Features / Usability

Features / Usability

[solved] Captcha on registration page? Auto-delete user without e-mail confirmation?

posts: 55

Since I postet the first links to my wiki running on tiki, I get random user registrations which use (presumably) auto-generated e-mails. They mostly never get confirmed and stay in the user list as orphans.

Best solution would be to completely prevent crawlers to register. This could be done using a captcha. How do I do that?

If that s not possible, I at least want to automatically delete users who never confirmed their e-mail. That would at least get rid of most of the orphans.

I am using tiki 21 LTS.

Referer Validation is active. I just activated e-mail validation using deep mx-search. I will see how effective this is in a few days. Before I did not validate the e-mail at all.

posts: 8514 Israel


Tiki has ways to limit if not suppress spaming registration.
See: https://doc.tiki.org/Spam-Protection

Login settings: tiki-admin.php?page=login
Security settings: tiki-admin.php?page=security#content_admin1-2

From experiences and reports;

  • The Tiki captcha may be be hard for legit users but it can be tweaked (shorten word length, bigger image and less noise) then it work fine
  • Re-captcha work fine (but with tracker plugin registration for 3.0)
  • CAPTCHA questions is very solid
  • Page key and passcode are good too
  • If you work with multilingual or have a pattern in username, Username pattern can be used as a solid wall ;-)

Hope this helps... 😉

posts: 55

Hi Bernard Sfez / Tiki Specialist,

I made the oldest mistake ever - did not check before asking. There was a CAPTCHA in registration form. Seems like it is used anywhere anonymous can take action, not only at wiki edits like I thought. Obviously it is not effective against robots. I changed to a CAPTCHA question - should also be easier to solve for humans. Thanks to your answer I now know all possibilities and will test what helps. Thanks a lot - again!