NOTE: This mitigation strategy is applicable only to "standalone" customers using our Higher Logic login page (i.e., customers not integrated with a CRM/AMS).
Customers whose login page is hosted in a CRM/AMS may be able to leverage a similar strategy by reaching out to their CRM/AMS provider's support team and requesting a reCAPTCHA be added.
One of the best ways to prevent bots from causing issues on your site is to prevent them from logging in. While you may have some public content that could still be vulnerable to bots, most organizations keep their communities and content locked behind a login (i.e., members only), making this an excellent bot-mitigation strategy.
- How is login-prevention achieved?
By implementing a reCAPTCHA feature on your login page.
Let's take a look at the steps required to enable this.
Step 1 - Enable reCAPTCHA on your site
This must be completed by Higher Logic. Create a case and request that our Support team enable the reCAPTCHA feature on your site.
Step 2 - Add reCAPTCHA to your login page
After the feature has been enabled, add it to your login page.
- In the Admin Toolbar, click (or right click for a new tab) Edit Navigation.
- Locate your login page. By default, its pagecode is login, so the easiest way to find it is to search. Click the magnifying glass icon to expand the search field and enter "login."
- In the search results popup, click to select the login page. The popup closes and the page is selected in the CMS.
- Click the ellipsis menu (...) and select Edit.
- Click to select the Login and Sign Up widget (called "Login," by default), followed by the edit icon.
- Toggle the Show Captcha? option to Yes, as shown below.
- Click Save to save these widget changes.
- Click Publish to apply this change to your login page.
