Page 1 of 1

Mailform and login captcha coinhive script

Posted: Mon 7. May 2018, 14:33
by amensioto
Hello Gert,

Because of the GDPR and lot of Tor - old browser attacks (not from your code) in my site, I am trying to implement this code inside the form :

Code: Select all

<form action="?" method="post">
	<!-- other form fields -->

	<script src="https://authedmine.com/lib/captcha.min.js" async></script>
	<div class="coinhive-captcha" data-hashes="1024" data-key="qFUWZG3cHccQf8jXujfhrsf2AYKt7HCo">
		<em>Loading Captcha...<br>
		If it doesn't load, please disable Adblock!</em>
	</div>

	<input type="submit" value="Submit"/>
</form>
It is a java script from Coinhive which calculates 1024 hashes for XMR crypto coin. The thing is that I could raise hashes so Tor over VPN proxy servers could be slow down. After that I think to use it in login.php and manually update the 2 files when CMSimple needs an update.

In my mailform.php https://e-blackfriday.gr/?&mailform can't make it work. I put it after the Check button code (another fault). After that I have to syncronize the token :| :| :|
I think old captcha doesn't work for GDPR.
Changing the core code is a bad decision. Is there another way?

Thanks for the acceptance and congrats for your work!
Johan

Re: Mailform and login captcha coinhive script

Posted: Tue 8. May 2018, 12:06
by Gert
Hi Johan,

I didn't know coinhive up to today, but what I've read in the web was not good. A visit to the website has triggered my virus scanner.

So I have decided for me, not to support this scripts, I do not trust them,

Gert

Re: Mailform and login captcha coinhive script

Posted: Tue 8. May 2018, 23:05
by amensioto
I first post my question in Cookies plugin section because I wanted to inform other users that GDPR don't allow oldschool captchas and if you make bussiness there are a lot of penalties. Also if you will be hacked you must declare that,why,how etc etc