When configuring captchas for site security i noticed that if a person uses the user button in the top menu (displayed in image) it allows them to bypass the captcha process which creates huge problems for site security and is an open door for bots.
The captcha module works fine in the /user extension (as demonstrated in the image below) So i know it is not a module issue.
Could you please provide a fix for this, or at least tell me the location of the code for the box that pops us when using the user button in the menu so i can try and find a way to change the code to make the captcha work. This is a huge security flaw in this theme and should be fixed in your release version that you sell on themeforest as well. This is too nice of a theme to have such a gaping hole in security.
Thanks !!
Hi,
Please send us your site admin account and FTP account by private comment? We would like to have a check then fix problem for you.
All you have to do to recreate the issue is install the captcha module into the Horsen theme. You dont need my FTP details for that. I cannot share my FTP details. Even in private.
So can you please tell us which captcha module you are using in site?
https://www.drupal.org/project/captcha is the module. But none of the available captcha modules for drupal fix the security issue as none of them will display on the user menu.
Still waiting on a fix for this issue.
Hi,
Please check your email. Download the attached file and update in sites/all/modules/custom
Thank you Cindy, It works the first time, but if you check you will see, that if the user clicks the register button, then closes the pop up and opens it again without refreshing the entire page, the captcha disappears which still allows them to bypass it. Also the captcha does not display if they open the pop up from any other page besides the home page, and it disapepars if you switch back and fourth from the register to the login page.
Hi,
As you can see our demo works fine
So, we need your site account and FTP account to check and fix your problem
Without the credentials, we could not support you
Thanks Cindy, i got it fixed. It was a browser issue with chrome and ajax.
Cindy, although the capthca displays, there seems to be a problem with the way the JS is scripted as it will not allow the completion of the captcha nor mark it as completed when filled correctly. Can you please look into this and provide a solution. It can be verified by trying to register a new account on your demo as well.
Thanks
Still waiting for something on this issue.
Day 4 now and still waiting on some sort of reply. Do i need to create a new thread to get a response or what?
We have just tried again but see no error as you reported
You please send us some screenshots of the problem
Hi,
You can please take a look at following video: https://www.youtube.com/watch?v=woYx4rrUenE
Captcha still works well on our demo and has no problem as you mentioned.