News:

You may pay someone to create your store, or you visit our seminar and become a professional yourself with the silver certification

Main Menu

Questions regarding ReCaptcha

Started by gba, November 20, 2015, 13:39:20 PM

Previous topic - Next topic

gba

Hello all!

In configuration I can choose to use ReCaptcha in the registration form.
a) How can I display a label with the ReCaptcha in the form?
b) How can I use ReCaptcha also in the login form?

Kind regards,
Gerald

jenkinhill

This applies to VM3.0.12 with default VM templates on J3.0.5
Configure & enable the Joomla ReCaptcha plugin and turn on.  Enable Use ReCaptcha for Registration in VM config/shop.
Then the captcha will appear in the account registration form at the bottom, and in the cart registrattion form it appears at the top after hitting the register button. 
It can be moved from top to bottom is you wish by overriding components/com_virtuemart/views/user/tmpl/edit.php

The login module is a Joomla module, you should ask on the Joomla forum if ReCaptcha could be included thgere, but personally I see no point in doing so.

Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

gba

Hello!

Thank you for your reply.
I know, how to enable the reCaptcha.
My questions were regarding ...
a) ... how to display a label with the reCaptcha in the registration form.
b) ... how to use reCaptcha not only in the registration, but also in the login form.

I guess this can be done by template overriding.
Right?

Kind regards,
Gerald

gba

Hi all!

I want to push this topic again.
Actually I am really wondering, why VM does not provide the login forms (regular and popup) with the reCaptcha, but the registration form, only?
Isn't this a vulnerability?

Kind regards,
Gerald


jenkinhill

Quote from: gba on June 22, 2017, 15:47:43 PM
why VM does not provide the login forms (regular and popup) with the reCaptcha, but the registration form, only?

Effectively the login is just the Joomla username & password - and ideally only used by someone already registered.  It is not added in Joomla but could be using the appropriate code. There is a thread about this in the Joomla forum which may help explain the issues.
https://forum.joomla.org/viewtopic.php?t=910764
Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

gba

Hi!

Thank you for that hint.
I read this thread and partly agree with the ideas there.
But actually how else would you prevent a VM shop from being attacked by automatically filling in the login form and jamming the webserver this way?

Kind regards,
Gerald

jenkinhill

Most VM registrations use required fields, so the form cannot be submitted unless those fields are completed. You can also use a hidden field to confuse bots. They will see that field and make an entry - and if there is something in that field then halt the "registration" process. You can do this for both Joomla's registation form and for VM.
Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

gba

Hi!

The problem is not the registration form - it does provide the use of the reCaptcha plugin set in Joomla! configuration.
But the login form does not.

Kind regards,
Gerald

Jörgen

Hello Gerald

Sorry to intrude, but why do You want to make it harder to login? There are a number of other security plugins that can protect without any hazzle for the registered user. A quick search found this:
https://extensions.joomla.org/extensions/extension/access-a-security/limit-login-attempts/

best regards

Jörgen @ Kreativ Fotografi
Joomla 3.9.18
Virtuemart 3.4.x
Olympiantheme Hera (customized)
This reflects current status when viewing old post.

gba

Hi!

Thank you for that hint.
The new Google NoCaptcha reCaptcha (version 2) now appears if there is suspicious activity, only.
So usually there is actually no captcha displayed.
I just want the same behaviour in the login form like in the registration form.

Kind regards,
Gerald

jenkinhill

By "login form" I guess you mean the Joomla login form? In which case see https://www.youtube.com/watch?v=LFGouPne3Oc
Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum