• Howdy! Welcome to our community of more than 130.000 members devoted to web hosting. This is a great place to get special offers from web hosts and post your own requests or ads. To start posting sign up here. Cheers! /Peo, FreeWebSpace.net
managed wordpress hosting

keyCAPTCHA

Sain Cai

Beautiful Daddy
NLC
After getting a bunch of spam lately on my Pats forum, I decided a different type of spam measures is needed.

keyCAPTCHA requires a person to basically to assemble a puzzle, that isn't hard (4 pieces).

Has anyone used this for phpbb3 (or any CMS) and if so how has it worked.
 
I imagine it would work quite well, though I have never used it. No way I know would a bot ever be able to assemble the puzzle.

I just use 2 questions and a simple captcha, with extremely good results. The only "bots" that get by are aided by humans. Those are going to get through whether you use a puzzle, or questions, or differential equations. Well...maybe not so much the last one, since bots can do math. :)

Another wonderful method is to have a link to an external file, with a bunch of words listed, and have the user copy the 6th word, for example. No way is a bot going to figure out to go to the external link, find the 6th word, etc.

As long as whatever you implement requires human intervention, your number of spam registrations are going to decrease drastically.
 
I hope so. I have deleted like 10 users over the last couple days, while the nards are sore and myself hopped on the class A narcs. Had to ban several email addresses as well, and hope this will solve the problem

I know when I was running phpbb2, there was a antibot mod that worked extremely well, basically just a few randomized questions. If that worked wonders, I would think something as "complex" as a puzzle should as well.
 
I have thried that and it didn't work :(

At the moment I have a modification installed (vBulletin) that requires users to take at least 15 seconds on the register.php page.
Only bots can submit their username, email adress 2x, password 2x and their birthday within that 15 seconds.
This is the best modification ever, X-rumer can no longer register.
 
That's a good one too, Sander. Have never seen that before, but I imagine that would work quite well. Wouldn't take much for the bot writers to write built-in delays in the code though. Of course, they would have to figure out what method you are using in the first place, which again, is going to require human intervention.

Sain Cai, not sure where your audience is (I'm guessing mainly the US, since it's a football site), but another thing you can do if you really wanted to is completely ban other countries via .htaccess or your firewall, if you have that access. Not sure it's the most recommended method, but on our forums, we didn't have an audience or legitimate members from China or Egypt. That's where every single bot sign-up was originating. Banned the entire countries. Of course, some bots are using proxies now from other countries to get around that, since many sites have banned Asia and the Middle East in its entirety. But that works too.
 
I have thried that and it didn't work
I am Free-lancer or virtual Assistant winning bids on free-lance sites to help with website deployment, plugin installations.

I do not own licenses (and frequently I am not aware beforehand that I have jobs to deal with nulled installations) so I cannot post in vBilletin.org, vBulletin.com or XenForo.com sites

Recently I had won a bid to install and configure KeyCAPTCHA plugin on a site powered by XenForo.
This KeyCAPTCHA not only failed to protect from spambot registrations but its installation made the already working forum inoperable and
I had to reinstall XenForo!

After my misfortunates I had to make some investigation
I pity I had not done it before!!!

I know when I was running phpbb2, there was a antibot mod that worked extremely well, basically just a few randomized questions. If that worked wonders, I would think something as "complex" as a puzzle should as well.
Jigsaw puzzles had been solved (assembled) programmatically long before invention of CAPTCHA

"If that worked wonders" then spambots had never visited your website

People have been far and few to start with <img src="images/smilies/frown.gif" border="0" alt="" title="Frown" smilieid="80" class="inlineimg">
People are simply repelled by advertising banner-CAPTCHAs

There are reports that KeyCAPTCHA decreases users involvement 20 times
  • Google by string:
    "BTW, just checked another phpBB forum where we introduced keycaptcha a couple of months ago.

    Spam posts=0
    Registrations down by 95% - not one complaint, but I can't deny it's entirely possible (if a tad unlikely) that many genuine members tried and failed to register - no emails"
increasing spam:

  • Google by string:
    "but spam on our forum and increased tenfold since installing KeyCAPTCHA. If anything, it seems less secure than the reCAPTCHA or the Q&A methods"
Note that the owner/webmaster of a "protected" webresource doesn't control or even see what is loaded from KeyCAPTCHA servers
directly to browsers of visitors of "protected" sites while KeyCAPTCHA "nusinessmen" do not even hide that they are professional spammers:
  • Google by string:
    "New Trends in Spamming: Spam Fused into Antispam Protection with Spamming Visitors Instead of Web Sites"
There are even more funny posts....
The KeyCAPTCHA Team's post I enclosed below [1] ells that:
  • KeyCAPTCHA plugin had a bug and KeyCAPTCHA did not protect from spam
    (more than a year)
    • so, it just worked as advertising banner
  • the corrected KeyCAPTCHA plugin is still not published officially
    (on official keycaptcha.com website or on official xenforo.com website with this plugin)
while there were hundreds of posts claiming that KeyCAPTCHA is 100% unbreakable by spam bots

[1]
Again, I cannot insert link, google by this text that I copy-paste here:
  • "Good (partof the) day,
    herewith we enclose the attachment with corrected version of the KeyCAPTCHA plugin for XenForo, which is not published on our official (keycaptcha.com) web site, but it is fully debugged and working.

    JS code of KeyCAPTCHA can be taken from the instructions for vBulletin, no need to change anything.

    PS:
    the version that was published by the topic-starter(TS) was not working and did not protect against spam, Even if the captcha showed up, the validation of visitor's CAPTCHA solving did not ever occur due to errors in the code of the plugin.

    Sincerely,
    KeyCAPTCHA Team"
 
Just checked the website

I just checked the website and it looks promising to me. You should try it out.
 
Back
Top