[Xastir] Captcha's
John Gorkos
jgorkos at gmail.com
Fri Jun 13 12:49:09 EDT 2014
Curt-
Not looking for work for you, but one option might be to look at the
work Hessu has done in using ARRL LOtW certificates as authentication
factors for Wiki log in. The process is fairly straightforward on the
server side, and you tell it to trust any client certificate signed by
the ARRL cert. In this way, the server has access to all of the
information in the Client Cert, including callsign, full name, etc.
Again, I know that your time is much better spent coding Xastir than
monkeying around with HTTP servers, but it's a thought, and the ARRL has
really done all the hard work in terms of creating a cert pool and
issuing them to people who are "legit" ham radio operators...
John Gorkos
AB0OO
On 6/13/14, 12:39 PM, Curt, WE7U wrote:
>
> I implemented Captcha's last night, then turned the new user account
> feature back on. Wiki's can end up with new spam logins even with that,
> but it's greatly reduced. I guess
> people actually employ others to get through the captcha's...
>
> If we start getting more than one or two new spam users a week I'll
> change the configs so new logins must be authorized by an admin. That
> should put an end to it. In fact I may just do that in any case!
>
> This captcha is easier (for humans) to get through than most I've seen.
> You see a series of dog and cat pics and must select all of the cat pics
> to get through.
>
> The only bug I've seen: The enlarged pic when you hover over them is
> too high on the frame, so the top of the pic gets cut off. Even so I
> was able to get through the captcha each and every time.
>
More information about the Xastir
mailing list