined: Wed May 31, 2006 11:34 am

Re: [52]Antispam Protection

Post by mariusvr » Thu Nov 13, 2008 11:41 am

Our jfusion.org also had around 5-10 bots registering every day. Captcha should really be part of the core. It is really essential to add this feature as soon as possible. All major softwares have this implemented and it would be great if Joomla would too.

There is already a great extention that does this with a core modifications that then allow for a system plugin to control the captcha options. You can select where you want captcha and prevents people from using direct links to bypass the images:

http://code.google.com/p/joomla15captcha/

It works really well on our site.

Cheers, Marius
JFusion is a revolutionary new universal user integration tool for Joomla. Visit http://www.jfusion.org for more details.

User avatar
razor7
Joomla! Explorer
Joomla! Explorer
Posts: 335
Joined: Wed Aug 24, 2005 2:06 pm
Location: Argentina
Contact:

Re: [52]Antispam Protection

Post by razor7 » Fri Dec 26, 2008 6:20 pm

Hello...i suggest to have a builtin option like allikonweb antispam bot and also the recaptcha option, so users can choose wich one to use.

This idea is accepted...¿any news on how this will be implemented and when?

Thanks a lot!
Visit http://www.mgscreativa.com

Take a look at our downloads section for VirtueMart payment plugins and mouch more! http://www.mgscreativa.com/contenidos/i ... Itemid=214

Archangel Michael
Joomla! Apprentice
Joomla! Apprentice
Posts: 23
Joined: Fri Dec 28, 2007 5:28 pm

Re: [52]Antispam Protection

Post by Archangel Michael » Sun Jan 04, 2009 9:35 pm

My $.02 worth ...

This should be modulized (via plugin or whatever) so that as they (captchas, security features) get "cracked", they can be updated, upgraded or degraded and replaced. I'm not a programmer, just an interested party. Since fighting bots is nothing short of a race, whatever the approach it should be designed in such a way that keeps the race in mind.

mariusvr
Joomla! Guru
Joomla! Guru
Posts: 554
Joined: Wed May 31, 2006 11:34 am

Re: [52]Antispam Protection

Post by mariusvr » Mon Jan 05, 2009 12:25 am

Archangel Michael wrote:My $.02 worth ...

This should be modulized (via plugin or whatever) so that as they (captchas, security features) get "cracked", they can be updated, upgraded or degraded and replaced. I'm not a programmer, just an interested party. Since fighting bots is nothing short of a race, whatever the approach it should be designed in such a way that keeps the race in mind.
That is what I like about:
http://code.google.com/p/joomla15captcha/

It is a Joomla plugin that can be configured as to where captcha should be shown and can be published/unpublished. Note that i do not have any involvement in coding this project, just like what they have done.

Thanks, Marius
JFusion is a revolutionary new universal user integration tool for Joomla. Visit http://www.jfusion.org for more details.

User avatar
alikon
Joomla! Champion
Joomla! Champion
Posts: 5941
Joined: Fri Aug 19, 2005 10:46 am
Location: Roma
Contact:

Re: [52]Antispam Protection

Post by alikon » Thu Apr 16, 2009 12:00 pm

my 0.2 €
i've developed an open source plugin for an accessible captcha that can use several captcha type:

a) classic image captcha with sound
b) ascii art capctha
c) math captcha



extensions integration is quite simple, two event need to be triggered

the onView for showing the captcha
the tipical place for trigger is component/view/tmpl

Code: Select all

JPluginHelper::importPlugin('alikonweb');
if (JPluginHelper::isEnabled('alikonweb', 'alikonweb.captchabot')) {
	$mainframe->triggerEvent('onView', array ('component'));
}
the onVerify for checking the digited code
the tipical place for trigger this event is the component controller

Code: Select all

 if(JPluginHelper::isEnabled('alikonweb', 'alikonweb.captchabot')){	    			
       $psw3	= JRequest::getVar( 'password3', 	'',			'post' );  
       $psw3	= strtolower($psw3);      
       JPluginHelper::importPlugin( 'alikonweb' );
       $dispatcher	=& JDispatcher::getInstance();    
       $results	= $dispatcher->trigger( 'onVerify', array($psw3));		      
       if (!$results[0] ) {		
	  		$msg	= JText::_('SECURECODE_DO_NOT_MATCH');
			JError::raiseWarning('A1', $msg);
			$return	= JRoute::_( 'index.php?option=com_auser&view=login' );
			$mainframe->redirect( $return );
			return false;
       
	}
 }
here yuo'll find it
http://extensions.joomla.org/extensions ... 91/details
Nicola Galgano
i know that i don't know
www.alikonweb.it


Locked

Return to “Accepted - Archived”