Monday, May 02, 2011

Disabling Account Creation In BugZilla

I don't know about anyone else, but I am one of those guys who likes to implement what security I can on the server(s) that I have. Recently I have been doing setup on a new machine and have setup BugZilla as my issue tracking software.

I know that plenty of people have plenty of suggestions as far as the different software's that are available for different tasks. I have gotten some earfuls from some of them asking "why the heck would you choose that?". Please know ahead of time that the software I am using, I have chosen because:

#1: It meets my needs
#2: I have either used it or played with it before and am comfortable with it.

I have nothing against other software's, I just have the stuff I like and I use it.

Ok, that said, I have installed Bugzilla on my new server and have it setup with an account for myself. Upon getting it to that point, I quickly decided that I did not want anyone just creating an account, so I looked into how to disable account creation by anyone and here is how to do it.

1. Log in as an Administrator
2. Go to: Administration->Parameters->User Authentication
3. Scan down to the bottom of the screen till you find 'createemailregexp'.
4. Clear out the value in the box
5. Client "Save Changes"

AFter that, log out and ensure that the button says "Login" in stead of "Create Account" and your all set. After that, in order to create an account, you will need to log in as the administrator.


Karthi K said...

Hi Jeff,

Your blog really helped me disable new account creation. Also i would like to disable administration link for non admin users. With our current settings non admin users able to edit other users settings. We really don't want this. Can you please suggest , how to disable it ?
Thanks in advance.
Karthi K

Numberwhun said...

Hi Karthi!

I am very happy to hear that this has helped at least one person. :)

As for your dilemma, I believe that this link may help you with the access issue. Let me know if it works for you.

Let me know if that helped. There are a bunch of configuration options on there, so be sure and read them carefully.

The section on that page that you are probably wanting to look at is "Restrict editing by all non-sysop users". That seems to have the options for limiting what users can do when not a sysop.



Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.