Ideas

Several Critical Blocks Need CAPTCHA Support

Several Critical Blocks Need CAPTCHA Support

Security

I originally posted this Idea as an enhancement to the Obsidian Group Register block, but have since found out that several other blocks also need some Captcha love, so I'm revamping the request below...

The Rock docs around Captcha support list the blocks that support it here https://community.rockrms.com/Rock/BookContent/9#rockcaptcha but several other heavily-used public-facing blocks are not among them.

At first we thought this might be a lag in that Captcha support was only being added to blocks as they are converted to Obsidian, but this does not appear to be the case because two of the blocks in my list below are already Obsidian. 

This makes using these blocks on a public website on a page that's NOT behind authentication pretty dangerous and vulnerable to bots creating hundreds (or more) bogus profiles by submitting the unprotected forms (ask me how I know this ;-)

It would be fantastic if ALL blocks that would naturally be used on a Public-facing Rock website would have CAPTCHA support baked into their design specs by default, but the following blocks are problematic today:

  • Group Registration (Obsidian)
  • Connection Opportunity Signup
  • Prayer Request Entry (Obsidian)

Bots using open blocks (not behind authentication) on our public website have become such a problem for us that we've had to resort to moving away from these Core blocks and implementing the same features in Workflows, at considerable time and complexity.

It would be GREAT to be able to use the core blocks again, but today they are just too dangerous, which makes us sad :-(




Photo of Jim MichaelSubmitted by Jim Michael, The Crossing - Chesterfield  ·   ·  Security
Login to add a comment...

Submission Success Tips

Cultivate your ideas for maximum impact with these helpful submission tips that will increase the chances of your brilliant concepts becoming reality.

  • Clear Title: Craft a straightforward and descriptive title that instantly conveys the essence of your idea.
  • Concise Description: Provide an idea description that is succinct, ensuring it effectively communicates the concept without unnecessary verbosity.
  • Provide Additional Details: With a concise description complete, now provide any other details that are needed to better understand the requirements.
  • Thorough Ministry Need Review: Provide a comprehensive overview of the ministry need your idea addresses, emphasizing its significance.
  • Cover the WHY: Clearly articulate the rationale behind your idea, explaining why it's essential and how it aligns with the organization's goals and mission. Oftentimes a clear "why" sheds light into other possible options.