Heine

Update: MyCaptcha 1.0 has been released.

I've been adding some settings to the math captcha module I created earlier. An important setting is on which forms you want to have a captcha. While it is possible to hardcode the possible forms a captcha can appear on, I've opted for another approach.

I've created two helper modules called Form store and Form collect. If you enable Form collect, it will collect forms on your site while you visit them. You can view the collected forms on the Form store page. In the image below, you can see that I limited the collection to forms I thought useful for Captcha and that I've given most a more readable description. While I intend to include and add a description to all core forms, this has to be done manually for now.

This morning I broke down and wrote a simple math captcha module (for Drupal) to use with user registration and anonymous commenting on this site.

Because this site uses caching for anonymous users, the module needs to make sure that whenever a captcha is displayed, the page is not added to the cache.

I've a few extra scripts in the webroot of several sites to provide me with server information when I need it. These scripts tend to provide too much information to just anyone. Here's how you can quickly limit access to the Drupal admin user (the first user created on the site).

Adapted from a mail I sent to the Drupal development list.

Porting a module is an excellent opportunity to keep an eye out for security problems (evidence: DRUPAL-SA-2006-031). Here's a quick security reminder regarding input (user-supplied data). Code samples are only included to make a point, do not hold them against me.

For those with the tendency to downplay cross site scripting (XSS) vulnerabilities, a small videocast on how a vulnerability in the contributed module Recipe can get an attacker administrator access to a Drupal site. The vulnerability was fixed with DRUPAL-SA-2006-014 a long time ago, so I feel it's safe to publish the video now.

» Videocast.

This is a repost about a different (now defunct) server.

Khalid wrote a small guide to Installing the Alternative PHP Cache on Ubuntu Dapper and Debian. The installation on Debian 3.1 (Sarge), requires a few extra steps though.