Difference between revisions of "Reducing spam in Moodle"

Jump to: navigation, search

Note: You are currently viewing documentation for Moodle 2.3. Up-to-date documentation for the latest stable version is available here: Reducing spam in Moodle.

(suggestions for reducing the risk of spam, category)
 
Line 3: Line 3:
 
Here are some suggestions for reducing the risk of spam in Moodle:
 
Here are some suggestions for reducing the risk of spam in Moodle:
  
* Leave "Force users to login for profiles" enabled in ''Administration > Security > [[Site policies]]'' to keep anonymous visitors away from user profiles.
+
* Leave "Force users to login for profiles" enabled in ''Administration > Security > [[Site policies]]'' to keep anonymous visitors and search engines away from user profiles.
 
* Leave self registration disabled in ''Administration > Users > Authentication > [[Manage authentication]]'' common settings, or limit self registration to particular email domains with the allowed email domains setting, or only enable self registration for a short period of time to allow users to create accounts, and then later disable it.
 
* Leave self registration disabled in ''Administration > Users > Authentication > [[Manage authentication]]'' common settings, or limit self registration to particular email domains with the allowed email domains setting, or only enable self registration for a short period of time to allow users to create accounts, and then later disable it.
 
* If [[Email-based self-registration]] is used for self registration, add spam protection to the new account form by enabling reCAPTCHA (in Moodle 1.9.1 onwards).
 
* If [[Email-based self-registration]] is used for self registration, add spam protection to the new account form by enabling reCAPTCHA (in Moodle 1.9.1 onwards).

Revision as of 10:11, 6 October 2008


Here are some suggestions for reducing the risk of spam in Moodle:

  • Leave "Force users to login for profiles" enabled in Administration > Security > Site policies to keep anonymous visitors and search engines away from user profiles.
  • Leave self registration disabled in Administration > Users > Authentication > Manage authentication common settings, or limit self registration to particular email domains with the allowed email domains setting, or only enable self registration for a short period of time to allow users to create accounts, and then later disable it.
  • If Email-based self-registration is used for self registration, add spam protection to the new account form by enabling reCAPTCHA (in Moodle 1.9.1 onwards).
  • If Email-based self-registration is used for self registration, use Moodle 1.9.2 or later, which requires users to confirm their email address if they change it in their profile.
  • Consider the spam risks involved in allowing certain capabilities, such as replying to forum posts, for visitor accounts.