TechWorker
Member
Posted 17 years ago #
I am using the plugin to signup using captcha image. It is working fine.
Is there a plugin to login using captcha image.
I have searched in the plugin download site and in the forums. I didn't come across one.
With signup and login using captcha, I am hoping it would make it difficult for spam to enter my system.
A quick Google search only shows them for commenting and for the signup that you mention. I'm not familiar with one.
I did find this discussion though that I wanted to point you to. It contains a few links that may be of interest:
http://comox.textdrive.com/pipermail/wp-hackers/2006-August/007944.html
Not sure if that will help. You're probably going to have to code something yourself or hack one of the comment plugins.
Good luck,
-drmike
TechWorker
Member
Posted 17 years ago #
wpmu-login-captcha plugin:
Reading the docs about 'how to create plugins' and hacking the wpmu-signup-captcha plugin, I created a plugin myself.
This plugin adds a number captcha image verification to the login page.
Thanks every body.
TechWorker
Member
Posted 17 years ago #
Download link here.
http://wpmudevorg.wordpress.com/project/wpmu-login-captcha
There is one known bug.
The Login is working with URL "http://yoursite.com/wp-login.php", but not with "http://www.yoursite.com/wp-login.php".
If the login page is called directly using the URL "http://www.yoursite.com/wp-login.php", the $_SESSION['captcha'] is not being initialized. The first login will fail and it gets redirected to "http://yoursite.com/wp-login.php" Second login will pass.
Unfortunately, the default WPMU home page 'Login' URL directs to "http://www.yoursite.com/wp-login.php". Change your home.php 'login' URL to "http://yoursite.com/wp-login.php".
TechWorker
Member
Posted 17 years ago #
I have a work around for the above bug. I remove the www in the site URL. I redirect the URL type http://www.yoursite.com to http://yoursite.com in .htaccess file. Add the following lines in your .htaccess file after 'RewriteBase /'
RewriteCond %{HTTP_HOST} ^www\.(.*)
RewriteRule ^(.*) http://%1/$1 [R,L]
lunabyte
Member
Posted 17 years ago #
Which is the way it "should" be to begin with.
The problem is that with a captcha at sign in you stand a chance of annoying you real users.
I can fully understand a captcha at sign up to prove I'm not a bot. I can fully understand a captcha for comments for unregistered users to prove they are not a bot.
Your site is apparently saying "I don't trust you" even if you have signed up.
If every time I visited a blog to post a entry I had to provide a login id, password AND a captcha then the blog would get one last entry from me and I wouldn't come back.
I make a litle php script (wp-captcha) and write some hacks to add a captcha to your WordPress MU you can see the captcha working in this site
http://eterblogs.com/wp-signup.php
and you can download and get help in this site
http://eterblog.com/2007/11/21/trucos/wp-captcha-10-captcha-system-for-wordpress-mu/