JTC Anti-Spam|Anti-Hacker – Read Me First

Home Forums BulletProof Security Pro JTC Anti-Spam|Anti-Hacker – Read Me First

  • This topic has 81 replies, 19 voices, and was last updated 4 months ago by AITpro Admin.
Viewing 15 posts - 61 through 75 (of 81 total)
  • Author
    Posts
  • #31199
    AITpro Admin
    Keymaster

    @ Krzysztof – Great! 😉

    #35548
    Mohamad Hegazy
    Participant

    hello,

    how can i force bps pro jtc captcha to show in different php templates

    or in specific woocommerce place under password text area directly as it’s by default uses hooks which put it under the total form before submitting button

    what’s the code to use <P class=*> * </p> etc

    thank you

    #35549
    AITpro Admin
    Keymaster

    @ Mohamad Hegazy – Yes, you are correct that JTC uses Hooks – Actions and Filters to hook into these Forms:  WordPress Forms (Login, Registration, Lost Password, Comments), BuddyPress, bbPress (Login, Registration and Activation) and WooCommerce Forms (Login and Registration).

    To load JTC in other Forms you would either need to hook into other Hooks in other php templates or hard code JTC into those other php templates.  See example hard coded JTC code below.

    To change CSS you would need to do something like the CSS changes for the Comments Form > See “Comment Form CSS Styling” at the beginning of this Forum topic.

    Important Notes: 
    I can only give you general examples and cannot actually assist you with building a new plugin or form, etc.  😉
    If you use the WordPress setting that requires users to be registered and logged into your website then spammers and hackers would be stopped at Registrations and Logins and you would not really need to create custom JTC CAPTCHA’s anywhere else.

    Example hard coded JTC code:
    Notes: You would need to manually copy the parts of JTC code from the login-security.php file that are used in Form Processing (note this example code below uses code from another plugin and some of the BPS JTC code modified and combined together):

    if ( isset( $_POST['doRegister'] ) ) {
    
    if ( $_POST['reference'] != $BPSoptionsJTC['bps_tooltip_captcha_key'] || $_POST['captcha'] != '' ) {
    //$err = urlencode("ERROR: Incorrect CAPTCHA Entered. Click your Browser back button and enter the captcha.");
    $err = "ERROR: Incorrect CAPTCHA Entered. Click your Browser back button and enter the captcha.";
    header("Location: register.php?msg=$err");
    
    echo '<div class="error">';
    echo $err;
    echo '</div>';

    Other code manually added into another plugin’s form page/template:

    		// This is the CAPTCHA Form Field
    		$reference = ( isset( $_POST['reference'] ) ) ? $_POST['reference'] : '';
    		// SpamBot Trap/Decoy Form Field 
    		$captcha = ( isset( $_POST['captcha'] ) ) ? $_POST['captcha'] : '';
    

    Other Code used in the Form code for another plugin:

    <tr>
    <td><label for="reference"><?php echo 'Enter CAPTCHA: <strong><font color="blue">xcode555</font></strong>'; ?></td>
    <td><input type="text" name="reference" id="reference" class="input" size="33" title="<?php echo $BPSoptionsJTC['bps_tooltip_captcha_hover_text']; ?>" value="<?php echo esc_attr(stripslashes($reference)); ?>" /></label>
    <input type="text" name="captcha" id="captcha" class="input" value="<?php echo esc_attr(stripslashes($captcha)); ?>" style="display: none;" /></td>
    </tr>
    #36141
    Paul
    Participant

    changed jtc anti spam code but now get incorrect captcha entered

    #36142
    AITpro Admin
    Keymaster

    Are your JTC CAPTCHA and JTC ToolTip plugin option settings the same as the CAPTCHA you are entering.  Those things need to match of course.

    #36144
    Paul
    Participant

    I renamed plugin logged in and put another jtc captcha now works, but yes both were the same

    #40127
    Peter
    Participant

    Hello,

    For my site where I have members logging in, I don’t wish for them to enter a CAPTCHA (they use an Elementor widget from the menu bar) but I would like to use the CAPTCHA for the admins who login via the standard wp-login.php.

    When the CAPTCHA is enabled for login, members logging in with the Elementor widget (for which there isn’t a CAPTCHA field) receive an error because no CAPTCHA was inputted, and they’re redirected to the wp-login.php page.

    Do you know if I can disable the CAPTCHA for the Elementor login widget? I experienced the same issue with the login widget from Paid Membership Pro, but if I could just disable this for the Elementor widget that would be great.

    #40129
    AITpro Admin
    Keymaster

    @ Peter – You will need to turn Off JTC.  You cannot turn Off the JTC CAPTCHA for just the Elementor widget and will have to turn it Off for everything.  Check if the Elementor widget plugin offers a CAPTCHA option or some other security option for your Elementor forms.

    #40214
    Fahimeh Khorsand
    Participant

    Hi there,

    Not entirely sure why would someone in the world think JTC is somehow really protecting a website against spammers while what you guys call CAPTCHA code is just a manually added text which remains there permanently the same until someone changes it, especially when it’s easily exposed as HTML code. I can see this topic is old but even in those old days, this was not a CAPTCHA solution.

    Is there any clarification on how this is going to protect any website in the world?

    <input type="text" name="reference" id="reference" class="input" title="Type/Enter: jtc" value="">

     

    #40215
    AITpro Admin
    Keymaster

    @ Fahimeh – 99% of all hacking and spamming is automated with hackerbots and spambots.  JTC is 100% effective at blocking hackerbots and spambots.  human hackers and spammers do occasionally manually register and login to websites.  BPS Login Security protects against human hackers and spammers doing things like Brute Force attacks.  So using JTC and Login Security together effectively protects login and registration pages.

    On this forum site years ago I tested several different methods to protect against automated hackerbot and spambot auto-registrations, auto-logins and auto-posting done by hackerbots and spambots.  This forum site was getting 1,000 spam registrations per day before JTC was created, which of course meant spending 30 – 60 minutes per day deleting spam user accounts and spam forum topic posts.  With JTC in use this forum site gets 0 spambot registrations and that has remained consistent for many years.  I do occasionally get human spammers posting spam forum topics, but the average amount of spam forum topics that are posted by spammers is 1-3 per week, which is very quick and easy to cleanup.  😉

    #40299
    Laurent
    Participant

    Hi Edward,

    I would like to create a custom login page because the WordPress one is pretty ug…

    For obvious reasons, I’m interested in using JTC on this page, but from what I’ve read above, JTC can only be used on pages that use a WordPress form.

    So here are my questions:

    • Can I create a custom login page using the WP login form on a custom url?
    • If so, can I add the JTC module to that custom page? Unless BPS detects the page and automatically adds the JTC module… (which would surprise me as it means I wouldn’t have the option to deactivate it as BPS offers to for the classic WP pages)

    Many thanks!

    #40300
    AITpro Admin
    Keymaster

    As long as you use the standard WP hooks then JTC will still work normally.  If you need additional technical help on customizing your login page let me know and I’d be glad to help you out with that.  It’s really pretty ez and quick stuff to do, but yeah stick to using the pre-built standards (hooks, filters) that WP has created.

    #40303
    Laurent
    Participant

    Hi again Edward,

    I managed to create a fully customized page using a free plugin and custom CSS.

    I’m very glad to say that JTC fits perfectly!

    However, I have a problem with the alert message displayed:
    – by WP when there is a problem with the login/email and/or password,
    – by JTC when there is a problem with the BPS captcha.

    The alert block shows up properly above the form, but there is no text inside as you can see in this image (this is the space occupied by the red left border).

    On the code side, all I see in the Chrome browser is: <div id=”login_error”></div>

    So neither the default WP text nor the BPS custom alerts are triggered.

    EDIT: on the other hand, when I click on “Forgot Password?”, I am redirected to …/wp-login.php?action=lostpassword as expected and the WP text shows up normally (“Please enter your username or email address. You will receive an email message with instructions on how to reset your password.“).

    What do you think?

    Thanks a lot.

    #40304
    AITpro Admin
    Keymaster

    Yeah this is a 1 on 1 thing.  Contact me directly:  info @ ait-pro dot com.  Been doing this stuff forever so yeah glad to jump and fast track it.  😉

    #40316
    Laurent
    Participant

    As the JTC CAPTCHA is case sensitive, could you make sure that this is not the case for the first letter?

    Why? Because on mobile, the keyboard often has the Maj key activated for the first letter.

    Maybe a more flexible way of dealing with it would be to let us add the two versions if we want to. Something like that in the backend:

    jQuery ToolTip CAPTCHA Anti-Spam|Anti-Hacker Settings

    JTC CAPTCHA: pass|Pass

    What do you think?

Viewing 15 posts - 61 through 75 (of 81 total)
  • You must be logged in to reply to this topic.