Contributors mailing list archives

contributors@odoo-community.org

Browse archives

Re: [SPAM] Re: In Odoo Community 16, how to prevent mass user registrations from unknown sources?

Axel Mendoza

- 14/07/2025 22:19:27

No it doesn't protect it, there will be things that need to be done to integrate it but I like it more since it has more stable api(not a lot of changes) than google recaptcha and simple to use by the end user while secure

On Mon, Jul 14, 2025 at 1:48 PM hugues de keyzer <notifications@odoo-community.org> wrote:

hello,

diogo, indeed, odoo’s google_recaptcha module doesn’t work for registrations of new users. we’ve just created a module for this very problem for one of our clients. here it is: https://github.com/OCA/server-auth/pull/809

it uses recaptcha v2 (keys to be configured in the website settings), which is based on a challenge presented to the user (while google_recaptcha uses recaptcha v3, which only returns a score and it’s up to the website owner to decide on the minimum acceptable score). the downside of recaptcha v2 is that it’s sometimes hard for humans to pass the challenge and that users train google’s ai models in exchange of the service.

indeed, i think that cloudflare’s turnstile looks more promising in that regard and would thus be a better replacement, if someone feels up to the task.

axel, do you know whether website_cf_turnstile protects the registration form too (unlike google_recaptcha)?

kind regards,

hugues

Le 2025-07-14 à 21:35, Axel Mendoza a écrit :

Hello Diogo

Try to downgrade website_cf_turnstile that exists in Odoo 17.0 and 18.0

https://github.com/odoo/odoo/tree/17.0/addons/website_cf_turnstile

The 17.0 version should work very well in 16.0 with minor changes regarding to the assets

But your website seems to be not using anything at all to protect the spam account registrations

Best Regards

On Mon, Jul 14, 2025 at 9:37 AM Enric Tobella Alomar <notifications@odoo-community.org> wrote:

There is a setting for this. search for "Let your customers log in to see their documents"

Kind regards,

El lun, 14 jul 2025 a las 16:52, Diogo Cordovil S. Cordeiro (<notifications@odoo-community.org>) escribió:

Hello,
During some time now, my website www.relationalgames.com has been under the generosity of someone with probable access to a large database of user emails.

I would love to understand who this might be and reach out to them, while at the same time, prevent that such operations take place without my consent.

I have now more that 5000 users registered in the website, though none of them is an active user, even though the email domains do seem to exist.

I would like to block bots from signing up or asking for password regenerations through the website, unless they have my permission to do it.

I've tried to activate Google Recaptcha, but it doesn't seem to work for this scenario.

Any thoughts or suggestions?

Diogo Cordovil S. Cordeiro

------------------------------------------------

tlm: (+351) 919950359

skype: diogocsc

http://www.diogocordeiro.pt

------------------------------------------------

Antes de imprimir este e-mail por favor tenha em conta a regra dos 3 Rs : Reduzir, Reutilizar, Reciclar

Before printing this e-mail please consider the 3 R rule : Reduce; Reuse; Recycle

_______________________________________________
Mailing-List: https://odoo-community.org/groups/contributors-15
Post to: mailto:contributors@odoo-community.org
Unsubscribe: https://odoo-community.org/groups?unsubscribe

--

Enric Tobella Alomar
CEO & Founder

www.dixmit.com

_______________________________________________
Mailing-List: https://odoo-community.org/groups/contributors-15
Post to: mailto:contributors@odoo-community.org
Unsubscribe: https://odoo-community.org/groups?unsubscribe

_______________________________________________
Mailing-List: https://odoo-community.org/groups/contributors-15
Post to: mailto:contributors@odoo-community.org
Unsubscribe: https://odoo-community.org/groups?unsubscribe

_______________________________________________
Mailing-List: https://odoo-community.org/groups/contributors-15
Post to: mailto:contributors@odoo-community.org
Unsubscribe: https://odoo-community.org/groups?unsubscribe

Reference

In Odoo Community 16, how to prevent mass user registrations from unknown sources?
by

Diogo Cordeiro

- 14/07/2025 16:50:07 - 0
4 replies 4 replies
- Re: [SPAM] Re: In Odoo Community 16, how to prevent mass user registrations from unknown sources?
  by
  
  Axel Mendoza
  
  - 14/07/2025 22:19:27 - 0
- Re: [SPAM] Re: In Odoo Community 16, how to prevent mass user registrations from unknown sources?
  by
  
  hugues
  
  - 14/07/2025 21:45:48 - 0
- Re: In Odoo Community 16, how to prevent mass user registrations from unknown sources?
  by
  
  Axel Mendoza
  
  - 14/07/2025 21:33:26 - 0
- Re: In Odoo Community 16, how to prevent mass user registrations from unknown sources?
  by
  
  DIXMIT Consulting SLU, Enric Tobella Alomar
  
  - 14/07/2025 17:31:54 - 0

Contributors mailing list archives

contributors@odoo-community.org

Browse archives

Re: [SPAM] Re: In Odoo Community 16, how to prevent mass user registrations from unknown sources?

Re: [SPAM] Re: In Odoo Community 16, how to prevent mass user registrations from unknown sources?

Reference

In Odoo Community 16, how to prevent mass user registrations from unknown sources?

Re: [SPAM] Re: In Odoo Community 16, how to prevent mass user registrations from unknown sources?

Re: [SPAM] Re: In Odoo Community 16, how to prevent mass user registrations from unknown sources?

Re: In Odoo Community 16, how to prevent mass user registrations from unknown sources?

Re: In Odoo Community 16, how to prevent mass user registrations from unknown sources?

GET INVOLVED

APP STORE

GITHUB

PRIVACY

CONTACT