I think that this would be very good feature. Basically it should prevent automatic registration by email (which should be still active) of spamming users at sites. Registration process should go this way Administrator enable self user registration and enable activate by administrator → Users enter they details and create account → They get verification email and they verify they account → they get another email with information that they account is created but it has to be enabled by administrator/editor/manager → Some one of masthead or administrator enable account.
This option should be managed not as only administrator option but it should be managed with other roles such as manager.
I know that this is step back in automatisation of process but it is a good way to disable registration of unwanted users, and it is taking small effort of masthead, and damage is smaller than spamming sites.
Hi @knjigor,
I’m not sure which version of which app you’re interested in adding this to, but have you enabled Captcha testing? See your config.inc.php file. This will resolve spam registrations.
Regards,
Alec Smecher
Public Knowledge Project Team
I’m interested in OJS 3. Captcha was enabled on site with 2.x version of OJS but there are still registrations that pass captcha (human registrations) and that are posting spam submissions.
Hi @knjigor,
Interesting, I’ve never heard of spam submissions – beyond attempts to hack the system – that made it past a Captcha test. Can you describe how these submissions look?
Regards,
Alec Smecher
Public Knowledge Project Team
Hi @asmecher,
I know, it’s an old conversation, but I strongly support @knjigor’s idea. We had a similar event in our other OJS installation (2.4.8). Lately someone submitted a malicious file (.phtml – you could have a copy of that, if you’re interested) and I investigated, that this had happened 8 times before … Right now I’m investigating our database for information on how this happened and which user was involved …
Tobias
Hi @twa @asmecher,
This rely is an old post, and I didn’t have time to send an answer, basically it is rely simple, we have users from other countries (India etc) that register them on Journal site and try to send applications, this generally wasn’t problem at first because there were an small number of them, but at one moment we had more than 50 registered users and applications that were actually “spam” with complete or incomplete texts, and that was an problem because we had to clean them from system and from database (users aren’t removed from database when they are deleted in system).
We manage to solve part of this problem with captcha, but we still have some registrants from time to time.