Current release for WP 2.5 and upper: 1.0.0
Current release for WP 2.3.3 and lesser: 0.6.3
1. What’s this for ?
Sabre is an acronym for Simple Anti Bot Registration Engine.
It’s a set of counter measures against spam registration on your blog.
Your visitors are granted permission to register freely on your blog and now you are plagued by fake users automatically created by spammers? Sabre is the solution to stop definitely these robotized visitors!
List of available features:
- Inclusion of a captcha in the registration form
- Selection of the captcha’s complexity
- Selection of the background colour for the captcha image
- Inclusion of a math test in the registration form
- Selection of the math test’s complexity
- Inclusion of a text test in the registration form
- Random or fixed choice of the test to run
- Unobstrusive tests to detect if registration is done by humans or not
- Registration blocked if Javascript is unsupported by the browser
- Registration blocked if visitor’s IP address is found on ban lists
- The blog administrator can validate the user registration
- The user can validate his registration by clicking on a link sent by mail
- Limit the number of days to confirm registration. Without beeing confirmed within the period of time, the user account is disabled
- Log on prohibited before confirmation
- User is allowed to choose his password when registrating on the blog
- User must agree with a warning text, disclaimer or general policy note when registrating
- User must give an invitation code during registration
- Main statistics displayed on the blog’s dashboard
- Custom logo on logon/registration screen
All these features are activated by parameters. Thus, Sabre is flexible enough and fits the protection policy you define for your blog.
2. Requirements
- WordPress: Sabre requires at least WP 2.1 (or up). It is compatible with all versions of WordPress up to the latest release (2.9.1).
3. Installation
- Download the archive for WP 2.5 and newer or the archive for previous versions of WP. You also can get those files in the plugin repository of WordPress.org.
- unzip and drop all the files, (within the Sabre directory – including the subdirectories) as is, in your
plugins/sabredirectory. - Enable the plugin in the WP Admin >> Plugins section.
IMPORTANT NOTE:
If you are upgrading from a previous install, don’t forget to deactivate Sabre before overwriting the older files with the new ones. Then activate it again so Sabre can apply the required database and options updates.
4. Other languages
Sabre is delivered in English and French but can be easily used with other languages. You just have to create a file sabre-xx_YY.po (xx_YY being the language code of your WordPress settings. Eg: fr_FR for French) from the existing file sabre.pot using PoEdit. Then, just translate the text strings located after the “msgid” tag and put the translated string after the “msgstr” tag. Alternatively, you can find the translation files (.mo et .po) of some languages in the FAQ page.
The resulting PpP-xx_YY.mo file has to stored in the “languages” directory of Sabre.
5. Documentation
See the detailled user manual
See the FAQ
6. History
V.1.0.0
- Compliant with WordPress 2.9.1
- Captcha test added: The TEXT test. An alternative to the graphic captcha. The user will have to enter the n-th letter of a randomly generated word.
- Custom sender’s name and Email on the registration’s mail sent by Sabre.
- Enhanced Invitation codes management: Auto-generation of codes, limited use of the same code, period of validity of the codes.
- Bug corrected: Timestamps didn’t take into account the GMT offset from the WordPress general options.
V.0.9.0
- Compliant with WordPress 2.8.4
- Administrator can force the confirmation of registration even when user’s confirmation is required.
- New design of the options screen to reduce the need of scrolling. The various blocks of parameters can be hidden/shown for easier navigation in the form.
- Timestamps now take into account the GMT offset set in the WordPress general options.
- No more reference to “blog” in the messages sent or displayed. This was done to stick with the fact that WordPress can be used in many other ways than a mere blog.
- Reinforced security against potential SQL injection using $wpdb->prepare function during database accesses.
- Action hooks added to allow third part plugins to run functions according to Sabre’s events. See FAQ section for more details.
V.0.8.1
- Made compliant with WordPress 2.7.1
- Corrected bug in dashboard statistics links
- Corrected bug in strengh meter when choosing custom password
V.0.8.0
- Added parameter to activate invitation codes
- Added custom logo in logon/registration screen
- Plugin is now compatible with WordPress 2.7
- Plugin totally rewritten in object oriented PHP
- Message management reviewed to support plural form
V.0.7.4
- Corrected bug in automatic suppresion of the blocked registrations log. A value of zero or less days of retention will now stop Sabre’s automatic cleanup.
V.0.7.3
- Added parameter to choose between black or white background for the captcha image.
- Added parameter to ask the user to read and agree with the general policy rules of the blog before registration.
- Sabre has been made compliant with the possibility offered by WordPress 2.6 to move the wp-content directory to a custom location.
V.0.7.2
- Added parameter to let the blog admin validate the user registration.
- Revised admin interface for the management of registrations to confirm.
- Added tab “Registrations to confirm”.
V.0.7.1
- Added parameter to let the user choose his password during the registration.
- Added parameter to display Sabre’s statistics on the dashboard.
V.0.7.0
- This version requires WordPress 2.5 and can’t be used with previous versions of WordPress.
- Administration panel has been reworked to stick with the new WordPress admin interface.
- Added parameter to receive a mail whenever a new user confirms his registration.
V.0.6.3
- Small adjustments done to comply with WordPress 2.3.3
V.0.6.2
- Added parameter to check if IP address is banned by DNSBL servers.
V.0.6.1
- Change the Sabre table definition as some MySql versions doesn’t allow text columns to have default value. This was preventing the creation of the table during Sabre initialization in some occasions.
V. 0.6.0
- Added parameter to delete WordPress account automatically when registration is canceled, either manually or because of exceeded period of time.
- Added parameter to insert a reference to Sabre at the bottom of the registration form.
- Added parameter to select the number of days for automatic purge of history log.
- Added parameter to delete all information about Sabre when deactivating the plugin. This will clean your WordPress blog of tables and options created by Sabre, if you decide to stop using Sabre.
- Performance improvement bypassing the tests if errors already detected before calling Sabre (eg. user name and/or mail missing)
- Performance improvement by code optimization
- Reinforced access security to the administration panels of Sabre using wp_nonce_field
V. 0.4.2
Corrected bug in the storage of the number of days for registration’s confirmation.
V. 0.4.1
- Added parameter to deny/authorize newly registered users to sign in before registration is confirmed.
- Added the possibility to automatically register all existing WordPress accounts.
- Added several messages to give the status of operations done.
V. 0.4.0
Added several new internal tests to make Sabre more efficient in spambot detection. Those tests run undetected for regular human registrars. Those new tests are:
- Control that the registration form is loaded before the answer is sent to the server.
- Control that the IP adress of the requester is the same when the form is sent back.
- Control that the browser used to register has Javascript capabilities as many spambots lack them.
- Control that the Javascript capability is not faked.
- Control that the registration is done within a maximum period of time.
- Control that the registration form is possibly filled by a human, in a minimum amount of time.
Changed the way to control who can bypass the registration confirmation : Sabre now tests the “edit_users” capability and no longer the user level. This will ensure that all accounts with a high level of rights will always be able to sign in.
V. 0.2.2 (Stable)
- Code optimized and splitted in various files to reduce server load.
- Automatic cleanup enhanced.
V. 0.2.1 (Stable)
- Added a possibility to include the test randomly in the registration form.
- Added manual suppression of logs.
V. 0.1.1 (Beta)
First public version
216 Comments
Pages: [25] 24 23 22 21 20 19 18 17 16 15 … 1 » Show All
hi didier,
i’m using the plugin theme my login together with sabre and – besides of a small issue (which is due to a change of default field names in theme my login) – so far, everything works.
greetz,
berny
@Add
What you want to do is not easily done and copying the source from the brower is certainly not the way to achieve it.
If you want to include the registration form into your home page, you’d better look for a plugin like AJAX Login, for instance.
But doing so, you won’t have the Sabre functionalities as Sabre is meant to be used with the WordPress default registration process.
Best regards,
Didier
Hello,
I was just wondering how I could put the registration form with sabre integrated with it on my homepage? I can’t just paste the form code from the page source from where the registration form is now, so how might I insert this? I hope this is clear enough
@Phil
Je vous suggère de commencer par supprimer Sabre en allant dans le paragraphe “Options diverses” de Sabre, de cocher la case “Supprimer Sabre” et de sauvegarder les options.
Ensuite, allez dans le panneau des plugins et désactivez Sabre. Cela aura pour effet de supprimer toute trace de Sabre, table et options.
Enfin, réactivez Sabre.
J’espère que cela vous permettra de retrouver une installation opérationnelle de Sabre.
Cordialement,
Didier
Bonjour,
Voilà, hier j’ai fait la mise a jour proposé en version 1.0. Or je ne sais pas ce qui s’est passé, mais depuis, plus aucun mail de confirmation n’est envoyé aux membres qui s’inscrivent …..
J’était tres satisfait de la version précédente et je vous dit bravo pour ce plugin indispensable.
Aussi, pourriez vous me donner une piste pour reinstaller le tout proprement car au moment de la mise a jour, il y a eu une erreur, et j’ai eu beau tout desinstaller et tout reinstaller, y compris la table créée, rien n’y fait
Merci d’avance
Phil
Hi there,
Thanks for the update!
One request. Could you match the style of the fields to the original registration fields?
http://meandmymac.net/wp-login.php?action=register
See the SABRE fields are plain, unformatted fields while the username and email field are styled to the login screen.
Thanks!
Glad to hear you again, Berny
I fear I missed the policy page’s link item on my todo list. Growing older, my memory is no longer what it used to be. But I will do it, I swear…
Thanks for your kind support,
Didier
hi didier,
thanks for version 1.0. – looks good to me.
though, as every update also reminds me of one thing: i just wanted to ask if you’ve considered including the link to the policy-page in addition to the textarea as mentioned last year?
something like that…
echo ‘’ . $policy_name . ‘’;greetz,
berny
@Debbie
Just go to the “Sequence of tests” entry and check that you have the “All” option selected, not the “Randomly” one.
With this setting, Sabre will display all the active tests, say all the tests having their activation option checked.
Best regards
Pages: [25] 24 23 22 21 20 19 18 17 16 15 … 1 » Show All
One Trackback/Pingback
[...] SABRE – Simple Anti Bot Registration Engine [...]
Post a Comment