Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...DNN 6.2 and DNN 7.2 Hacked already... HELP ME....DNN 6.2 and DNN 7.2 Hacked already... HELP ME....
Previous
 
Next
New Post
10/3/2014 12:30 PM
 
Armin Rahimian


www.bazaryab.com
Joined: 10/5/2010
Posts: 362

Dear Chatal and Mr. Richard

I mean same CAPTCHA but for Example like this:  [ C6fTq5L ] + [ Please Enter Underline characters ]  in next time or random the question change like  [ A34ftg6 ]  +  [ Please Enter Characters without underline ] .... or some characters be upper than other characters and question ask [ Please enter characters are in downer than others ] ..... and also adding some Noise and Lines inside characters like "DNN Feedback Module CAPTCHA" and try to make it hard to trace.

I knew that it's not Hack but our clients can not delete 10-20 users every days and this have very bad looking for us and they ask me every day what's happen for that and we can not fix it.

now We have over 3000 Notification for host/admin user when you are login and there is no way to clear these messages (i 3220) in beside of Login user name. we can not take too many time to Hide all messages one by one ....

These are our problems....
 
New Post
10/3/2014 1:34 PM
 
cathal connolly


cathal connolly's Avatar

www.cathal.co.uk
Joined: 4/9/2003
Posts: 9676
the reason Captcha's are image based is that it is much harder for something to grab an image and work out what characters it contains -text based captchas are trivial to crack as the spammer can simply read the text and generate the result - it is much much easier to do that than to crack an image. As DNN is opensource, any rule based captchas that use text can be rapidly replicated into a spam robot - at best they would offer a small window during which spammers would have to update their scripts. After their scripts were updated then they would be able to crack 100% based on text challenges - this is why we are not interested in adding them (no matter how much you protest or score us poorly on codeplex)
Buy the new Professional DNN7: Open Source .NET CMS Platform book Amazon US
 
New Post
10/3/2014 3:34 PM
 
brian

Joined: 1/22/2004
Posts: 793
Now the debate has changed to ignore the real issue. The issue is not solved! I also stated I upgraded to .2 the day it came out but keep being told to upgrade. Hello.

Hiding by obscurity actually solves a big part of the problem.. sure not the root cause. Sometimes, you have to stop the disaster before you can cure it. Again, still I don't have any registrations on the site that I moved the login page to.. not a single one. So far (yes I get your point) it is good. This is something DNN could have scripted. I don't have time to do this for 50 sites. Yes, look at the mess I have to clean up daily and not get paid for it.

Stop acting like 20-5- a day is good... that is terrible!
 
New Post
10/4/2014 1:16 AM
 
Armin Rahimian


www.bazaryab.com
Joined: 10/5/2010
Posts: 362
cathal connolly wrote:
the reason Captcha's are image based is that it is much harder for something to grab an image and work out what characters it contains -text based captchas are trivial to crack as the spammer can simply read the text and generate the result - it is much much easier to do that than to crack an image. As DNN is opensource, any rule based captchas that use text can be rapidly replicated into a spam robot - at best they would offer a small window during which spammers would have to update their scripts. After their scripts were updated then they would be able to crack 100% based on text challenges - this is why we are not interested in adding them (no matter how much you protest or score us poorly on codeplex)

 

Dear Cathal
It will good if all of users get 5 star for your job. If I was in your place I like it. but you need some big changes to rich to more success and some people like me that get 1-4 star and they talking about problems and troubles, we are cause for DNN growing because we let you know bugs and you can focus to fix in next issue.
But when you will several request about somethings like this (Spam registration) it means this is very important trouble and should be fix in next issue. Just It, Done.
If you don't like get any critique, It's Ok. We don't tell DNN any thing more. I like DNN. I grow with dnn in pas 6 years and I appreciate it. I want DNN be better and this is my target. I'm not your staff but I think I'm DNN staff because if DNN Grow and be come best CMS around the world, I got my target and success.
I'm sorry for my Criticism and I just hope this BIG CHALLENGE (Spam Registration) be fix for ever as soon as possible.

Finally I Advise DNN for all of my clients as you see in my main website (http://website.ecb.ir  - It's Farsi and should be translate with google chrome browser to English) and you can see I compare DNN with other CMS because I want to show people what is DNN Power.... but I want get good result when I ask something and I want be share in DNN growing dear cathal.

Thank you again for DNN

 
New Post
10/4/2014 10:36 AM
 
Richard Howells


Richard Howells's Avatar

www.dynamisys.co.uk
Joined: 3/26/2006
Posts: 2001

Brian,

What are you expecting DNN to do?  I think you are asking that they change the Logon URL.  How should they do that?

Cathal has already pointed out that it only requires one extra step in the spammers script to get to the Logon URL.  If any substantial number of sites implement the change the spammers will change their scripts.  If hardly any sites implement the change then DNN have done a load of work for nothing.

Hiding by obscurity can only work when it's obscure (duh!).  DNN is open source.  These forums are open.  The spammers can read the forums, they can read the code too.  If DNN do it they can easily see where the login moves to.  The only way moving the login can hurt the spammers is if when we each individually change our sites differently.

This is a hard problem.  Instead of just yelling "Fix it.  Fix it.  Fix it." give us some suggestions that will help us distinguish humans and scripts.

Best wishes,
- Richard
Agile Development Consultant, Practitioner, and Trainer
www.dynamisys.co.uk
 
 Page 16 of 19
Previous123...151617...19Next 
Previous
 
Next
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...DNN 6.2 and DNN 7.2 Hacked already... HELP ME....DNN 6.2 and DNN 7.2 Hacked already... HELP ME....


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out