Reducing spam in Moodle: Difference between revisions
From MoodleDocs
No edit summary |
Helen Foster (talk | contribs) (email change confirmation rewording, stub template removed) |
||
Line 1: | Line 1: | ||
Here are some suggestions for reducing the risk of spam in Moodle: | Here are some suggestions for reducing the risk of spam in Moodle: | ||
Line 6: | Line 4: | ||
* Leave self registration disabled in ''Administration > Users > Authentication > [[Manage authentication]]'' common settings, or limit self registration to particular email domains with the allowed email domains setting, or only enable self registration for a short period of time to allow users to create accounts, and then later disable it. | * Leave self registration disabled in ''Administration > Users > Authentication > [[Manage authentication]]'' common settings, or limit self registration to particular email domains with the allowed email domains setting, or only enable self registration for a short period of time to allow users to create accounts, and then later disable it. | ||
* If [[Email-based self-registration]] is used for self registration, add spam protection to the new account form by enabling reCAPTCHA (in Moodle 1.9.1 onwards). | * If [[Email-based self-registration]] is used for self registration, add spam protection to the new account form by enabling reCAPTCHA (in Moodle 1.9.1 onwards). | ||
* If Email-based self-registration is used for self registration, | * If Email-based self-registration is used for self registration, leave "Email change confirmation" enabled in ''Administration > Security > [[Site policies]]'' (in Moodle 1.8.6 or 1.9.2 onwards). | ||
* Consider the [[Risks|spam risks]] involved in allowing certain capabilities, such as [[Capabilities/mod/forum:replypost| replying to forum posts]], for visitor accounts. | * Consider the [[Risks|spam risks]] involved in allowing certain capabilities, such as [[Capabilities/mod/forum:replypost| replying to forum posts]], for visitor accounts. | ||
[[Category:Security]] | [[Category:Security]] |
Revision as of 15:47, 6 October 2008
Here are some suggestions for reducing the risk of spam in Moodle:
- Leave "Force users to login for profiles" enabled in Administration > Security > Site policies to keep anonymous visitors and search engines away from user profiles.
- Leave self registration disabled in Administration > Users > Authentication > Manage authentication common settings, or limit self registration to particular email domains with the allowed email domains setting, or only enable self registration for a short period of time to allow users to create accounts, and then later disable it.
- If Email-based self-registration is used for self registration, add spam protection to the new account form by enabling reCAPTCHA (in Moodle 1.9.1 onwards).
- If Email-based self-registration is used for self registration, leave "Email change confirmation" enabled in Administration > Security > Site policies (in Moodle 1.8.6 or 1.9.2 onwards).
- Consider the spam risks involved in allowing certain capabilities, such as replying to forum posts, for visitor accounts.