Miscellaneous Hacks - NoSpam! - an alternative to CAPTCHA images

This hack is for vBulletin 3.6.x. For 3.5.x, please use the one provided in this thread. If you are using 3.7.x, you must use the one in this thread.

This simple hack is meant as a replacement for the default CAPTCHA system in vBulletin. There are two main reasons one might want to do this: firstly, new technology is constantly being developed to crack CAPTCHA images and make spam accounts anyway, and secondly, the more secure the CAPTCHA, the more difficult it is for genuine users to tell what the numbers in the image are. There is also the issue of visually impaired users, and the fact that not all servers are capable of generating CAPTCHA images.

So what does this hack do instead? It asks a question. Any question you want. That's the best part: YOU make up the questions, which means that every forum is unique, which means that it is impossible for spambots to be simply programmed to bypass it at all forums with the hack installed. You can make one or many questions - if you make many, the hack will pick one at random when a guest attempts to register, search, post or send mail through the Contact Us form. Their input is compared with your specified answer, and voil?, if they get it right they're pretty much guaranteed to be human. If they get it wrong, they're given an error message.

It doesn't have to be a complicated question. Heck, you can just make it "Please type 'blah' into this box." Or you can go with inserting a simple image with HTML and ask what is shown on the image. Or you can ask them to tell you two plus two. It's up to you. In fact, this can also be used as a means of forcing people to read the rules by asking for a certain password found there, or if your forum focuses on a specialized subject, ask a question concerning the subject that all your genuine users will be able to answer, but a random troll or "CAPTCHA-sweatshop-reader" will be scratching their head over.

It's simple to install, too: just one product to import, and that's it.


VERSION HISTORY:

3.0: Added functionality to allow users to specify which pages should use NoSpam!.
2.0: Extended the NoSpam! functionality to guest posts, guest searches and guest "Contact Us" in addition to registration.
1.1: Made template edit automatic (with thanks to Cole2026), added ability to have more than one answer to each question, and made answers case insensitive. To upgrade, I recommend undoing the template edit so you won't have to worry about it anymore (replace $nospamfield in the template register with $imagereg, or if you added $nospamfield above $imagereg, just remove $nospamfield altogether), and then reimport the product through the Admin CP (making sure that Allow Overwrite is set to On).
1.0: Initial release.


INSTALLATION:

Please download NoSpam!.zip, not product-nospam.xml, for the tested version. product.nospam.xml is NoSpam! 4.0 adapted blindly to 3.6, i.e. by editing the XML file for the 3.7 version without actually testing it on a 3.6 board. Theoretically it should work, but I cannot guarantee it at this time. If you download NoSpam!.zip and unzip it, it will contain another file called product.nospam.xml, which you should use.

1. Import product-nospam.xml through the Admin CP product manager.
2. Go to your vBulletin options in the Admin CP and select NoSpam! Settings. Once there, turn the system on and input your questions and answers according to the instructions there.

The system should now be functional and running.


UNINSTALLATION:

Just uninstall the product through the Admin CP.


SUPPORT:

Full support will be given here in this thread. All suggestions are welcome.

Thank you and please click "Mark as Installed" if you like it.


If NoSpam! is not working for you or you are looking for something a little different, you might want to check out Advanced Textual Confirmation.

[hcmagix]

Now avaible for german vb users, Thanks antialiasis

Installed

[adwade]

Quote:

Originally Posted by Smoothie

Can this be used in conjunction with CAPTCHA?

YES, you sure can!

I just installed this MOD in Vb 3.6.0 and it's terrific. Works like a charm. If you want your users to get in on the fun, just post a message asking THEM for questions to use! ha, ha This is a BLAST! Many Thanxx antialiasis!:laugh:

[Phaedrus]

Watch out for users with Dyslexia... Spelling can be an issue.

[Cole2026]

You can eliminate the template edit (preventing you from editting a template, easier for upgrades.) by putting this code into the register_start hook location:

PHP Code:

$vbulletin->templatecache['register'] = str_replace('$imagereg', '$nospamfield', $vbulletin->templatecache['register']); 


[JulianWolf]

Does anybody know if it works for 3.5 also?

[Zachery]

So they modify their code to cpature this snipet of text and then use a human to enter the form number like they have before. It will only work so well for so long. I do feel its not a bad idea but im sure it won't be too hard for them to figure their way around this one.

[antialiasis]

If they are using a human to enter the answer, it is a problem, yes - but there is not exactly much else that can be done about human CAPTCHA readers, either. Your best bet is, as I mentioned, if you have a forum concerning a special topic and you ask a question relating to the topic which genuine users will be able to answer easily but an average human CAPTCHA reader won't. (Additionally, there is the fact that a lot of spamming companies are based in for example Russia, and while anybody can read a couple of numbers on an image, they would have to know a fair bit of English - or whichever language the forum is in - to be able to both understand and answer such a question.)

Thanks for the bit about avoiding the template edit, Cole2026 - I was thinking it could be handy to do that for this hack, but was too lazy to look up how to do that since I've never done it before.

And yes, it can be used in conjunction with the regular CAPTCHA - then just be sure to add the template edit above instead of replacing.

Dyslexic users should be able to refresh and get another question until they have one they can definitely spell - administrators should accommodate dyslexic users by not making the answers to all the questions overly difficult. I can't do much about that myself. (In any case, users whose dyslexia is so problematic that they have difficulties with fairly simple words are most likely not very common on internet forums that are entirely about reading and typing messages.)

I'm fine-tuning the upgrade with multiple answers and case insensitivity - should be up in just a little while.

EDIT: Version 1.1.

[ChrisTech]

Quote:

Originally Posted by antialiasis

On another forum? Can't have been the same thing, because I just made this up and haven't posted it anywhere else, but I wouldn't be surprised if you found something similar sometime.

It came from vbulletin.com forums which I'd bet many people acted on to stop their forums from being spammed.

If you make this plugin/hack backwards compatible for the diff. versions of VB, many folks will LOVE you for it.

[antialiasis]

It's a similar concept, yes, but at its core a completely different hack - it's based on one plugin and a custom profile field, with only one question and one answer, and not a matter of controlling things through the admin CP at all.

I already think this should more or less work for 3.5 with a couple of minor edits to the product XML to remove the 3.6-only stuff, given that it's fairly simple and not really interacting much with any default vBulletin functions...

[adwade]

Quote:

Originally Posted by antialiasis

And yes, it can be used in conjunction with the regular CAPTCHA - then just be sure to add the template edit above instead of replacing.
EDIT: Version 1.1.

Question for those of us who've already installed your previous version: I kept the CAPTCHA code and placed your's in front of it.(figure one more layer of security is better) So how do I install this updated version?

By that, I mean will it remove the CAPTCHA code from my template? Or reverse the order I have them in? Do I need to UNinstall, revert my templates, then install this new version -or- can I just import the .xml and overwrite?

Sorry so many questions, but I'm quite new (i.e. 3wks) at all this.

Thanxx, AD