Hello, NocoBase participants!
One of my web applications, which was built on another no-code platform, had a problem with spam registration. Public registration for new users was enabled, but there was no anti-spam protection, so one day there were over 1,000 automatic bot registrations in 1 minute!
I couldn’t find any built-in (or plugin) protection specifically for new user registration. There is a wide range of verification, 2FA, and other security options, but they are created for already registered users (if I understand correctly). What about new registrations? Is it possible to at least install an option such as Google’s Captcha (Re-Captcha) or some other anti-spam features?
Please advise, maybe I just didn’t find the right information?
Thanks for your feedback.
This feature is not currently supported. I have documented this requirement and will evaluate it in the future.
1 Like
Hi @hongboji! Could you advise if there is any implementation using external services? Or perhaps it is possible to write and add some custom code (JS) and add it to the registration form and connect at least Google’s ReCAPTCHA? Is there any temporary solution? I am planning to develop a service with external user registration, and I am afraid that spam registration may occur…
Hello, the code is open source, and you can customize it according to your actual business needs.
1 Like
Yes, I know it’s open source, but I’m not a programmer… I thought maybe there was some way to avoid interfering with the source code (the platform core), because a subsequent update could wipe everything out. But thank you for your response. I’ll wait for this feature to be included in the source code.
I disabled signup option due to this; I also created a none role with no route access as default role just in case
That’s unfortunate… I think that a verification feature before registration is very important, at least Re-Captcha, as I mentioned above. This is extremely important to me, because public registration of new users is an important process in my online services. And it is necessary to “weed out” bots. I really hope that the developers of Nocobase will add a robot verification feature, maybe in some simple form.