How to prevent email flooding vulnerability while resetting password?
My client is getting hundreds of Password Reset emails in a day. Which is causing a lot of problems. Do any one know how to limit the number of times the password reset email is sent? Atleast 5 times after which the reset email cannot be sent for another 30 or 40 minutes.
Hello, can you describe your problem in more detail. Do some spambots try to reset your password? In this case, you can set up Google reCaptcha. If you have programm problem we need more details.
Yes my client is getting hit by spambots and receiving hundreds of reset password emails. Please provide a guide or help How to setup Google Recaptcha in reset password form in Umbraco 8?
Hi Alex,
I have changed the "/umbraco" path to some custom path and I cannot hide this path or restrict ip's as this will restrict my client accessing the backoffice. Anyways thank you for your suggestion.
How to prevent email flooding vulnerability while resetting password?
My client is getting hundreds of Password Reset emails in a day. Which is causing a lot of problems. Do any one know how to limit the number of times the password reset email is sent? Atleast 5 times after which the reset email cannot be sent for another 30 or 40 minutes.
Hello, can you describe your problem in more detail. Do some spambots try to reset your password? In this case, you can set up Google reCaptcha. If you have programm problem we need more details.
Yes my client is getting hit by spambots and receiving hundreds of reset password emails. Please provide a guide or help How to setup Google Recaptcha in reset password form in Umbraco 8?
Hi Sulochan
I think the easiest way for you would be to hide "/umbraco" path from the network, so spammers would not be able to hit "/umbraco" section at all
Thanks,
Alex
Hi Alex, I have changed the "/umbraco" path to some custom path and I cannot hide this path or restrict ip's as this will restrict my client accessing the backoffice. Anyways thank you for your suggestion.
You are always welcome. it's a nice pattern to hide /umbraco path from the network
is working on a reply...