Been receiving a lot of spam member registrations through our Expression Engine based website.
The site uses the Profile:Edit module to handle registrations.
I have tried many anti-spam methods to no avail -- captcha, recaptcha, honeepot, honeypots etc. you name it!
It seems like the spam bot is some how getting around my registration form and submitting entries some other way.
After browsing the server's raw access logs I could see the spammer was actually posting registrations submissions to /member/register which is a member registration page automatically created by Expression Engine -- I had no idea.
If you go to Control Panel -> Members -> Preferences you can edit the value of the Profile Triggering Word -- change this to stop spammers, or set it to # to prevent access to these automated pages all-together.
Profile Triggering Word --
When this word is encountered your URL it will display your member profile area. The word you choose cannot be the name of an existing template group.
Related
I have modified the view under communication > Messages for a supplier, so that nobody apart from Finance should be able to see certain transactions. I also managed to make the new one default. However, the users still see the other views in the view dropdown list and the ‘View History’ button shows communication history of everything.
Please advice on how to stop the users from using the other views and remove ‘View History’ button? I tried workflow but it did not work.enter image description here
I have created a contact form under Forms with first name, last name, and email that is designed to sign up people for a newsletter. I then created a page so when people click on the link placed on the home page it takes them to a page with the contact form.
Right now when I test the subscribe form out, the data does to to the "back office" where it can be retrieved. However, the information I entered is still in the text fields and, unless you notice the small flash of the web page, one might think nothing happened.
I'd like to know how (or be directed to somewhere in the Kentico 8.2 Documentation) I can make it so that the fields clear and a message appears saying "You have been subscribed to the newsletter." That message can either appear on a separate page on the web site, or send a message to the user email, or both. In the Email Marketing part under the templates there are Subscribe and Unsubscribe templates, but I don't know how to use those.
The other issue is creating an Unsubscribe link. Ideally that will open up to a new page saying "You have been unsubscribed." Kentico 8.2 has an unsubscribe page you can create where the user enters in an email address and then hits the Unsubscribe Request button, but I'd rather not do that. As it stands, I did create a page with that form and tested it, but it doesn't seem to work.
When you edit your form, under general tab, there are settings for what will happen after the form is submitted:
Display Text
Redirect to URL
Clear Form
Continue Editing.
Currently you're using the standard Forms application for something which can be managed through the Newsletter/Email Campaign module. Read the documentation more on how to configure this vs. using the Forms application.
Essentially the steps you will do are:
Create your newsletter following the directions in the linked documentation.
Place a newsletter subscription webpart on your page template and configure it to the newsletter you want them to subscribe to.
Use the out of the box unsubscribe feature to allow users to unsubscribe to your newsletter. No need to add any page to the content tree but you can if you want OR just use the OOTB functionality.
If you follow the documentation you should be able to get it setup properly vs. using an online form.
I am trying to index a fully authenticated site which is not open to anonymous users in Google’s Search index.
But, As per my understandings, the service ‘First Click Free’ from Google to include relevant content in Google’s Search index will work on few basic conditions like
-> User who came from google search result should be shown with the full content of the current page without asking for registration or payment or login
-> Google crawler won’t work on the pages which are behind registration or login pages.
In such cases how should i process further ?
Example : If my site www.example.com/article is an restricted article listing page which will be shown to the authenticated users alone, How should i process with Google's Search Indexing?
-> So that if I search for "articles in example.com", I need to get www.example.com/article in google's search result.
-> If a user clicks on the search result link he should be taken to www.example.com/article page if his session is already running.
-> If his session is not active he should be asked to login as the site is already doing that.
Can anybody suggest some ideas for this issue?
I hope ip_login(https://www.drupal.org/project/ip_login) module will help to crawl the restricted pages.
there are many standard objects e.g. AccountcontactRole, LetterHead, Approval etc. which can be retrieved using Salesforce APIs. What is the way to see these objects in Salesforce environment in browser?
Very roughly speaking - easiest cheat is to simply put the Id in the URL. So if your Salesforce instance is https://na1.salesforce.com then adding /001.... (any valid Account Id) will take you to this account. Similarly /016... will take you to "this" Letterhead record.
Some data is easily accessible to users - for example AccountContactRole should be available as related list under Account. If it isn't - probably the administrator removed it from page layout because the company decided to use only the straightforward Account - Contact relationship.
Some data like Letterheads, EmailTemplates, Approval processes is visible in the setup area (not all users have the "View Setup and Configuration" permission in their Profiles!)
*Share records (like AccountShare) would be visible after you click the Sharing button on the page layout (if it's not visible - again, check with Admin).
If you're using API to fetch the data, you probably can also use "describe" calls to fetch info which objects are available, what fields are present in the tables... Sometimes the "Frontdoor URLs" property is set (although I confess I'm not sure how to get it, http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_Schema_DescribeSObjectResult_instance_methods.htm doesn't mention it).
Also - if you haven't noticed yet - all Accounts start with "001". Try to guess where "/001" and "/001/o" links would lead.
Am developing my first Xpage application and have designed a login screen in domcfg.nsf. So when user types my url like Myrequest.com(dummy url) this should redirect me to the login page and then on succesful login attempt the page should be redirected to Myrequest pplication. Could you please let me know how to configure in server document or Internet site document. ?
As a first step,I executed the below points.
Enabled Load Internet configurations from server/Internet sites
documents in the basic tab of server document.
Created new web site document by clicking on web>>Internet sites Web
Site-Basic Tab::
a. Descriptive name for this site :myRequest.com;
b. Organization: testCompany;
c. Use this web site to handle requests which cannot be mapped to any other
web sites: NO ;
d. Host names or addresses mapped to this site: my local ip address;
e. Domino server that host this site : *
In Web Site-Configuration Tab::
a. Home URL : /myApp/myRequest.nsf?open
The rest of the configuration are all default's
When I tried opening myRequest.com no page is displayed. I guess i have made a mistake. Do i have to change any configurations ?
The way this works is:
Set up an internet site (remember to check that your Domino server is using internet sites (first tab in the server document)
The internet site should not contain any information about login - just the right path etc. for the domain/subdomain to point at the right page in the right database (and possibly url redirections, headers, etc.)
Now create the login form, e.g. in your application database (or any other applicable database). Make sure that you have the right fields on it for the login to work - and any error messages to be correctly shown. The easiest way is to look at the standard login form (its called "$$LoginUserForm") found in domcfg.nsf (if domcfg.nsf does not exist, just create it with that name based on advanced template "Domino Web Server Configuration (8)" (template file: domcfg5.ntf)
Now create a Sign In Form Mapping document in domcfg.nsf. Select the specific domain/subdomain that it applies to (or a default for all websites not using another specific sign-in form), specify the path to the database with the form (e.g. your application database), and specify the name of your login form in that database
Now you just need to turn on the mechanism that will require your users to log in. This is done in the ACL of your database. When a user is not logged in it will obey the rules of a person entry with the name "Anonymous". If this "person" is not present in the ACL it will of course obey the default settings. You will have to determine when you want your user to log in. If you specify "No Access" then you may have to set "public read" on some of your design elements for the login form to display properly (e.g. graphic files etc.) and then you should also allow the Anonymous person to read public files (in the ACL). You may also want users to be able to read content and only be forced to log in when they want to write/change something, in which case your Anonymous user would be reader and default (or a specific group, etc.) would be author/editor - but that is all about standard Domino security/ACL and not related to web/XPages ;-)
/John