| Verify registration
... before accessing forum |
tomda
msg:1560451 | 10:34 am on May 26, 2006 (gmt 0) |
I know it is the common procedure to send an email to the newly registered person to make sure that email address is correct... Nonetheless, I would like my user to be logged automatically after registration; it's faster, easier and more friendly. I had in my registration page done the following to reduce illicit registration.
1/ Add a captcha code
2/ Check for IP flooding (1 registration per hour)
3/ Check email address is working What is your point of view regarding registration validation?
Thanks
|
Regindk
msg:1560452 | 5:50 pm on May 26, 2006 (gmt 0) |
4: Limit the amount of actions a (new) user can do within a certain amount of time.
- For instance no more than 50 "comments" per hour.
|
rogerd
msg:1560453 | 7:46 pm on May 26, 2006 (gmt 0) |
Personally, I'm a believer in email verification to make phony registrations more work for the perpetrators. It also detects typos in the email addresses of legitimate users. The downside is that some percentage of the confirmations get lost/filtered. Verizon.net, aol, and others have this problem.
|
fabricator
msg:1560454 | 9:05 am on May 31, 2006 (gmt 0) |
I'd be worried also about this part.
2/ Check for IP flooding (1 registration per hour)
What happens with Shared IPs AOL and office/school networks which use NAT to share addresses. Also consider adding a IP ban list for certain countries known for spamming etc.
|
|
|
