Security

This module changes your image gallery administration page to allow you to set image galleries private. You can control what user roles can view, edit, delete and post to each gallery. You can also give each gallery a list of users who have administrative access on that gallery (AKA moderators).

Image galleries are provided by the Image Gallery module inside the Image module. Image Gallery Access also requires the ACL module in order to function.

OG User Roles allows group administrators of organic groups to grant additional user roles to individual members of a certain group.

Any additional permissions only apply within the context of this group and not globally. This means that the additional user roles to grant are determined and assigned by the requested page; e.g. node/123 belongs to group XYZ for which the user was granted additional roles. If the user goes to another page that does not belong to the same group, the additional user roles are no longer assigned.

Additional user roles can only be granted, not revoked.

Site administrators may also configure a default user role for new group members or a default user role for new group admins.

The GlobalTEK GTSpam module obfuscates email addresses to help prevent spambots from collecting them, without loosing the mailto URL scheme default semantics and operations (see RFC 2368).

In Dan Thies' great post about the method "Google Proxy Hacking" at

http://www.seofaststart.com/blog/google-proxy-hacking

he illustrates how an (evil) third party can remove your site from the Google
search results.

One actual example of the application of this black hat SEO tactic
for Google bowling my own company site out the results is illustrated here

Most spam messages contain links and most spambots don't register on the sites they want to spam. BlockAnonymousLinks blocks comments from anonymous users that contain links.

Private Number defines a CCK field type for numbers which should be kept private, such as government-issued identification or account numbers. The module enables two of the industry standard best practices for handling confidential data: masking the number when viewed by users without view private number access permission and encrypting the number with a md5 block cipher in 128 bit CFB mode when stored.

Gotcha is sort of a take off on "captcha." The idea was first mentioned on http://drupal.org/node/166921 as a possible way to trick spam bots who try to use the Drupal contact form. I don't particulary like the extra step humans are required to perform in these "verification" methods, and some just don't work.

The idea is simple: Basically you place a bogus input field on a contact form, and use CSS to not display it. On submission you check for a value. If there is a value entered, then that means a non-human has been blanketing form fields, and the form post can be ignored as spam. The spam bot will probably never know.

Gotcha adds a field labeled "Subject" at the top of the contact form. It uses a "div" tag to render the field as "display: none" so human users shouldn't see it, and won't enter any data there. Hopefully, the suspected spam bot will see "Subject" and be enticed to enter something there. There is descriptive text to encourage a human (whose browser might be set to display it anyway) to ignore this field.

Gotcha intercepts the contact form submission and checks the hidden field. If something is there, Gotcha simply returns to the front page and ignores the message. The attempt is logged, along with the submitter's IP address, and the suspect message is saved in the database. If the field is empty, then the message is passed on through to the contact module for normal processing.

Unfortunately, most of the spam was still getting through. And most of that was a bunch of links to drugs or porn. From exerience, I knew that the Spam module was already good at dealing with this in comments. After browsing that module, I found that I could "hook" into its filters and use them to identify spam.

All of my spam emails stopped immediately!

Note: As of 2010/06/24, this module appears to no longer be supported. If you are interested in taking this module over, or you as the module maintainer feel this message has been posted in error, please reply to #820552: Is Local Email still being maintained?.

Windows live ID is a service provided by microsoft that allows you to login to non microsoft websites using your Windows live userid and password (e.g. hotmail or msn user id and password). This is MSFTs answer to OpenID for those who are familiar with OpenID.

This module when installed and enabled on a Drupal 5.x or 6.x website will add a URL link to the login block or login page.

While this module works well on small sites, it is not as robust as Search Restrict. There won't be a Drupal 6 (or 7) release for this module, so please use Search Restrict instead.

There is also the Search configuration module that for Drupal 7 now incorporates this functionality.