Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.
Latest post by on Sunday, 19 July 2020 17:17 CDT
Hi,
Since the removal of the CSRFShield we get a lot of spam on our sites via RSForm Pro. :-(
Do we need to implement something like Google's Capcha for each form? Or am I overlooking an important option in Admin Tools Professional? :-)
Already using the WAF and .htaccess features.
Btw. the CSRFShield feature is still listed on this page :-)
Regards,
Gosling
Using a CAPTCHA such as ReCAPTCHA is very strongly recommended for public forms which allow unauthenticated users (guests) to submit them. Otherwise submitting spam is trivial.
Moreover, please contact the developer of your forms component and ask them if they are using Joomla's anti-CSRF form token. If not, they should be. That was all the CSRFShield was doing behind the scenes. The problem is that it was trying to do it in places where it shouldn't and there was no reasonable way to implement a configuration to tell it when and when not to do it, therefore I had to remove it.
Thanks for the heads up about the product pages. I know, I just didn't have the time to update them yet :)
Nicholas K. Dionysopoulos
Lead Developer and Director
🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!
Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.
Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!