add details about altcha

Author: kaitlinnewson

admin-guide/en/deploy-jobs.md

@@ -64,7 +64,7 @@ Replace the following variables in the configuration above with the correct path
 | `<root>` | Absolute path to the root directory of the application (OJS, OMP, OPS). |
 | `<log-file>` | Absolute path to a log file. If hosting in a cloud environment, you may want to [direct logs to stdout](https://stackoverflow.com/a/26897648/1723499). |
 
-> Take a special note that workers are long running process that loads the application in memory. As a result, any changes when workers are running will not reflect instantly without restarting the worker.
+> Take note that workers are long-running processes that load the application in memory. As a result, any changes when workers are running will not reflect instantly without restarting the worker.
 {:.notice}
 
 Restart Worker.
@@ -154,7 +154,7 @@ job_runner_max_jobs = 30
 ; Lower this setting if jobs are failing due to timeouts.
 job_runner_max_execution_time = 30
 
-; The maximum consumerable memory that should be spent by the built-in
+; The maximum consumable memory that should be spent by the built-in
 ; job runner when running jobs.
 ;
 ; Set as a percentage, such as 80%:

admin-guide/en/deploy-users.md

@@ -27,7 +27,9 @@ require_validation = On
 
 Google's [reCAPTCHA](https://www.google.com/recaptcha/) service can be enabled for the registration and login forms. This will reduce the number of bots that can sign up by requiring users to complete a task that is difficult for bots to perform during registration and login.
 
-You will need to [sign up](https://www.google.com/recaptcha/) for an account with Google to receive public and private keys. Then set the following options in `config.inc.php`.
+You will need to [sign up for a Google account](https://www.google.com/recaptcha/) to receive public and private keys.
+
+To enable reCAPTCHA, set the following options in `config.inc.php`.
 
 ```
 ;;;;;;;;;;;;;;;;;;;;
@@ -57,6 +59,34 @@ recaptcha_enforce_hostname = Off
 
 Use of Google's reCAPTCHA service will send your visitors' data to Google's servers. You may be required to notify users of this depending on the privacy laws in your jurisdiction.
 
+### Altcha
+
+[ALTCHA](https://altcha.org/open-source-captcha/) is an open-source and self-hosted alternative to Google's reCAPTCHA. ALTCHA can be enabled to reduce spam activity on registration, login, and password reset forms.
+
+You will need to set up a self-hosted installation to create a private key. Review [the ALTCHA documentation](https://altcha.org/docs/v2/) for more information.
+
+Once you have a private key for ALTCHA, set the following options in `config.inc.php`:
+
+```
+; Whether or not to enable ALTCHA
+altcha = on
+
+; Private key for ALTCHA
+altcha_hmackey = 'Example key'
+
+; Whether or not to use ALTCHA on user registration
+altcha_on_register = on
+
+; Whether or not to use ALTCHA on user login
+altcha_on_login = on
+
+; Whether or not to use ALTCHA on user lost password
+altcha_on_lost_password = on
+
+; The quantity of encryption cycles performed by the ALTCHA system
+altcha_encrypt_number = 10000
+```
+
 ### Honeypot
 
 The [pkp-formHoneypot](https://github.com/ulsdevteam/pkp-formHoneypot) plugin from the University of Pittsburgh implements a [honeypot](https://en.wikipedia.org/wiki/Honeypot_(computing)) mechanism to protect new user registrations from bots. This plugin is effective against most bots and does not send your visitor's data to any third parties.
@@ -157,4 +187,4 @@ Learn how to import or export data about user accounts in the [Import/Export](./
 
 ---
 
-The next section describes best practices for running lots of independent journals, presses or preprint servers from one [multi-tenant install](./deploy-multi-tenant).
+The next section describes best practices for running lots of independent journals, presses or preprint servers from one [multi-tenant install](./deploy-multi-tenant).

admin-guide/en/deploy.md

@@ -14,7 +14,7 @@ In a production environment, the software needs to be configured to send email,
 
 ## What you need to know
 
-In order to run this software securely, you will need to understand how to do the following:
+To run this software securely, you will need to understand how to do the following:
 
 - Upload and edit files on your web server
 - Modify file permissions on your web server
@@ -31,9 +31,9 @@ If you are unfamiliar with some of these topics, you may be able to learn by fol
 
 The configuration file is found in the root directory of the application. For example, if you installed the software to the directory `/var/www`, the configuration file would be located at `/var/www/config.inc.php`.
 
-Some of the settings in this file, like the database connection, are set during the installation process (see [Getting Started](./getting-started)). However, you will need to edit the file directly to configure other settings.
+Some settings in this file, like the database connection, are set during the installation process (see [Getting Started](./getting-started)). However, you will need to edit the file directly to configure other settings.
 
-Open the config file, find the `base_url` setting and change it to the web address of your install.
+Open the config file, find the `base_url` setting, and change it to the web address of your installation.
 
 ```
 base_url = "<url>"
@@ -45,15 +45,15 @@ Add this domain to your `allowed_hosts` list.
 allowed_hosts = '["<url>"]'
 ```
 
-Two secret keys need to be set in order to safely encrypt secure tokens on your server. You can use the following command to generate a random key in most Linux and Mac environments.
+Two secret keys need to be set to safely encrypt secure tokens on your server. You can use the following command to generate a random key in most Linux and Mac environments.
 
 ```bash
 openssl rand -base64 32
 ```
 
 Use the string created by this command to set the `salt` and `api_key_secret` values in `config.inc.php`. Each config setting should have a different value.
 
-(We have not provided an example, because copying the example could compromise your site's security.)
+(We have not provided an example because copying the example could compromise your site's security.)
 
 Set the `require_validation` in order to require new users to validate their email addresses before using a new account.
 
@@ -119,7 +119,7 @@ validation_timeout = 14
 
 ## SSL / HTTPS
 
-Every site should encrypt it's web traffic using a SSL certificate. This will make your site run from `https://` instead of `http://`. If you don't have a SSL certificate, you should [get one](./securing-your-system#sslencryption).
+Every site should encrypt its web traffic using an SSL certificate. This will make your site run from `https://` instead of `http://`. If you don't have an SSL certificate, you should [get one](./securing-your-system#sslencryption).
 
 Edit the `config.inc.php` file to force URLs to use SSL:
 
@@ -145,7 +145,7 @@ Learn more about how to configure the [job runner](./deploy-jobs).
 
 ## Pretty URLs
 
-Enable URL rewriting on your server in order to drop the `index.php` from URLs. For example, instead of `https://example.org/index.php/publicknowledge`, the URL will be `https://example.org/publicknowledge`.
+Enable URL rewriting on your server to drop the `index.php` from URLs. For example, instead of `https://example.org/index.php/publicknowledge`, the URL will be `https://example.org/publicknowledge`.
 
 The following is an example `.htaccess` file that can be used to enable `mod_rewrite` for Apache servers. This file should be placed in the web root.
 
@@ -171,4 +171,4 @@ The configuration file includes settings to control the default date formats, ma
 
 ---
 
-You've now configured all of the critical application functions. Next, you can learn how to configure your [email server](./deploy-email) to reliably deliver email.
+You've now configured all the critical application functions. Next, you can learn how to configure your [email server](./deploy-email) to reliably deliver email.