You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: admin-guide/en/deploy-users.md
+32-2Lines changed: 32 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -27,7 +27,9 @@ require_validation = On
27
27
28
28
Google's [reCAPTCHA](https://www.google.com/recaptcha/) service can be enabled for the registration and login forms. This will reduce the number of bots that can sign up by requiring users to complete a task that is difficult for bots to perform during registration and login.
29
29
30
-
You will need to [sign up](https://www.google.com/recaptcha/) for an account with Google to receive public and private keys. Then set the following options in `config.inc.php`.
30
+
You will need to [sign up for a Google account](https://www.google.com/recaptcha/) to receive public and private keys.
31
+
32
+
To enable reCAPTCHA, set the following options in `config.inc.php`.
31
33
32
34
```
33
35
;;;;;;;;;;;;;;;;;;;;
@@ -57,6 +59,34 @@ recaptcha_enforce_hostname = Off
57
59
58
60
Use of Google's reCAPTCHA service will send your visitors' data to Google's servers. You may be required to notify users of this depending on the privacy laws in your jurisdiction.
59
61
62
+
### Altcha
63
+
64
+
[ALTCHA](https://altcha.org/open-source-captcha/) is an open-source and self-hosted alternative to Google's reCAPTCHA. ALTCHA can be enabled to reduce spam activity on registration, login, and password reset forms.
65
+
66
+
You will need to set up a self-hosted installation to create a private key. Review [the ALTCHA documentation](https://altcha.org/docs/v2/) for more information.
67
+
68
+
Once you have a private key for ALTCHA, set the following options in `config.inc.php`:
69
+
70
+
```
71
+
; Whether or not to enable ALTCHA
72
+
altcha = on
73
+
74
+
; Private key for ALTCHA
75
+
altcha_hmackey = 'Example key'
76
+
77
+
; Whether or not to use ALTCHA on user registration
78
+
altcha_on_register = on
79
+
80
+
; Whether or not to use ALTCHA on user login
81
+
altcha_on_login = on
82
+
83
+
; Whether or not to use ALTCHA on user lost password
84
+
altcha_on_lost_password = on
85
+
86
+
; The quantity of encryption cycles performed by the ALTCHA system
87
+
altcha_encrypt_number = 10000
88
+
```
89
+
60
90
### Honeypot
61
91
62
92
The [pkp-formHoneypot](https://github.com/ulsdevteam/pkp-formHoneypot) plugin from the University of Pittsburgh implements a [honeypot](https://en.wikipedia.org/wiki/Honeypot_(computing)) mechanism to protect new user registrations from bots. This plugin is effective against most bots and does not send your visitor's data to any third parties.
@@ -157,4 +187,4 @@ Learn how to import or export data about user accounts in the [Import/Export](./
157
187
158
188
---
159
189
160
-
The next section describes best practices for running lots of independent journals, presses or preprint servers from one [multi-tenant install](./deploy-multi-tenant).
190
+
The next section describes best practices for running lots of independent journals, presses or preprint servers from one [multi-tenant install](./deploy-multi-tenant).
0 commit comments