Go Back   vb.org Archive > vBulletin Modifications > vBulletin 3.8 Modifications > vBulletin 3.8 Add-ons

Reply
 
Thread Tools
Enhanced Captcha Image Verification - stop bots from signing up!! Details »»
Enhanced Captcha Image Verification - stop bots from signing up!!
Version: 1.11, by steadicamop steadicamop is offline
Developer Last Online: Dec 2014 Show Printable Version Email this Page

Category: Miscellaneous Hacks - Version: 3.6.8 Rating:
Released: 11-25-2006 Last Update: 11-26-2006 Installs: 874
Uses Plugins Template Edits
Additional Files  
No support by the author.

Title : Enhanced Captcha Image Verification

Version : 1.1

Coder : Andy Calderbank & Jason Williams

Purpose
: Add extra Image Verification to the registration process, using an alternative system to the Captcha system.

Why : It would appear that spammers can now "read" the Captcha codes and overcome the verification process.

How : This extra feature uses images which are harder for a spam program/bot to interpret than text characters. The user has a choice of 4 randomly displayed images, and the answer is given below. The user must click on that image to proceed, if the incorrect image is selected an error message is shown. The images are randomly shown (from however many are in the directory - you can have as many as you want, just has to be more that 4!) and are automatically created from the images/verification/ directory - all on the fly. Sample images are included with this release, but you can use your own - I recommend using 100 x 100 pixels, in .jpg format and naming the image with a meaningful title (ie A House.jpg) - the extension is stripped so only the filename itself is shown.

To further enhance security, the images are passed through a script which means that none of the images on the screen have file names - and cannot be associated to the question by title alone.

I have been testing this on my forum and have found it to be effective - I cannot guarantee that this will stop all spamming, but this relies more on human input than a computer "reading" the image.

Important : This has been tested on 3.6.2 - I cannot guarantee it will work on anything above, please test with caution - and as always BACKUP FIRST! This will not work on anything below 3.6.0.

Demo : http://www.steadiforum.com/register.php

I hope this is help to the VBulletin community as I know this is a growing problem. I don't fancy the thought of trawling through hundreds of new members deleting stupid usernames and spam posts.

Installation :
  1. Upload the verification/ directory to your images/ folder - make sure .htaccess and show.php are present - otherwise it won't work.
  2. Import Product - product-image_verification.xml

Upgrading :
  1. Upload show.php to the images/verification/ directory.
  2. Import Product - product-image_verification.xml - select Allow Overwrite to enable upgrade.

Requirements : GD Libraries installed

File uploads : 39 (including images)
Files to Import : 1
New Templates : 1
New Phrases : 5
Uses Hooks : 1
New Queries : 0

History :
v1.0 - Original release
v1.01 - Slight code change for forums in sub-directories (thanks go to Barakat for solving this one)
v1.1 - Issue resolved with Windows servers also template clean up for xhtml compliance
v1.11 - Added version check function, minor upgrade.

Done - if you like please click install! (and I won't ask for any donations as long as you click Nominate for MOTM!)

Don't forget you don't have to use the provided images - you can customise these to any you wish - I've used ones that are hopefully universal and everyone will recognise.

Download Now

File Type: zip Enhanced Captcha Image Verification.zip (116.4 KB, 5787 views)

Screenshots

File Type: jpg imageverification1.jpg (36.6 KB, 0 views)
File Type: jpg imageverification2.jpg (24.5 KB, 0 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #92  
Old 12-14-2006, 10:10 PM
vbreal vbreal is offline
 
Join Date: Dec 2005
Posts: 441
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

i like
Reply With Quote
  #93  
Old 12-15-2006, 12:23 AM
yesfans yesfans is offline
 
Join Date: Feb 2002
Location: In your head!
Posts: 262
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

INSTALLED, works fine on 3.6.0
Reply With Quote
  #94  
Old 12-15-2006, 12:51 PM
Bluetiereign's Avatar
Bluetiereign Bluetiereign is offline
 
Join Date: Jan 2005
Posts: 30
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

How about instead of chosing just one image - you had to chose 2 or 3 of them correctly in the random order they were presented ?

I gave up and have resorted to just approving members manually. The people programming these bots are using some very recognizable footprints when registering (and leaving some board specific questions unanswered ) - so they stand out like a sore thumb when registering. They have now resorted to spamming our 'contact us' link.
Reply With Quote
  #95  
Old 12-15-2006, 02:48 PM
joeysdad joeysdad is offline
 
Join Date: Dec 2006
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Just add all bots not on this to the .htaccess file, this will keep them out. Make sure you place it in your root dir.

Quote:
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^CherryPicker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Extreme\ Picture\ Finder [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^JoBo [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^MSIECrawler [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^ninja [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteCopy [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSucker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^teleport [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebBandit [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Webdup [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSnake [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebMiner [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^x-Tractor [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^mister\ pix [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^PICgrabber [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^psbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Mozilla/2.0\ \(compatible;\ NEWT\ ActiveX;\ Win32\) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCollector [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebPix [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailCollector [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailMagnet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailReaper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^NICErsPRO [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebEMailExtractor [NC,OR]
RewriteCond %{REMOTE_ADDR} ^63.148.99.2(2[4-9]|[3-4][0-9]|5[0-5])$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^NPBot [NC,OR]
RewriteCond %{REMOTE_ADDR} ^12.148.196.(12[8-9]|1[3-9][0-9]|2[0-4][0-9]|25[0-5])$ [NC,OR]
RewriteCond %{REMOTE_ADDR} ^12.148.209.(19[2-9]|2[0-4][0-9]|25[0-5])$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^TurnitinBot [NC,OR]
RewriteCond %{REMOTE_ADDR} ^64.140.49.6([6-9])$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^ClariaBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Diamond [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^[a-z]+$ [NC]
RewriteRule ^.* - [F,L]
Reply With Quote
  #96  
Old 12-21-2006, 05:17 AM
Keyser S?ze's Avatar
Keyser S?ze Keyser S?ze is offline
 
Join Date: Apr 2002
Location: USA
Posts: 690
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

im not new to hacks, i wish this had an install.txt but i think ive done everything right, i have GD libraries installed and i set the right permissions on the files, yet still images dont show they are just dead Xs

im also using the hack that u have to have a minimum of posts on certain words or it is set to moderation, that hack has seem to stopped bots
Reply With Quote
  #97  
Old 12-21-2006, 02:50 PM
Silverstangs Silverstangs is offline
 
Join Date: Nov 2003
Location: Roseville Sacramento CA
Posts: 93
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Wow I like this hack I wish there was one for 3.0.0... I guess I'm gonna need to upgrade a few dozen forums...

**I need more $$$ to fund that thou.. maybe one forum at a time..
Reply With Quote
  #98  
Old 12-23-2006, 08:59 AM
crazymeezer crazymeezer is offline
 
Join Date: Jan 2005
Location: Sydney, Australia
Posts: 15
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This is wonderful, has stopped all spam sign ups dead. Thanks so much!
Reply With Quote
  #99  
Old 01-04-2007, 01:42 PM
CrashfAB CrashfAB is offline
 
Join Date: Mar 2006
Posts: 111
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Will have to give this a try...
Reply With Quote
  #100  
Old 01-05-2007, 04:42 AM
grizwald grizwald is offline
 
Join Date: Jan 2006
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

thanks for this, it is working great on my website:

http://moi-alizee.us/forums/register.php
Reply With Quote
  #101  
Old 01-06-2007, 01:35 PM
masterme's Avatar
masterme masterme is offline
 
Join Date: Jan 2007
Location: Holland
Posts: 72
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Nice one, specialy because my visitors are not able to see the letters/numbers in the standard way.
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:15 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04832 seconds
  • Memory Usage 2,337KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (3)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete