Announcement

Collapse
No announcement yet.

Has anyone disabled CAPTCHA since 3.7?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    Originally posted by Dean C View Post
    You have to think outside the box. Ask users to spell words backwards, or without vowels.

    I think there must be a better system / other possibilities than this, don't think that I would ever ask new members to spell words backwards.
    I even dont like recaptcha system (and would never use it if...yes, if...) because even for me its not that easy to find out what letters are on pictures, very complicated system, and always click on refresh to get a new pic with hopefully more visible letters its really annoying cause I do not have much time to type and type and type so I leave it... and I'm sure some...or maybe many new members feel the same.
    Last edited by boogie box high; Tue 20th May '08, 1:05am.

    Comment


    • #32
      Originally posted by Dean C View Post
      You have to think outside the box. Ask users to spell words backwards, or without vowels. That throws a nice spanner in the works. When you think of all the easy but different things you can do to the English language you actually have quite a lot of possibilities. And regarding your bruteforcing suggestion, one would assume that vBulletin blocks IPs from people making a ridiculous amount of requests to the registration form. I certainly do that in my applications
      I think you'd be surprised how many people would screw up spelling a word backwards, let alone without vowels... this already falls under the "too complex" as far as I'm concerned. The majority of users who fail the first check won't attempt it again but rather go elsewhere.

      As for vB blocking brute-forcing IPs, I don't think it does. I've never heard of it doing any such thing, at least.
      Former endorsement revoked. You know the saying - one rotten apple spoils the whole barrel...

      Comment


      • #33
        How is "Enter the word reebtoor in the box below" too complicated?
        Translations provided by Google.

        Wayne Luke
        The Rabid Badger - a vBulletin Cloud demonstration site.
        vBulletin 5 API - Full / Mobile
        Vote for your favorite feature requests and the bugs you want to see fixed.

        Comment


        • #34
          You could also do things like:

          Enter the middle word: Cow, Horse, Elephant?
          What is the last word: House, Boat, Automobile?
          What is the fourth letter in Elephant?
          Using the last three letters in the word Elephant, what kind of insect do you get?
          How many letters does the word racecar have?
          How many sides do triangles have?
          What color is the sky?
          Roses are red, violets are?
          What number comes after 10?
          What color is the grass?
          The second month of the year is?
          There are how many days in a week?

          Individual sites could have specific questions to their content as well.
          Translations provided by Google.

          Wayne Luke
          The Rabid Badger - a vBulletin Cloud demonstration site.
          vBulletin 5 API - Full / Mobile
          Vote for your favorite feature requests and the bugs you want to see fixed.

          Comment


          • #35
            I was thinking about doing something along the lines of this:

            Enter the word in this sentence that is red. Do not use capitalization or punctuation.

            Comment


            • #36
              I'm using question/answer for two weeks now, no SPAM and even with reCAPTCHA I get some SPAM.

              So far, so good. And it's easier for the users, too.

              Comment


              • #37
                Originally posted by Wayne Luke View Post
                How is "Enter the word reebtoor in the box below" too complicated?
                It isn't, but "enter/type * word <X>" isn't really hard for a bot programmer to do either, is it?

                Originally posted by Wayne Luke View Post
                You could also do things like:

                Enter the middle word: Cow, Horse, Elephant?
                What is the last word: House, Boat, Automobile?
                What is the fourth letter in Elephant?
                Using the last three letters in the word Elephant, what kind of insect do you get?
                How many letters does the word racecar have?
                How many sides do triangles have?
                What color is the sky?
                Roses are red, violets are?
                What number comes after 10?
                What color is the grass?
                The second month of the year is?
                There are how many days in a week?
                These are all dead easy for any spambot programmer to crack too. I was talking about Q&A that wouldn't be crackable by a bot with very limited intelligence, but all of the above easily is. I've seen spammers crack infinitely more complex systems than the above over the years.

                Individual sites could have specific questions to their content as well.
                That would assume that everyone visiting a site is familiar with the content, which isn't always the case.
                Former endorsement revoked. You know the saying - one rotten apple spoils the whole barrel...

                Comment


                • #38
                  If you want to completely eliminate bots, then you'll pretty much have to remove your site from the Internet at this point. All Captcha does is slow them down or force them to use human intervention for registering.

                  However when you take all the tools provided by the vBulletin system - Human Verification, Email Validation, Moderation and Spam Filtering - then you can create something that is easier to maintain. It probably won't stop 100% but 98% is good and easy to maintain. Though if you moderate the first 5 posts of every new user, you can appear to be 100% spam free. At least in the public's eyes. With inline moderation, this isn't a burden anymore. Just look at your forum's thread list and either approve or delete the moderated threads and posts.
                  Translations provided by Google.

                  Wayne Luke
                  The Rabid Badger - a vBulletin Cloud demonstration site.
                  vBulletin 5 API - Full / Mobile
                  Vote for your favorite feature requests and the bugs you want to see fixed.

                  Comment


                  • #39
                    I've had a long post typed up, but then pressed another button and lost it as the quick reply here gets cleared and locked on returning to the previous page. Eh...

                    Anyway, the most important bit of the post was, where exactly do you turn inline moderation on and is there an actual setting for "approve first 5 posts and then don't require approval any more"? That actually sounds useful, but searching the vB manual I couldn't find answers to either of those questions.

                    The vB admin panel is so bloody big by now that it seriously needs an internal search engine where I could just type "inline" and it'd return a list of all ACP matches. I hope to see this in 4.0.
                    Former endorsement revoked. You know the saying - one rotten apple spoils the whole barrel...

                    Comment


                    • #40
                      Instructions on how to setup moderating of the first XX posts is available here:
                      http://www.vbulletin.com/forum/showthread.php?t=248832

                      It isn't a switch that can just be turned on. Inline Moderation should be on by default when using a default style. It has been a feature since 3.6.0. All moderators, super moderators and administrators should have access to it. You can also see moderation queues from within your Admin CP.
                      Translations provided by Google.

                      Wayne Luke
                      The Rabid Badger - a vBulletin Cloud demonstration site.
                      vBulletin 5 API - Full / Mobile
                      Vote for your favorite feature requests and the bugs you want to see fixed.

                      Comment


                      • #41
                        Thanks, I might use that.
                        Former endorsement revoked. You know the saying - one rotten apple spoils the whole barrel...

                        Comment


                        • #42
                          Originally posted by boogie box high View Post
                          >10x manual signups with different ip's at one forum in a day...? hmmm, yes...could be...
                          (I'm talking about Q&A, let's see with recaptcha).
                          The same is with recaptcha now! Still have spam signups with enabled recaptcha!

                          After registrations they try to edit (and post a link to a Chinese spam website in) their signature and afterwards they try to start a new thread.

                          Comment


                          • #43
                            reCAPTCHA's been broken, there's a long thread about it in the other support forum here. Over the last couple of weeks thousands of forums with reCAPTCHA started seeing spam from the same Chinese spammers. We got it on our forums too, just as described in that thread. So much for reCAPTCHA... If vB at least enabled you to use multiple protection at once (Q&A and reCAPTCHA) it might slow them down a bit, but right now the only chance is a single option, each of which has already been cracked by spammers. It's a bloody nightmare...
                            Former endorsement revoked. You know the saying - one rotten apple spoils the whole barrel...

                            Comment


                            • #44
                              I've been able to prevent a lot of would be spammers by simply preventing countries that have no business viewing my site (ie, China) from registering.

                              But I also use Recaptcha on top of that.
                              http://www.voogru.com
                              http://forums.voogru.com

                              Comment


                              • #45
                                Originally posted by Wayne Luke View Post
                                You could also do things like:

                                Enter the middle word: Cow, Horse, Elephant?
                                What is the last word: House, Boat, Automobile?
                                What is the fourth letter in Elephant?
                                Using the last three letters in the word Elephant, what kind of insect do you get?
                                How many letters does the word racecar have?
                                How many sides do triangles have?
                                What color is the sky?
                                Roses are red, violets are?
                                What number comes after 10?
                                What color is the grass?
                                The second month of the year is?
                                There are how many days in a week?

                                Individual sites could have specific questions to their content as well.
                                Today I started to use almost 10 questions from your list in my registration form and first spam user is here.

                                Comment

                                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                                Working...
                                X