|
1296 | 1296 | </span> |
1297 | 1297 | </a> |
1298 | 1298 |
|
| 1299 | + <nav class="md-nav" aria-label="Configuring Actions"> |
| 1300 | + <ul class="md-nav__list"> |
| 1301 | + |
| 1302 | + <li class="md-nav__item"> |
| 1303 | + <a href="#bot-detection" class="md-nav__link"> |
| 1304 | + <span class="md-ellipsis"> |
| 1305 | + Bot Detection |
| 1306 | + </span> |
| 1307 | + </a> |
| 1308 | + |
| 1309 | +</li> |
| 1310 | + |
| 1311 | + </ul> |
| 1312 | + </nav> |
| 1313 | + |
1299 | 1314 | </li> |
1300 | 1315 |
|
1301 | 1316 | <li class="md-nav__item"> |
|
1524 | 1539 | </span> |
1525 | 1540 | </a> |
1526 | 1541 |
|
| 1542 | + <nav class="md-nav" aria-label="Configuring Actions"> |
| 1543 | + <ul class="md-nav__list"> |
| 1544 | + |
| 1545 | + <li class="md-nav__item"> |
| 1546 | + <a href="#bot-detection" class="md-nav__link"> |
| 1547 | + <span class="md-ellipsis"> |
| 1548 | + Bot Detection |
| 1549 | + </span> |
| 1550 | + </a> |
| 1551 | + |
| 1552 | +</li> |
| 1553 | + |
| 1554 | + </ul> |
| 1555 | + </nav> |
| 1556 | + |
1527 | 1557 | </li> |
1528 | 1558 |
|
1529 | 1559 | <li class="md-nav__item"> |
@@ -1596,6 +1626,10 @@ <h2 id="configuring-actions">Configuring Actions</h2> |
1596 | 1626 | 'action_email_activate_show' => '\CodeIgniter\Shield\Views\email_activate_show', |
1597 | 1627 | 'action_email_activate_email' => '\CodeIgniter\Shield\Views\Email\email_activate_email', |
1598 | 1628 | ];</code></pre> |
| 1629 | +<h3 id="bot-detection">Bot Detection</h3> |
| 1630 | +<p>The <code>ActionController::verify()</code> method includes built-in protection against web crawlers and bots. When a bot (such as Googlebot, Bingbot, etc.) attempts to access verification links, the system will return a 404 error instead of processing the request.</p> |
| 1631 | +<p>This security feature prevents bots from accidentally or intentionally consuming verification tokens or codes by following links in emails during their crawling activities.</p> |
| 1632 | +<p>CodeIgniter automatically handles bot detection through its User Agent library. It checks the User-Agent string against the <code>UserAgents::robots</code> config defined in <strong>app/Config/UserAgents.php</strong> to identify known web crawlers.</p> |
1599 | 1633 | <h2 id="defining-new-actions">Defining New Actions</h2> |
1600 | 1634 | <p>While the provided email-based activation and 2FA will work for many sites, others will have different |
1601 | 1635 | needs, like using SMS to verify or something completely different. Custom actions must adhere to the following requirements:</p> |
@@ -1638,7 +1672,7 @@ <h2 id="defining-new-actions">Defining New Actions</h2> |
1638 | 1672 | <span class="md-icon" title="Last update"> |
1639 | 1673 | <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M21 13.1c-.1 0-.3.1-.4.2l-1 1 2.1 2.1 1-1c.2-.2.2-.6 0-.8l-1.3-1.3c-.1-.1-.2-.2-.4-.2m-1.9 1.8-6.1 6V23h2.1l6.1-6.1zM12.5 7v5.2l4 2.4-1 1L11 13V7zM11 21.9c-5.1-.5-9-4.8-9-9.9C2 6.5 6.5 2 12 2c5.3 0 9.6 4.1 10 9.3-.3-.1-.6-.2-1-.2s-.7.1-1 .2C19.6 7.2 16.2 4 12 4c-4.4 0-8 3.6-8 8 0 4.1 3.1 7.5 7.1 7.9l-.1.2z"/></svg> |
1640 | 1674 | </span> |
1641 | | - <span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date" title="February 14, 2025 19:18:58 UTC">February 14, 2025</span> |
| 1675 | + <span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date" title="November 3, 2025 20:39:05 UTC">November 3, 2025</span> |
1642 | 1676 | </span> |
1643 | 1677 |
|
1644 | 1678 |
|
|
0 commit comments