Strona główna Odkrywaj Pomoc
Zaloguj się
CityApper
/
coderedcms
kopia lustrzana https://github.com/coderedcorp/coderedcms
2
0
Forkuj 0
Pliki Problemy 0 Wiki
Drzewo: 02e829d727
Gałęzie Tagi
coderedcms
/
docs
/
features
/
spam-protection.rst

spam-protection.rst 2.4 KB
Historia Czysty

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 
  1. Spam Protection
    2. 

  2. ===============
    3. 

  3. 

  4. CRX provides features to help block spam form submissions from your site.
    5. 

  5. 

  6. These can be toggled in **Settings > CRX Settings > Forms**
    7. 

  7. 

  8. 

  9. Basic (honeypot)
    10. 

  10. ----------------
    11. 

  11. 

  12. The default spam protection technique is a simple honeypot. This adds a hidden field to all forms, which some spammers might mistake for a real field. If the hidden field is filled out, the submission is rejected and a generic error message is shown to the user.
    13. 

  13. 

  14. While this technique is not the most effective, it can help stop some brute force spammers, and requires no additional setup or 3rd party services.
    15. 

  15. 

  16. 

  17. reCAPTCHA v3 (invisible)
    18. 

  18. ------------------------
    19. 

  19. 

  20. Google's reCAPTCHA v3 is invisible, meaning the visitor does not see anything and does not have to solve any challenges. This works by generating a score of how likely the submission is to be spam.
    21. 

  21. 

  22. By default, CRX will show a generic error message for scores lower than 0.5. This can be adjusted in **Settings > CRX Settings > Forms**. If your visitors are complaining that they are getting errors when submitting forms, you may want to lower this number. If you are still receiving a lot of spam submissions, you may want to raise it.
    23. 

  23. 

  24. **reCAPTCHA v3 requires API keys from Google.** When creating the API keys, you must select recAPTCHA v3, then enter those keys into **Settings > CRX Settings > Forms**.
    25. 

  25. 

  26. `Create reCAPTCHA API keys <https://www.google.com/recaptcha/admin/create>`_
    27. 

  27. 

  28. 

  29. reCAPTCHA v2 ("I am not a robot")
    30. 

  30. ---------------------------------
    31. 

  31. 

  32. Google's reCAPTCHA v2 shows the famous "I am not a robot" checkbox on the form. This requires the visitor to click the box. In some cases, Google might require the visitor to solve a challenge, such as selecting images or solving a puzzle.
    33. 

  33. 

  34. **reCAPTCHA v2 requires API keys from Google.** When creating the API keys, you must select recAPTCHA v2 "I am not a robot", then enter those keys into **Settings > CRX Settings > Forms**.
    35. 

  35. 

  36. `Create reCAPTCHA API keys <https://www.google.com/recaptcha/admin/create>`_
    37. 

  37. 

  38. 

  39. Customizing the spam error message
    40. 

  40. ----------------------------------
    41. 

  41. 

  42. The spam error message can be customized on a per-page basis by overriding the ``get_spam_message`` function as so:
    43. 

  43. 

  44. .. code-block:: python
    45. 

  45. 

  46.    class FormPage(CoderedFormPage):
    47. 

  47.        ...
    48. 

  48. 

  49.        def get_spam_message(self) -> str:
    50. 

  50.            return "Error submitting form. Please try again."
    51. 

  51. 

  52. |
    53. 

  53. 

  54. .. versionadded:: 5.0
    55. 

  55. 

  56.    reCAPTCHA v2 and v3 support was added in CRX 5.0.
    57.