[52]Antispam Protection
- LocaLizeR
- Joomla! Explorer
- Posts: 331
- Joined: Thu Sep 15, 2005 4:44 am
- Location: Hungary
- Contact:
[52]Antispam Protection
1. Summary
When you have a high ranked site by the search engines, later or sooner the spam robots will find it. They register on your site, try to claim lost passwords and they use the contact form for spamming or make any other spamming attempts.
2. Goals
There are several technologies or services on the web, like captcha to protect your site againts the spammers. Integrating a solution for entering a security code would harden the spammers their attempts, and your site would be more secure.
3. Affects
3.1 Backward compatibility
The backward compatibility should be affected, but some solutions by 3pd developers are already available.
3.2 3PD extensions
A very good default antispam protection would be used by the 3rd party extensions (comments, guest books, forums etc.) as well what they could integrate instead of developing their own solutions.
When you have a high ranked site by the search engines, later or sooner the spam robots will find it. They register on your site, try to claim lost passwords and they use the contact form for spamming or make any other spamming attempts.
2. Goals
There are several technologies or services on the web, like captcha to protect your site againts the spammers. Integrating a solution for entering a security code would harden the spammers their attempts, and your site would be more secure.
3. Affects
3.1 Backward compatibility
The backward compatibility should be affected, but some solutions by 3pd developers are already available.
3.2 3PD extensions
A very good default antispam protection would be used by the 3rd party extensions (comments, guest books, forums etc.) as well what they could integrate instead of developing their own solutions.
Jozsef Tamas Herczeg // Member of the Hungarian Joomla Translation Team :: Follow me on Twitter: @jtherczeg
:: "Do not give fish to the hungry man teach him how to fish instead" ::
:: "Do not give fish to the hungry man teach him how to fish instead" ::
- Hackwar
- Joomla! Virtuoso
- Posts: 3788
- Joined: Fri Sep 16, 2005 8:41 pm
- Location: NRW - Germany
- Contact:
Re: Antispam Protection
It would be interesting to introduce more events here, which render possible captcha images and before save, check the content and then throw an error in case of a false input. This would be introduced in the model somewhere... I wouldn't want to implement this as a fixed solution in Joomla, but encourage the community to produce different solutions to this. The community could very nicely produce different methods, like captcha or calculations. Still, nice idea.
god doesn't play dice with the universe. not after that drunken night with the devil where he lost classical mechanics in a game of craps.
Since the creation of the Internet, the Earth's rotation has been fueled, primarily, by the collective spinning of English teachers in their graves.
Since the creation of the Internet, the Earth's rotation has been fueled, primarily, by the collective spinning of English teachers in their graves.
-
- Joomla! Virtuoso
- Posts: 3173
- Joined: Sun Apr 16, 2006 12:20 am
- Location: 127.0.0.1
Re: Antispam Protection
Not sure if this is a reasonable idea but it would be interesting to see some sort of capatcha implemented in the administrator backend login. I know gallery2 has an option for this when users login.
Backup, backup, backup!
The "Master" .htacess file by Nicholas http://snipt.net/nikosdion/the-master-htaccess
The "Master" .htacess file by Nicholas http://snipt.net/nikosdion/the-master-htaccess
- LocaLizeR
- Joomla! Explorer
- Posts: 331
- Joined: Thu Sep 15, 2005 4:44 am
- Location: Hungary
- Contact:
Re: Antispam Protection
Telling you the truth, I suggested this feature because the use of the current extensions (e.g. Security Images or Bigo Captcha) is possible by altering the core files. It would be more convenient for the end users to see this as a core feature.
Jozsef Tamas Herczeg // Member of the Hungarian Joomla Translation Team :: Follow me on Twitter: @jtherczeg
:: "Do not give fish to the hungry man teach him how to fish instead" ::
:: "Do not give fish to the hungry man teach him how to fish instead" ::
-
- Joomla! Apprentice
- Posts: 16
- Joined: Thu Sep 06, 2007 9:59 pm
Re: Antispam Protection
In light of the rise in levels of spam and bots in general, it would be great to see a more integrated approach via something like a Captcha option. Having the option for people to hook into this security to harden things further would be an added benefit.
Too many of the 3rd party solutions require hacking about with core files, which for new Joomla users or folks new to PHP is a recipe for disaster.
Please can we have some kind of core level security that can deal with the spammers! ;-)
Too many of the 3rd party solutions require hacking about with core files, which for new Joomla users or folks new to PHP is a recipe for disaster.
Please can we have some kind of core level security that can deal with the spammers! ;-)
- trouble
- Joomla! Intern
- Posts: 92
- Joined: Tue Jul 31, 2007 9:27 am
- Location: UK
Re: [52]Antispam Protection
I'm getting spammed to death right now from a contact form on one of my web sites
It's going to come a bit too late for me, but it's great that this has been accepted!
It's going to come a bit too late for me, but it's great that this has been accepted!
-
- Joomla! Apprentice
- Posts: 16
- Joined: Thu Sep 06, 2007 9:59 pm
Re: [52]Antispam Protection
Sorry to hear of your spam problem.
I'm just a little disappointed that it wasn't part of the core from day one of the 1.5 release. Comment spam has been a big issue for years and years now, so it shouldn't be a big surprise that the spammers are banging on our websites!!!
Good that we're going to see something done about it... eventually!
I'm just a little disappointed that it wasn't part of the core from day one of the 1.5 release. Comment spam has been a big issue for years and years now, so it shouldn't be a big surprise that the spammers are banging on our websites!!!
Good that we're going to see something done about it... eventually!
- trouble
- Joomla! Intern
- Posts: 92
- Joined: Tue Jul 31, 2007 9:27 am
- Location: UK
Re: [52]Antispam Protection
I'm with you all the way on your post!roundtrip wrote:Sorry to hear of your spam problem.
I'm just a little disappointed that it wasn't part of the core from day one of the 1.5 release. Comment spam has been a big issue for years and years now, so it shouldn't be a big surprise that the spammers are banging on our websites!!!
Good that we're going to see something done about it... eventually!
- bobbravo2
- Joomla! Apprentice
- Posts: 39
- Joined: Sun Jul 22, 2007 10:45 pm
- Location: Orlando, FL
- Contact:
Re: [52]Antispam Protection
There are a few J! 1.5 3p extensions avaliable on the directory:
http://extensions.joomla.org/component/ ... Itemid,35/
http://extensions.joomla.org/component/ ... Itemid,35/
These extensions use reCAPTCHA which I highly recommend as it helps to digitize books, and is accessible to users that are visually impaired.
Joomla! needs to have CAPTCHA as a part of the CORE because user interaction is a primary reason that we use Joomla! in the first place, one shouldn't have to add a 3p extension to stop spam - especially since they require modifying the core, which may create security vulnerabilities
http://extensions.joomla.org/component/ ... Itemid,35/
http://extensions.joomla.org/component/ ... Itemid,35/
These extensions use reCAPTCHA which I highly recommend as it helps to digitize books, and is accessible to users that are visually impaired.
Joomla! needs to have CAPTCHA as a part of the CORE because user interaction is a primary reason that we use Joomla! in the first place, one shouldn't have to add a 3p extension to stop spam - especially since they require modifying the core, which may create security vulnerabilities
-
- Joomla! Guru
- Posts: 554
- Joined: Wed May 31, 2006 11:34 am
Re: [52]Antispam Protection
Our jfusion.org also had around 5-10 bots registering every day. Captcha should really be part of the core. It is really essential to add this feature as soon as possible. All major softwares have this implemented and it would be great if Joomla would too.
There is already a great extention that does this with a core modifications that then allow for a system plugin to control the captcha options. You can select where you want captcha and prevents people from using direct links to bypass the images:
http://code.google.com/p/joomla15captcha/
It works really well on our site.
Cheers, Marius
There is already a great extention that does this with a core modifications that then allow for a system plugin to control the captcha options. You can select where you want captcha and prevents people from using direct links to bypass the images:
http://code.google.com/p/joomla15captcha/
It works really well on our site.
Cheers, Marius
JFusion is a revolutionary new universal user integration tool for Joomla. Visit http://www.jfusion.org for more details.
- razor7
- Joomla! Explorer
- Posts: 374
- Joined: Wed Aug 24, 2005 2:06 pm
- Location: Argentina
- Contact:
Re: [52]Antispam Protection
Hello...i suggest to have a builtin option like allikonweb antispam bot and also the recaptcha option, so users can choose wich one to use.
This idea is accepted...¿any news on how this will be implemented and when?
Thanks a lot!
This idea is accepted...¿any news on how this will be implemented and when?
Thanks a lot!
Visit http://www.mgscreativa.com
Take a look at our downloads section for VirtueMart payment plugins and mouch more! http://www.mgscreativa.com/contenidos/i ... Itemid=214
Take a look at our downloads section for VirtueMart payment plugins and mouch more! http://www.mgscreativa.com/contenidos/i ... Itemid=214
-
- Joomla! Apprentice
- Posts: 23
- Joined: Fri Dec 28, 2007 5:28 pm
Re: [52]Antispam Protection
My $.02 worth ...
This should be modulized (via plugin or whatever) so that as they (captchas, security features) get "cracked", they can be updated, upgraded or degraded and replaced. I'm not a programmer, just an interested party. Since fighting bots is nothing short of a race, whatever the approach it should be designed in such a way that keeps the race in mind.
This should be modulized (via plugin or whatever) so that as they (captchas, security features) get "cracked", they can be updated, upgraded or degraded and replaced. I'm not a programmer, just an interested party. Since fighting bots is nothing short of a race, whatever the approach it should be designed in such a way that keeps the race in mind.
-
- Joomla! Guru
- Posts: 554
- Joined: Wed May 31, 2006 11:34 am
Re: [52]Antispam Protection
That is what I like about:Archangel Michael wrote:My $.02 worth ...
This should be modulized (via plugin or whatever) so that as they (captchas, security features) get "cracked", they can be updated, upgraded or degraded and replaced. I'm not a programmer, just an interested party. Since fighting bots is nothing short of a race, whatever the approach it should be designed in such a way that keeps the race in mind.
http://code.google.com/p/joomla15captcha/
It is a Joomla plugin that can be configured as to where captcha should be shown and can be published/unpublished. Note that i do not have any involvement in coding this project, just like what they have done.
Thanks, Marius
JFusion is a revolutionary new universal user integration tool for Joomla. Visit http://www.jfusion.org for more details.
- alikon
- Joomla! Champion
- Posts: 5941
- Joined: Fri Aug 19, 2005 10:46 am
- Location: Roma
- Contact:
Re: [52]Antispam Protection
my 0.2 €
i've developed an open source plugin for an accessible captcha that can use several captcha type:
a) classic image captcha with sound
b) ascii art capctha
c) math captcha
extensions integration is quite simple, two event need to be triggered
the onView for showing the captcha
the tipical place for trigger is component/view/tmpl
the onVerify for checking the digited code
the tipical place for trigger this event is the component controller
here yuo'll find it
http://extensions.joomla.org/extensions ... 91/details
i've developed an open source plugin for an accessible captcha that can use several captcha type:
a) classic image captcha with sound
b) ascii art capctha
c) math captcha
extensions integration is quite simple, two event need to be triggered
the onView for showing the captcha
the tipical place for trigger is component/view/tmpl
Code: Select all
JPluginHelper::importPlugin('alikonweb');
if (JPluginHelper::isEnabled('alikonweb', 'alikonweb.captchabot')) {
$mainframe->triggerEvent('onView', array ('component'));
}
the tipical place for trigger this event is the component controller
Code: Select all
if(JPluginHelper::isEnabled('alikonweb', 'alikonweb.captchabot')){
$psw3 = JRequest::getVar( 'password3', '', 'post' );
$psw3 = strtolower($psw3);
JPluginHelper::importPlugin( 'alikonweb' );
$dispatcher =& JDispatcher::getInstance();
$results = $dispatcher->trigger( 'onVerify', array($psw3));
if (!$results[0] ) {
$msg = JText::_('SECURECODE_DO_NOT_MATCH');
JError::raiseWarning('A1', $msg);
$return = JRoute::_( 'index.php?option=com_auser&view=login' );
$mainframe->redirect( $return );
return false;
}
}
http://extensions.joomla.org/extensions ... 91/details