1084

Advice How to add captcha on form submit and admin login.

Comments for “Advice How to add captcha on form submit and admin login.”
 

Posted by jogesh on Saturday 4th June 2022 at 02:12 GMT

Hi All,

I want to add a simple captcha of 5-6 characters on my admin login page and my contact form submissions for adding a little security from brute force login and bots.
can you please suggest how can I add the same?

jogesh

User Level: Guest

Date Joined: 11/12/2021

Posted by DaFa on Saturday 4th June 2022 at 15:22 GMT

I would suggest you forget about using a captcha and have a look at DC's anti-spam module along with Apophis mFactor modules on the Module marketplace
Founding Member

DaFa

User Level: Founding Member

Date Joined: 30/11/2018

Posted by djnordeen on Sunday 5th June 2022 at 10:56 GMT

I would think that doing an email verify, two factor authentication, would be a better way to go.
You could use mfactor from the module market.
To me, this would be a more secure route to take on a login page.

Dan
Early Adopter

djnordeen

User Level: Early Adopter

Date Joined: 20/08/2021

Posted by DaFa on Sunday 5th June 2022 at 11:27 GMT

As Dan and I have already mentioned above, you would be better off using something else as captchas are not user friendly or that secure but if you insist on using one, here is a link to one you can use with Trongate. It has many examples for various frameworks, I'd go straight to the pure php example.

https://captcha.com/php-captcha.html

Cheers,
Si
Founding Member

DaFa

User Level: Founding Member

Date Joined: 30/11/2018

Posted by Davcon on Friday 10th June 2022 at 17:57 GMT

Captchas no longer working is a systemic problem that currently affects all of web development.

Interestingly, one of the best solutions I've heard of so far came from somebody right here who is new to PHP. Our very own John Paul. He suggests firing off a confirmation email whenever somebody fills out a contact form so that they can verify that they aren't a bot - either by being asked to submit a random code or clicking on a confirmation link.

Can anyone see anything wrong with that idea? I can't.
Founding Member

Davcon

User Level: Founding Member

Date Joined: 3/11/2018

×