Abandon Captcha for Wiki, Forum and Authentication

1 Reasons to Abandon Feature

The captcha feature has been introduced to reduce spam in forums and wikis almost 10 years ago. Since then it has not been introduced to other components and gets little maintenance. If anyone is still interested in the feature I would like to hand over maintenance, if not it may become part of the Services/Authentication maintainership. If both is not feasible I would like to abandon the feature completely.

Even if maintained, I think it is very rarely used in Wikis (if at all) and should therefore be removed at least from the Wikis.

2 Technical Information

The component also includes an older securimage lib which should definitely be updated, if the feature is kept.

3 Contact

• Author of the Request: Killing, Alexander [alex]
• Maintainer: Killing, Alexander [alex]  (First maintainer for the Wiki, implicit maintainer for the Captcha)
• Implementation of the feature is done by: {The maintainer must add the name of the implementing developer.}

4 Funding

Removing the feature from the ILIAS code base might need funding. If you are interest in funding this request, please add your name and institution to this list.

• ...

5 Discussion

Use the following discussion section to express your objections against this request or your consent to get rid of this feature.

JourFixe, ILIAS [jourfixe], 17 MAY 2021 : We highly appreciate the suggestion to abandon Captcha support for wikis and forums with ILIAS 8, but would like to keep the Captcha for self-registration. Title of feature request is changed accordingly. We also would like to move the Captcha source directories to the Auth component. With the removal of Captcha from the wiki, Alexander will step back from this implicit maintainership. Any developer who wants to take over maintainership of this service is highly appreciated. Please contact the TB or PM.

Killing, Alexander [alex], 18 Jan 2022: The Captcha service still is assigned to me in the PHP8 migration project. I was also willing to do this until I realised that the securimage library we are using is not maintained anymore (updating libs is part of the PHP8 support tasks). See comment of the former maintainer: https://github.com/dapphp/securimage/issues/66#issuecomment-636279862. If I understand this correctly his conclusion is, that this style of captcha will not prevent spam bots from doing their work now or in the future. Looking for a completely different solution is currently out of scope for me, thus I cannot update / replace the lib and would either a) remove the Captcha feature completely or b) hand it over not, including the PHP8 migration part.

JourFixe, ILIAS [jourfixe], 24 JAN 2022 : We prefer to abandon the use of the current Captcha library completely, incl. registration, because this Captcha does no longer prevent bots to register in ILIAS. In case, a better Captcha library or a more effective method to avoid bot registration is available, the self registration can integrate such a library instead. The PM will contact the responsible maintainer for authentication, Per Pascal Seeland.

6 Implementation

Settings/Implementation has been abandoned completely.

Removed Testcases

The following testcases have been removed from Testrail or modified because the feature is no longer part of the ILIAS core.

• C2156: Captcha bei Login

Approval

Approved at {date} by {user}.