[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: BerkeleyLUG site anti-spam enabled, comments & registration / sign-up opened up.

Quoting Michael Paoli (Michael.Paoli@cal.berkeley.edu):

> o add some captcha or the like to raise the bar sufficiently on
>   registration / sign-up

It usually ends up being a CAPTCHA implementation people add for this 
purpose, because it's difficult to find a modest, _simple_ plug-in for
WordPress, only baroquely complex ones.  But a complete solution would
be anything that asks the user to answer a simple question that isn't
standard across everyone else's WordPress, like 'What is 4+5?' and
require a correct answer before the form submission gets processed.

Bruce Schnier on his blog ('Schneier on Security') has a simple hack
where you are asked to answer the question 'The title of this blog is
"Schneier on ________".  What is that word?'  (I paraphrase.)  Works
perfectly -- because it's not necessary to defeat custom attacks, just
comment-bots aimed at commodity software.

You received this message because you are subscribed to the Google Groups "BerkeleyLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to berkeleylug+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/berkeleylug/20190912080641.GU6980%40linuxmafia.com.