Difference between revisions of "NATS4 Adding a Verification Image"
Line 3: | Line 3: | ||
}} | }} | ||
− | [[NATS4]] contains the option to use [[CAPTCHA]] (Completely Automated Public | + | [[NATS4]] contains the option to use [[CAPTCHA]] (Completely Automated Public Turing test to tell Computers and Humans Apart) images on the external access page. This can provide an additional security measure that helps to prevent against automated login attempts. However, this option is not enabled by default in [[NATS]]. |
== Affiliate CAPTCHA == | == Affiliate CAPTCHA == |
Revision as of 16:15, 10 August 2019
NATS4 contains the option to use CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) images on the external access page. This can provide an additional security measure that helps to prevent against automated login attempts. However, this option is not enabled by default in NATS.
Affiliate CAPTCHA
If you would like to add CAPTCHA images to your external access page, first go to the Configuration Admin. In the "Current Section" drop down menu, select "Affiliates" option and click the change section button. Find the AFFILIATE_SIGNUP_CAPTCHA and enable the check box and save. Your external access page will now contain a CAPTCHA image that must be completed by your affiliates before they can continue browsing.
If you use the CAPTCHA verification image feature, make sure that you check our CAPTCHA wiki article for common verification image problems.
Members CAPTCHA
CAPTCHA can be used for your site's join page. To turn on the CAPTCHA for the site join form, you must:
First, go into the configuration admin, under the misc section and find MEMBER_RETRY_CAPTCHA. This field requires a number greater than 1 and is the minimum number of failed signups before the CAPTCHA shows.
In order for the CAPTCHA to show:
- The surfer has to have already attempted to sign up once, and within one hour prior to the present signup.
- The signups have to use the same IP.
- The members have to be Never Joined members for the same site.
Then, add
{if !empty($vars.captcha_required) || !empty($errors.captcha)} <tr> <td colspan="2" style="border:none; text-align: center"> <img src="/captcha_image.php?width=300&height=90" width="300" height="90" /><br /> <strong>Please fill in the text from the image</strong><br /> <input class="join_input" type="text" name="signup[captcha:1]" /> {if !empty($errors.captcha)} <br /> <span>{$errors.captcha}</span> {/if} </td> </tr> {/if}
before your submit button for the join template.
A more stylized example is shown below:
{if !empty($vars.captcha_required) || !empty($errors.captcha)} <fieldset> <legend>Captcha Image</legend> <div class="form_input"> <tr> <td colspan="2" style="border:none; text-align: center"> <img src="/captcha_image.php?width=300&height=90" width="300" height="90" /><br /> <strong>Please fill in the text from the image</strong><br /> <input class="join_input" type="text" name="signup[captcha:1]" /> {if !empty($errors.captcha)} <br /> <span>{$errors.captcha}</span> {/if} </td> </tr> </fieldset> {/if}
Config Admin
Config Admin -> 'Misc' section:
- MEMBER_PASSWORD_USE_CAPTCHA : If Set, Password retrieval will require a CAPTCHA verification
- MEMBER_PASSWORD_USE_CAPTCHA_RETRY : Number of Tries a Surfer can make on the Password retrieval page if CAPTCHA is used
- MEMBER_SIGNUP_USE_CAPTCHA : If Set, member signups will require a CAPTCHA verification
- MEMBER_RETRY_CAPTCHA : Number of tries a surfer can make to signup before a CAPTCHA is used
- MEMBER_RETRY_CAPTCHA_HOURS : Number of hours to look back when checking aginst the MEMBER_RETRY_CAPTCHA configuration. By default NATS will look for signup attempts within the past hour
Config Admin -> 'Affiliate' section:
- AFFILIATE_SIGNUP_CAPTCHA : Enable Affiliate Signup CAPTCHA Image.