|
very nifty idea, great way around the bot problems. If we start haivng an issue with this, will def install.
|
I had one determined Spam Bot make it through today - it has taken them a long time, so to increase security slightly, I've increased the number of images from 4 to 6 - if anyone else wishes to do this, here's how to:
AdminCP -> Plugins & Products -> Plugin Manager -> Extra user verification - click edit then find this code : Code:
$amount_of_images_to_show = 4;Code:
$amount_of_images_to_show = 6;Styles & Templates -> Style Manager -> [Your Style] -> Edit Templates -> image_verification In that template find: Code:
Code:
<a href='register.php?clicked=1'><img src='images/verification/show.php?1' border='0' alt='VB RegSecure' /></a>Hope this helps, Jason |
Thanks, I just changed mine to 6.
Occasionally I get a red X on one or two of the images. Any idea why? Thanks again! |
If your using the images that came with package it may just be a case of it hasn't loaded in time, which I doubt, the only other possibility is that the image isn't there - the script is dynamic and uses all the images.
Another to check for is that Thumbs.db has a capital T - lower case would be parsed into thinking it's an image, if you get chance right click and find out the file name. Cheers Jase |
great hack, it is reduced spam on my board to almost zero!
how do you know it was a "bot" and not a real person trying to register and spam? |
Quote:
It does happen frequently... you can look at it and see if it happens with you any: http://www.hometheatershack.com/forums/register.php Thanks! Sonnie |
Hmmm that is damn strange - when the pages loads I usually get all six, then a refresh usually shows four, another refresh shows just two then a final refresh shows a 403 error! There is something very unusual going on there - I'm asking some people I know to see if we can figure out what it might be, but to me it looks like a server issue - but if I find anything out I will let you know.
I would suggest trying 4 images again and see what happens - if that works then it might be worth sticking with that. Cheers Jason |
Actually I was getting 1 missing image all along with it set to 4.
|
Hmmm - very strange, will see what I can find out, it's very unusual.
Do you find any other images don't load on your forum? |
I don't see how increasing it to 6 images over 4 would help anything.
|
If they reprogram a bot to randomly hit each one, they have a 1 in 4 chance of getting it correct - bearing in mind that each time the actually answer changes position, the odds go up - with 6 images, the odds go up again - I understand it's a system that can be breached with retries, but increasing the number of images does make it slightly harder. I'm working on making this from Flash format, which I hope bots just can't interpret in any way, shape or form.
|
I'm tired of removing postings from Russian bots trying to sell everything from porn to cheap mortgages. (Who in their right mind would try to obtain a mortgage via a Russian spammer?)
This idea looks great. I just tried to register on this forum and kept getting the CAPTCHA verification wrong. It's amazing that a human can't figure out the letters and numbers, but the Russian bots seem to have no problem with them. Fingers crossed that this works! |
yay it workz on vB 3.6.5 :D
|
Installed with 6 image verification. Looks great! Thanks, Jason. ;)
I am hopeful this will stop those pesky little Japanese bots from comin' 'round here no more!!! :p (The image that is a 'football' is actually a 'soccer' ball here in the States, but effective, nonetheless. ) |
1 Attachment(s)
Quote:
|
Quote:
|
It has been so refreshing to not have to eliminate these bot signups from Japan every day. What a godsend this hack is for admins all over. Great job, Jason! Thanks again. Not one has registered once since I installed with the 6-image verification. Simply awesome! :D
|
I am running 3.6.5 and tried to install hack and I get this error when I click register.
Can you help? Warning: dir(images/verification/) [function.dir]: failed to open dir: No such file or directory in /register.php(202) : eval()'d code on line 6 Fatal error: Call to a member function on a non-object in /home/xxxxx/public_html/forums/register.php(202) : eval()'d code on line 7 |
The problems lies with the fact your forum directory is in a subforum from the root - check this post
to see how to change it. Let me know if this works. Jase |
Quote:
Regards |
PM me your forum details and I will take a look.
Jason |
are there any plans to make this compatible with imageMagic?
thanks |
It's something I will need to look into as GD is the most common so that was catered for - but I will find out what is involved in ImageMagik creation - it is quite surprising that GD isn't available to some people.
|
a very nice piece of hack..
installed.. but 1 thing... sometimes it does not display the right image for the question asked...refreshing the page once (or twice) does the trick.. but will new members do this? |
Installed and so far, it works. THANKS!
|
I am getting the same Red X issue as alot of people and tried to figure out my problem. All the pathways were right, the shop.php was fine, GD is installed and working, and then i noticed it. JPEG support in GD.
Is there anyway to use PNG or GIF support for this instead of jpeg, it would seem that im an idiot and didnt compile jpeg support into GD. I will eventually recompile, but i would like to use this in the mean time. |
Installed on one forum with no problems. Installed a friends forums and when clicks registerd all I get is a white page...
|
Any chance on getting this working with 3.6.6?
|
Quote:
|
Quote:
|
Quote:
|
Unfortunately, if this hack comes into common use then spambots will just defeat it by repeatedly trying to register and picking random images. Use 8 images and on average they'll succeed in about 4 tries. Captcha is immune to a simple "brute force" attack because there are too many combinations of words and letters that it can generate.
Right now this hack works because of security through obscurity - no spambots have been coded to deal with it. |
i dont get any images showing just the words vbsecurereg or somethig any idea?
|
Reloaded everything and it is working now.
One problem I have is that the Name of the image it is asking for is not one of the 4 images. I expanded it to 6 images and still no go. I expanded it to 12 and most of the time the image is there. But not all the time. Anyone ever see that before? Also the Red X images are there. I think it is any non-image file in that directory which is causing this. one time I was asked for the picture of index. Which since I have index.html instead of .htaccess that makes sense. |
My forum is based on Hebrew and not on English. I've seen in your code that the $question variable, is the one that stores the image to click and he gets its value by substr - by the image name. My question is, if i translate all the names of the images to hebrew, will it work?
EDIT: I installed your hack, and it didn't work when i translated the titles of the pictures. The result is that it displayed the 4 pictures, however it didn't say which picture to click as if the $question variable is empty. |
you think i can fix it with two arrays: one in Engish and one in Hebrew, and work with preg_replace($english_array,$hebrew_array,$questio n); ?
|
Quote:
If you have any other files than .htaccess, thumbs.db/Thumbs.db then they will show up, as those files are excluded - it is possible to exclude index.html by adding this in the show.php file: PHP Code:
PHP Code:
PHP Code:
HTH Jason |
Quote:
Cheers Jason |
is there a way to add this to sendmessage.php?
|
I'm on VB 3.6.7
I have installed this hack, but i want to register, i have this message : PHP Code:
Any body can help me ? |
| All times are GMT. The time now is 12:47 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|