Page 1 of 1

Verifying registration

Posted: Thu Jul 11, 2019 3:07 pm
by man_alone
I am an absolute newbie. I have installed phpBB on my website and want to restrict access to my forum to my family only. I've read documentation and looked at your forum and am overwhelmed with the amount of stuff to read. What I want is a similar registration system that I encountered when registering for this forum. That is, allowing me to verify the request and send an acceptance code allowing acceptance of the registration.

Re: Verifying registration

Posted: Thu Jul 11, 2019 4:10 pm
by stevemaury
Even easier. Use the Q&A CAPTCHA.

Your question will be:

Type the registration code

Your answer will be:

x$47Ygh! (or whatever).

Email the code to the family members. Set Account Activation to "No activation" in the Board Registration settings.

More information on Q&A here - https://www.phpbb.com/support/docs/en/3 ... a-captcha/

You will need to set Guest access for all forums to a No Access permission role.

Re: Verifying registration

Posted: Fri Jul 12, 2019 11:50 am
by man_alone
Thank you stevemaury for the quick reply. Can you help with a related question. I would like to implement the same system as this board, i.e. you get a list of things and are asked to separate the contents to two separate lists (e.g. 'liquids and solids' or 'fruits and vegetables'). How is that done? Most of my forum members will be quite old and may not cope with reading CAPTCHA images.

Re: Verifying registration

Posted: Fri Jul 12, 2019 1:28 pm
by Lumpy Burgertushie
the reading images type of thing is broken and does not work. the spam bots go right past it.
what steve described above is not any images at all.
the one you are talking about will be even harder for your visitors to solve but it is already built in to phpbb as an option.

the way steve showed you is going to to be the best for a private board. if you do that you won't need anything else.


robert

Re: Verifying registration

Posted: Fri Jul 12, 2019 2:22 pm
by stevemaury
man_alone wrote:
Fri Jul 12, 2019 11:50 am
Most of my forum members will be quite old and may not cope with reading CAPTCHA images.
There is no "reading of CAPTCHA images" involved in what I told you. One time, at registration, they type in the code you gave them. That's it.

The term CAPTCHA involves things other than squiggly images (which don't work anyway).

The method I gave you is far more effective than the CAPTCHA used here on phpBB.com.

Re: Verifying registration

Posted: Fri Jul 12, 2019 10:57 pm
by John connor
Or you can use a simple HTTP password lock or what ever it's called. In cPanel you should have an option for password protecting directories. The directory you want to password protect is the index. I do exactly this on a duplicate phpBB forum just for testing. Its index is password protected so that Google doesn't index it and other things as I would have dup content and it keeps my site to myself for testing.

Now mind you hackers know a thing or two about cracking a password protected directory in this fashion. One is just by sheer brute force. If you use a good username and a password that's at least 16 characters long, brute force won't work. Unless of course quantum computing rolls around. :lol: Another method is by changing the get request, but I tried that and it didn't work. I think Apache and Litespeed have fixed that vulnerability. To take the security up a notch use CIDRAM, Ninjafirewall and CloudFlare. Read my signature on all that.

Keep in mind that if you don't want any of your content read by Google bot, etc, you'll have to set up the correct read permissions. I think it's under group forum permissions that you can deny bots read access.

Re: Verifying registration

Posted: Sat Jul 13, 2019 11:07 am
by KevC
That seems a bit over the top for some people who are not familiar with forums.

You could use the add user extension and make the accounts yourself and then send them the login but I would favour Steve's suggestion. The only people that can register are the ones who have the Q&A code.
https://www.phpbb.com/customise/db/exte ... _add_user/

Re: Verifying registration

Posted: Sat Jul 13, 2019 3:26 pm
by stevemaury
The problem with using the Add user extension is that it does not, AKAIK, block normal registrations, so you would still have to deal with spam. With my suggestion, no spam ever.

And yes, the Bots group should also have a No access permission role for all forums.

Re: Verifying registration

Posted: Sat Jul 13, 2019 3:36 pm
by KevC
I was thinking more along the lines of if the owner knows who the members are going to be they can turn off registration altogether.