Contrib.social

The verification code triggers related functions

Open on Drupal.org →
Created on 9 May 2024, 11 months ago

Hello,

Does the target of this module have this function? The verification code is triggered or prohibit ip for a period of time when a single visitor frequently visits a web page within a certain period of time.

Thank you

Feature request
Status

Active

Component

Miscellaneous

Created by

msn5158

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @msn5158
  • Status changed to Postponed: needs info 11 months ago
  • Comment 11 months ago
    🇩🇪Germany c-logemann Frankfurt/M, Germany

    > The verification code is triggered

    Which code you mean? Do you think about an additional setting of firewall or something else? And generally on which way this code is or should be provided to the request?

    Generally about IP blocking and the firewall module. On a first step we only operate on a layer where we won't communicate with the database. There are already core and contrib modules doings such things like "flood".

    In any case there will be a way to log IPs when blocked by this module. So the linux tool fail2ban can recognize and can manage blocking on linux firewall which is way more effective than blocking IPs at Drupal.

  • Comment 11 months ago
    msn5158

    Sorry, my English is not good, I should say captcha, not verification code, Like this recaptcha

    I have searched for many related modules, but they are all just blocking forms submit, What I hope for is to trigger captcha when a visitor visits a large number of pages in a short period of time, not submit forms.

    Thank you

  • Status changed to Active 11 months ago
  • Comment 11 months ago
    🇩🇪Germany c-logemann Frankfurt/M, Germany

    I'm also not a native speaker. But I now have an idea what you mean.
    Yes, the most problems cam from forms and there we should operate to make Drupal safer.
    I believe also captcha modules are doing some logging. And especially when using syslog core module you can handle this with fail2ban: https://en.wikipedia.org/wiki/Fail2ban
    If fail2ban is not usable there is the core module "ban" which can block IP addresses:
    https://www.drupal.org/docs/8/core/modules/ban/overview

    If not yes available you need a connection between ban and your preferred captcha solution. But this is not in ficus of this module.

  • Status changed to Closed: works as designed 8 days ago
  • Comment 8 days ago
    🇩🇪Germany c-logemann Frankfurt/M, Germany
  • Comment 8 days ago
    🇩🇪Germany c-logemann Frankfurt/M, Germany

    I just read again #3. I think I don't got i on the first read correct. As I understand now it that the captcha module should protect the site when there is a a lot site views like bots do. I'm not sure if this is possible in a non problematic way on direction of client and as a solution working only in one Drupal which should be protected in this way.
    In any case firewall and ban are doing a complete access deny in Drupal and fail2ban on server firewall. But I think it's an interesting idea. To realize something like it would be easier without fail2ban but easier outside of the protected Drupal system where people are redirected to for example by an access protection module like firewall could be (patches welcome). And the other application would allow a kind of unlocking via captcha protected form with "telling" the protect Drupal to allow access again.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024