Go Back   vb.org Archive > vBulletin Modifications > vBulletin 3.8 Modifications > vBulletin 3.8 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Enhanced Captcha Image Verification - stop bots from signing up!! Details »»
Enhanced Captcha Image Verification - stop bots from signing up!!
Version: 1.11, by steadicamop steadicamop is offline
Developer Last Online: Dec 2014 Show Printable Version Email this Page

Category: Miscellaneous Hacks - Version: 3.6.8 Rating:
Released: 11-25-2006 Last Update: 11-26-2006 Installs: 874
Uses Plugins Template Edits
Additional Files  
No support by the author.

Title : Enhanced Captcha Image Verification

Version : 1.1

Coder : Andy Calderbank & Jason Williams

Purpose
: Add extra Image Verification to the registration process, using an alternative system to the Captcha system.

Why : It would appear that spammers can now "read" the Captcha codes and overcome the verification process.

How : This extra feature uses images which are harder for a spam program/bot to interpret than text characters. The user has a choice of 4 randomly displayed images, and the answer is given below. The user must click on that image to proceed, if the incorrect image is selected an error message is shown. The images are randomly shown (from however many are in the directory - you can have as many as you want, just has to be more that 4!) and are automatically created from the images/verification/ directory - all on the fly. Sample images are included with this release, but you can use your own - I recommend using 100 x 100 pixels, in .jpg format and naming the image with a meaningful title (ie A House.jpg) - the extension is stripped so only the filename itself is shown.

To further enhance security, the images are passed through a script which means that none of the images on the screen have file names - and cannot be associated to the question by title alone.

I have been testing this on my forum and have found it to be effective - I cannot guarantee that this will stop all spamming, but this relies more on human input than a computer "reading" the image.

Important : This has been tested on 3.6.2 - I cannot guarantee it will work on anything above, please test with caution - and as always BACKUP FIRST! This will not work on anything below 3.6.0.

Demo : http://www.steadiforum.com/register.php

I hope this is help to the VBulletin community as I know this is a growing problem. I don't fancy the thought of trawling through hundreds of new members deleting stupid usernames and spam posts.

Installation :
  1. Upload the verification/ directory to your images/ folder - make sure .htaccess and show.php are present - otherwise it won't work.
  2. Import Product - product-image_verification.xml

Upgrading :
  1. Upload show.php to the images/verification/ directory.
  2. Import Product - product-image_verification.xml - select Allow Overwrite to enable upgrade.

Requirements : GD Libraries installed

File uploads : 39 (including images)
Files to Import : 1
New Templates : 1
New Phrases : 5
Uses Hooks : 1
New Queries : 0

History :
v1.0 - Original release
v1.01 - Slight code change for forums in sub-directories (thanks go to Barakat for solving this one)
v1.1 - Issue resolved with Windows servers also template clean up for xhtml compliance
v1.11 - Added version check function, minor upgrade.

Done - if you like please click install! (and I won't ask for any donations as long as you click Nominate for MOTM!)

Don't forget you don't have to use the provided images - you can customise these to any you wish - I've used ones that are hopefully universal and everyone will recognise.

Download Now

File Type: zip Enhanced Captcha Image Verification.zip (116.4 KB, 5787 views)

Screenshots

File Type: jpg imageverification1.jpg (36.6 KB, 0 views)
File Type: jpg imageverification2.jpg (24.5 KB, 0 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #122  
Old 02-03-2007, 07:23 PM
Antivirus's Avatar
Antivirus Antivirus is offline
 
Join Date: Sep 2004
Location: Black Lagoon
Posts: 1,090
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

very nifty idea, great way around the bot problems. If we start haivng an issue with this, will def install.
Reply With Quote
  #123  
Old 02-07-2007, 11:01 AM
steadicamop's Avatar
steadicamop steadicamop is offline
 
Join Date: Jul 2004
Location: Lancashire, UK
Posts: 379
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I had one determined Spam Bot make it through today - it has taken them a long time, so to increase security slightly, I've increased the number of images from 4 to 6 - if anyone else wishes to do this, here's how to:

AdminCP -> Plugins & Products -> Plugin Manager -> Extra user verification - click edit then find this code :

Code:
$amount_of_images_to_show = 4;
Change this to the number of images you want (I went for 6, adds just two extra but makes it that little bit harder for Bots):

Code:
$amount_of_images_to_show = 6;
Click Save then go to:

Styles & Templates -> Style Manager -> [Your Style] -> Edit Templates -> image_verification

In that template find:

Code:
      
<a href='register.php?clicked=1'><img src='images/verification/show.php?1' border='0' alt='VB RegSecure' /></a>
<a href='register.php?clicked=2'><img src='images/verification/show.php?2' border='0' alt='VB RegSecure' /></a>
<a href='register.php?clicked=3'><img src='images/verification/show.php?3' border='0' alt='VB RegSecure' /></a>
<a href='register.php?clicked=4'><img src='images/verification/show.php?4' border='0' alt='VB RegSecure' /></a>
All you have to do is add each line for the extra image you use - for six images this is what it looks like.

Code:
<a href='register.php?clicked=1'><img src='images/verification/show.php?1' border='0' alt='VB RegSecure' /></a>
<a href='register.php?clicked=2'><img src='images/verification/show.php?2' border='0' alt='VB RegSecure' /></a>
<a href='register.php?clicked=3'><img src='images/verification/show.php?3' border='0' alt='VB RegSecure' /></a>
<a href='register.php?clicked=4'><img src='images/verification/show.php?4' border='0' alt='VB RegSecure' /></a>
<a href='register.php?clicked=5'><img src='images/verification/show.php?5 border='0' alt='VB RegSecure' /></a>
<a href='register.php?clicked=6'><img src='images/verification/show.php?6' border='0' alt='VB RegSecure' /></a>
Either use less or more depending on how you prefer it - 6 seems like a decent enough number to make it harder for them to get in.

Hope this helps,

Jason
Reply With Quote
  #124  
Old 02-07-2007, 03:42 PM
ShackMaster ShackMaster is offline
 
Join Date: Apr 2006
Posts: 252
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks, I just changed mine to 6.

Occasionally I get a red X on one or two of the images. Any idea why?

Thanks again!
Reply With Quote
  #125  
Old 02-07-2007, 05:39 PM
steadicamop's Avatar
steadicamop steadicamop is offline
 
Join Date: Jul 2004
Location: Lancashire, UK
Posts: 379
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If your using the images that came with package it may just be a case of it hasn't loaded in time, which I doubt, the only other possibility is that the image isn't there - the script is dynamic and uses all the images.

Another to check for is that Thumbs.db has a capital T - lower case would be parsed into thinking it's an image, if you get chance right click and find out the file name.

Cheers

Jase
Reply With Quote
  #126  
Old 02-07-2007, 07:29 PM
Prince Prince is offline
 
Join Date: Oct 2001
Posts: 333
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

great hack, it is reduced spam on my board to almost zero!

how do you know it was a "bot" and not a real person trying to register and spam?
Reply With Quote
  #127  
Old 02-07-2007, 09:08 PM
ShackMaster ShackMaster is offline
 
Join Date: Apr 2006
Posts: 252
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by steadicamop View Post
If your using the images that came with package it may just be a case of it hasn't loaded in time, which I doubt, the only other possibility is that the image isn't there - the script is dynamic and uses all the images.

Another to check for is that Thumbs.db has a capital T - lower case would be parsed into thinking it's an image, if you get chance right click and find out the file name.
Yes, all images are the ones with the package. All the images are there and I can simply right click the white box/red X and click "Show Picture" and it will show. It's generally the last one or two that don't fully load... show.php?5 and show.php?6.

It does happen frequently... you can look at it and see if it happens with you any:

http://www.hometheatershack.com/forums/register.php

Thanks!
Sonnie
Reply With Quote
  #128  
Old 02-08-2007, 05:07 PM
steadicamop's Avatar
steadicamop steadicamop is offline
 
Join Date: Jul 2004
Location: Lancashire, UK
Posts: 379
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hmmm that is damn strange - when the pages loads I usually get all six, then a refresh usually shows four, another refresh shows just two then a final refresh shows a 403 error! There is something very unusual going on there - I'm asking some people I know to see if we can figure out what it might be, but to me it looks like a server issue - but if I find anything out I will let you know.

I would suggest trying 4 images again and see what happens - if that works then it might be worth sticking with that.

Cheers

Jason
Reply With Quote
  #129  
Old 02-08-2007, 05:17 PM
ShackMaster ShackMaster is offline
 
Join Date: Apr 2006
Posts: 252
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Actually I was getting 1 missing image all along with it set to 4.
Reply With Quote
  #130  
Old 02-08-2007, 05:19 PM
steadicamop's Avatar
steadicamop steadicamop is offline
 
Join Date: Jul 2004
Location: Lancashire, UK
Posts: 379
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Hmmm - very strange, will see what I can find out, it's very unusual.

Do you find any other images don't load on your forum?
Reply With Quote
  #131  
Old 02-08-2007, 09:29 PM
Prince Prince is offline
 
Join Date: Oct 2001
Posts: 333
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I don't see how increasing it to 6 images over 4 would help anything.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:22 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04824 seconds
  • Memory Usage 2,346KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (4)bbcode_code
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (2)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (3)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete