Differences

This shows you the differences between the selected revision and the current version of the page.

punbb13:pun_antispam 2008/11/11 13:41 punbb13:pun_antispam 2020/02/06 11:04 current
Line 1: Line 1:
-====== Antispam System (pun_antispam) ====== +Moved to [[punbb13:extensions:pun_antispam]]
-[[punbb13:Official extensions|PunBB 1.3 official extensions]] +
-  * Current version: **[[http://punbb.informer.com/extensions/pun_antispam/pun_antispam.zip|1.2]]** +
- +
-===== General idea ===== +
-Protect the forum using CAPTCA from  +
-  * Bruteforcing the passwords  +
-  * Spam in guest posts  +
-  * Bot registration  +
- +
-===== Specification ===== +
-  * Add CAPTCHA at: +
-    * Registration +
-      * If user has **passed** the CAPTCHA, but mistaken in some other field of the form (the form is displayed again for user to correct the data), **do not** show the CAPTCHA again. I.e. user must pass the CAPTCHA only once to register. +
-      * Here may be used the simple CAPTCHA kind of "Are you robot? Yes/No" Just use the random ''name'' for ''<input>'' or even ''name="agree"'' for "Yes". This will protect from common robots, but not from targeted attack, so this may be an option. Delay this for (pun_antispam 2.0) +
-    * Guest post +
-      * Same as for registration: do not ask CAPTCHA again if user has some errors, ask once per message. +
-      * Or even once per N messages? (pun_antispam 2.0) +
-    * Password restore +
-      * Do not ask for the first N requests from the IP (pun_antispam 2.0) +
-    * Login +
-      * Do not ask for the first N requests from the IP (pun_antispam 2.0) +
-  * Add options to Administration => Settings => Features +
-    * Use CAPTCHA on register page (checkbox, checked by default) +
-    * Use CAPTCHA on guest posting (checkbox, checked by default) +
-    * Use CAPTCHA after 5 login failures (checkbox, checked by default) +
-    * Use CAPTCHA on password restore form (checkbox, checked by default) +
-  * Add database table <db_prefix>_config +
-    * o_pun_antispam_captcha_register = 1 +
-    * o_pun_antispam_captcha_guestpost = 1 +
-    * o_pun_antispam_captcha_login = 1 +
-    * o_pun_antispam_captcha_restorepass = 1 +
-  * CAPTCHA implementation +
-    * Use sessions to store the code. +
-    * Delay before image output (1 s). +
-    * When the test is passed by the user, do not ask again it again on other pages for some time (or until user does something suspicious). +
-    * TODO: Describe how the code will be modified against bots. +
-    * IDEA: Use the words list? E.g. "punbb", "forum", "guest", "user" and s.o. +
-    * IDEA: Use the empty invisible field with title like "do not fill this". If filled, this is a bot. +
-    * IDEA: Use math captcha. +
-    * IDEA: Use [[http://recaptcha.net/|reCAPTCHA]].+

Personal Tools