For what/what not?
Improve the security of your OXID eShop with the OXID Security Module.
Take advantage of the following features:
Enforcing strong passwords
A password policy enforces the security of passwords.
The system validates your customers’ password entries based on the criteria you configure.
Your customers are shown the requirements when they click in the password input field (Fig.: Requirements for passwords, item 1).
A password strength indicator and a password generator help your customers to fulfill the requirements.
Fig.: Requirements for passwords
If required, configure the minimum length of the password and the standard requirements for the composition of the password that your customers must enter when registering.
For more information, see Setting password policy.
Using CAPTCHA protection against bot attacks
The CAPTCHA mechanism in OXID eShop protects form areas from automated bot attacks.
This feature is available for key forms and includes two different types of CAPTCHA.
Background
Automated requests can lead to spam, security vulnerabilities, or increased server load.
The CAPTCHA mechanisms prevent such automated inputs either through active user interaction or through invisible validation methods (e.g., honeypot).
Available CAPTCHA Types
Image CAPTCHA
Users must correctly enter the text displayed in an image.
To assist users, a Reload button and an audio playback option for accessibility are available (Fig.: Image CAPTCHA with audio playback and reload).
Fig.: Image CAPTCHA with audio playback and reload
Honeypot CAPTCHA
An invisible field identifies automated bots without affecting the user experience (Fig.: Testing the Honeypot CAPTCHA, item 1).
This CAPTCHA is not visible to human users.
Applicable Forms
The CAPTCHA check is integrated into the following forms:
Registration
Login
Newsletter subscription and unsubscription
Contact form
Implementation
Use the settings to define which CAPTCHA types should be active.
For more information, see Configuring CAPTCHA Verification.