LearnDash Integrity is the best way to protect the integrity of your courses with functionality such as hotlink protection, preventing concurrent logins, and preventing copied content; although there’s no foolproof way to stop that from happening but Integrity certainly helps to keep the pirates at bay.
Top that off with our reCAPTCHA integration for our native login and registration forms for LearnDash.
There will be a few options that we will discuss below.
You need to have LearnDash installed & activated before you can activate the “Integrity” plugin.
Table of Contents
Option 1: Add-ons Menu (requires an active LearnDash license)
- In your WordPress admin area, navigate to LEARNDASH LMS > ADD-ONS
- Scroll down to the Integrity add-on
- Click Install Now
- Click the Activate Plugin button
Option 2: Manual Upload
- Download the plugin file (must be logged in to download)
- In WordPress, navigate to PLUGINS > ADD NEW
- Click Upload Plugin
- Browse for the
.zipfile you downloaded in Step 1
- Click Install Now
- Click Activate Plugin
How It Works
The LearnDash Integrity plugin allows you to secure and protect the integrity of your LMS site. It’s simple to use has a lot of available features.
To access the Integrity plugin settings head on to LEARNDASH LMS > SETTINGS and click on the Integrity tab.
This option protects videos and images hosted on this site from hotlinking. Hotlinking is known as the act of stealing someone’s bandwidth or server resources by linking directly to their website’s assets, such as images or videos.
Prevent Concurrent Login
Concurrent login is when one user with a single username and password logs-in at the same time from different locations or devices. This option prevents that from happening. Whenever someone else logs in under the same username/email while you are still logged in, they will get an error prompt indicating that the account has exceeded the maximum concurrent login number. This prevents one user from sharing their logins with the intent of having others complete all their courses.
You can also choose to have certain user roles excluded from this feature. Upon enabling this feature, you’ll see an option to exclude one or more user roles from the lockout
You can also configure this on a per user basis where only that specific user will be able to log into multiple sessions. To enable this for a user, visit their user profile in the WP admin, scroll down to the Bypass Concurrent Login Lockout section, check the checkbox and then save the user profile.
Prevent Content Copy
This option disables the “Copy” and “Paste” functions on the website, in addition to the entire right-click functionality. Although this is not a foolproof method to prevent this, this may discourage users to copy and paste content and courses from your website.
reCAPTCHA is the easiest and most famous method of protecting your site from spam, fraud, and abuse, both from bots and users with malicious intent.
There should only be 1 version of reCAPTCHA enabled at a time for this setting to work properly.
When this option is enabled, you are presented with two options: reCAPTCHA v3 (invisible) or reCAPTCHA v2 (checkbox).
Since reCAPTCHA is from Google, you need to register your site and acquire the site keys from them in order enable this setting. You are required to:
- Have a Google Account to associate with your site keys
- Register your website on the Google reCAPTCHA page
The site and secret keys are provided by Google after filling out the registration form above.
reCaptcha v3 (Invisible)
reCAPTCHA v3 is is the latest invisible security captcha introduced by Google. It adds protection to your website without forcing the user to go through a series of puzzles or checkboxes to verify if they are human.
reCAPTCHA v3 uses what is called a confidence score threshold based on the user’s mouse movement, previous activity, network status, location, among other things to verify how likely they are to be human or a bot. The higher the score threshold the more confidence is required for them to pass the captcha.
Based on the score, you can take variable action in the context of your site.
reCaptcha v2 (Checkbox)
reCAPTCHA v2 is also implemented by Google to provide widgets, either by checkboxes, puzzles, or other forms of verification, to avoid spam and automated bots from accessing the site.
On the Google registration form, you have the option to choose on what type of reCAPTCHA v2 you are going to be using:
You can choose which forms on your website the reCAPTCHA will be displayed by selecting it on these options. You can opt to have it on the Login form only, the Registration form only, or on both.