On 02/16/2015 12:20 PM, Steven Jones wrote: > > Our mailman web gui is under constant distributed bruteforce attack. We > would like to add something like, > > https://www.phpcaptcha.org/ > > to it, is this possible?
It's certainly possible if you have sufficient access, but it may not be easy depending on what exactly you want to do. Since Mailman's web UI is CGI based, it isn't easy to include php directly, but you can probably find python based captchas or textchas that would be easier, but be aware that captchas are easily broken by current bots and are extremely annoying to users. > or are there any other ideas? If you describe more specifically what the problem is, we may be able to offer more help. For example, if the issue is bots subscribing to lists via the subscribe CGI, enabling the Mailman 2.1.16+ SUBSCRIBE_FORM_SECRET feature may help. -- Mark Sapiro <[email protected]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
