Security - RegistrationMagic  

Security

Security

RegistrationMagic provides you plenty of options to keep your registration form completely secure and out of harm’s way. Following settings are available to secure the forms…

Enable reCAPTCHA

Enable reCAPTCHA for your forms to prevent spam submissions and ensure that only verified humans are submitting your forms. Once enabled, the reCAPTCHA field will appear just above the Submit button of your forms.

To enable reCAPTCHA, you’ll need to add your Site Key and Secret Key to RegistrationMagic settings. Fields will become available once the checkbox for Enable reCAPTCHA is checked. Both, the Site Key and the Secret Key, can be retrieved by logging in from your Google account here.

Form Submission Limit for a Device

Set a limit to how many times a form can be submitted from a particular device within a day. Limiting form submissions by device is helpful in preventing spam submissions, in addition to the reCAPTCHA security. Setting the value of this field to zero (0) will disable this feature.

Enable Password Rules

Enable this option to force custom rules on passwords that users can choose during registration. This is necessary to ensure that users do not set passwords that are easy to get cracked and/or guessed. This setting does not apply to auto-generated passwords, which are securely generated by default.

Password Rules

Requires the Enable Password Rules option to be enabled

Specific custom rules on Passwords can be set from this setting. Following custom rules are available to be enforced…

  • Must contain an uppercase letter: Enable this option to make sure passwords submitted by users have at least one upper case letter.
  • Must contain a number: Enable this option to make sure passwords submitted by users have at least one numeric character.
  • Must contain a special character: Enable this option to make sure passwords submitted by users have at least one special character.
  • Minimum length: Set a number from this option to make sure passwords submitted by users have at least that many characters.
  • Maximum length: Set a number from this option to make sure passwords submitted by users do not have more that this many characters.

Banned IP Addresses from Accessing Forms

Enter IP Addresses here that you would like to ban from accessing your forms entirely. If forms are accessed from any of the banned IPs, the user will get an Access Denied message.
Multiple IP addresses can be banned simultaneously by separating them with empty space. Wildcard values (?) are allowed as well (only applicable on IPv4 addresses). For example: 127.233.12?.01? will ban all IPs from between 127.233.120.010 to 127.233.129.019.

Banned Email Addresses from Submitting Forms

Enter email addresses here that you would like to ban from submitting your forms entirely. Any user submitting a form with one of the banned email addresses will not be able to submit the form and will get a notification to change the email address before trying again.

Multiple email addresses can be banned simultaneously by separating them with empty space. Wildcard values (* and ?) are allowed as well. For example: joh*@gmail.com will ban all submissions attempted using email addresses with the Gmail domain and starting with the letters ‘joh’.

Blacklisted/Reserved Usernames

Enter Usernames here that users will not be able to use during registration at form submissions. Any user submitting a form with one of the blacklisted/reserved usernames will not be able to submit the form and will get a notification to change the username before trying again.

Multiple usernames can be backlisted/reserved simultaneously by separating them with empty space or new line.