Rightho ... version 2 is out now - get it here - https://vborg.vbsupport.ru/showthread.php?t=181818

Updated with AdminCP options and new images, should work better, but at beta status as there are a few changes which need fully checking.

Jason

P.P.S. Sorry STEADICAMOP I did not notice your above message: this is an obsolete thread! New version:
Enhanced Image Captcha 2.2b

I came here following a reference by Indie2Industry in the Vbulletin.com thread: Spam bots defeat Recaptcha.

I like this hack!

• So simple, no messing with IP databases, etc.
• I believe much new spam is from 'spamborgs' not bots: humans who do not speak English, acting like trained monkeys. People who speak English generally command a higher salary and their time is too costly for this petty spam. That is why I believe this program will be effective.
• Allows each forum to use different images, thus more difficult to program a robot or train a human to answer correctly at numerous forums.
• Much better for the legitimate visitor than ramping up the obscurity of character recognition.

I am not ready to use this hack yet (my forum just started) but voted anyway as MOTM. I am posting this reply to add a few tips and suggestions, based on my testing today at Steadiforum.com (3.6.2) and TheBlueRoomForum.org (3.7.1).

• Test the 'back' button after clicking the wrong image with Firefox (20% traffic) as well as Explorer (about 80%). Test both the back button on the browser and clicking the word 'back' on the error page. (Some bugs here. Maybe the hack needs automatically to 'refresh'.)
• With Explorer 7 and high speed cable, some of the images at Steadiforum.com did not readily download to my browser. I suggest that all the images files be kept strictly below 4k.
• There are some people from every country who speak English well enough to be good forum members. But may not know Homer Simpson. I suggest keeping the labels generic such as "bald man".
• I don't know if blind people using 'aural readers' can navitate Vbulletin. But if so, they should be directed to a contact form for sign-up.
• I suggest that maybe the directional words such as 'bald man' also be converted to an image? That way, illiterates can not compensate by using translation software. Also 3 directional variations for each image. Example: bald man, hairless person, cartoon man.

P.S. I think this program works well partly because it is not commonly used. This program seems to be especially effective against the current wave of semi-human robots who have trouble reading English.

However, if more widely used, then perhaps added complications may be needed. The choices are limited to about 15, and we must allow 3 tries to be human-friendly. Thus, robots can get through 1/5 the time by guessing. When guessing wrong, they cycle through all other forums, returning the next day until they finally will get through. Maybe this could be overcome by shutting down any IP which sends a guesser three times in three days.

Another option would be to create 2-3 multiple-choice options instead of just one. I.e., the verification page might consist of 2 or 3 challenges to choose the correct image from a row of 7-10 images. The visitor could be asked to check a box beside the correct image, 2-3 times. Still simple for humans, and only requiring a download of 14-21 images, but offering 49-343 possible answers.

P.P.S. Sorry STEADICAMOP I did not notice your above message: this is an obsolete thread! New version:
Enhanced Image Captcha 2.2b

How do i translate this in French ?
I was looking for a language file.
But there is nothing.
Do i need to go to the Admin CP to translate it ?
If yes, how and what variables to translate ?

Thanks in advance.

Moved to 3.8 section.

installed, nice

I thought the one in the post above was a never version? Maybe that is the one that needs to be moved? I have installed the one in the link on 3.8 and its working great!

3.8.0 final and works just perfect.

Thanks

Installed

can this support different languages?

i want use this hack but with diffrent language
when i change name of picture to another language then hack wont work and wont show correct name

thanks works perfect!
installed

Are you suggesting that we use just this mod to deter bots signing up?

Or is it to be used in conjunction with Captcha?

I ask because I enabled this mod and disabled Captcha. I got a load of dubious usernames signing up :confused:

Thanks

VJ

I really hope this will help reduce the amount of useless sign ups. Thanks!

It isn't being useful to the work

Coincidence?

Installed and working well, Thanks

VERY VERY NICE! Thank You!

Used in conjunction with reCAPTCHA, this has made a huge difference to duff sign ups.
Many thanks :)

Many of the registration comes from email = blogxxpagesxxonline (remove xx) so I can't tell if it's actually preventing them from signing up. I know the plugin is installed correctly as I tried to register and guess incorrect and correct image.

i'ma going to give this a try, my forums keep getting spammed by waold or warcraft advertising bots for WOW gold, yet my site is about Flyff oddly enough...so this will be a life saver if it works.

thank you very much for sharing.

Very nice add on thank you

I've tested this for several months, didn't help one bit in preventing spammers from signing up on the forum. Might as well not have any spam verification

yep the yare getting by this with ease now

I use this in conjunction with CAPTCHA. I get maybe one or two registrations per week now. Obviously, they're having to manually sign up.

Just a question - what happens if the spammers use CURL or file_get_contents on every single image in order to get through to the registration form?

How can you stop someone using some of the proxy website to by pass the image verification?
Example:
proxify.com
hidemyass.com

is this mod no longer supported?

You can prevent known proxies from signing up by listing them in the banned list in vBulletin or by listing them in .htaccess (my preferred method). This will pretty much stop the majority of proxy signups, but not all.

where can I find a list of known proxies?

Google is your friend... Use the search term "list of known proxies". ;)

Sooo.. How do I add my own images and questions? I don't see any options for it.

Mod of the Month!! :D

Installed hack... Thx

Just add you own images, as far as I can remember, the stock ones are avatars, mainly as they're all the same size. You will need to make sure the file name reflects what the image actually shows (ie A Tree.jpg - this will result in the image being called A Tree). The script dynamically picks up any images in the directory and doesn't require any options to be enabled.

Thanks,

Jason

Thanks for bringing this to my attention, I will see if I can create an extra option to prevent proxies reading the images

Actually, the way they're getting through is by specifying the POST variables for the user agreement, and the registration form pops-up, bypassing the CAPTCHA completely. As the bots access that page, this is absolutely useless unless you check for the session variables once they've clicked the register button.

Is there any way for me to do this? They get passed this and one I have installed that asks a question.

Everything that you toss up in front of the registration process won't prevent a human spammer from registering.

This is in the 3.8 forum so can I assume it works with 3.8 eventhough is says 3.6 in the intro?

Using it on 3.8.2. :)