Monthly Archives: February 2010

  • Magento Admin Panel protected by ReCaptcha

    One of the missing parts for the Magento Admin Panel is the security test on all POST forms. This may be a serious problem in 2 cases:

    • Highly sensitive forms like the Magento Admin Panel login form, which is very vulnerable to attacks
    • And forms that need manual processing like Contact Us form, which can be an easy target for spamming.

    The industry standard solution is to add  a challenge-response test, like CAPTCHA, to ensure that the response is not generated by a computer, and ReCAPTCHA (http://recaptcha.net) is a well-packaged free CAPTCHA service.

    Adding a reCaptcha box to a Magento page or to the Magento Admin Panel is not difficult, but it is going to be time consuming if you need to add it to multiple pages. To deal with this, I created a recaptcha module so that the recaptcha form can be inserted into a page in a nice and easy way.

    Continue reading

1 Item(s)

Back to top