(2011-07-27, 12:36 PM)spinning Wrote: [ -> ]Sorry for my question here, but with about 75 spam users a day that sign in I hard need it.
Is there a version from this plugin, or a kind of, for mybb 1.4?
Please?
Check this thread, it might be of help:
http://community.mybb.com/thread-83898.html
(2011-07-27, 01:34 PM)Jayfore Wrote: [ -> ]THANKS G33K! I tested it out and everything looks good. Put it in place on my site... Sure hope this helps! I have 11 new spam registrations, just since I posted last night!
A suggestion for your next revision would be to add a feature that shows you which question each user answered when they registered... Or maybe just a number next to each one, showing how many times it was successfully used. This might help identify questions that need to be improved?
What would be the use/benefit of tracking which question a user answered when registering?
As for the second question, I have added tracking of how many times a question was answered correctly/incorrectly. If you look in your admincp>>configuration>>security questions you'll see a column for stats with a gray bar if question has not been answered yet or a split red/green bar showing the percentage of correct/incorrect answers. You can mouse over the bars to get the exact percentage and number of correct/incorrect tries.
(2011-07-27, 05:14 PM)frostschutz Wrote: [ -> ]Zank you for ze update
You're velkom. Zank you for posting ze patch
(2011-07-27, 05:44 PM)- G33K - Wrote: [ -> ]What would be the use/benefit of tracking which question a user answered when registering?
As for the second question, I have added tracking of how many times a question was answered correctly/incorrectly. If you look in your admincp>>configuration>>security questions you'll see a column for stats with a gray bar if question has not been answered yet or a split red/green bar showing the percentage of correct/incorrect answers. You can mouse over the bars to get the exact percentage and number of correct/incorrect tries.
Well, someone said that a hacker can find a question they can answer, and then program their spambot to register with that answer. Seeing which ones each user answered might be helpful, when looking at spam accounts, before deleting them. If all the spam accounts are answering the same question to register, then we can go change/update that question.
The stats part will be very useful, but just not as much for this particular thing I mention.
(2011-07-27, 06:03 PM)Jayfore Wrote: [ -> ] (2011-07-27, 05:44 PM)- G33K - Wrote: [ -> ]What would be the use/benefit of tracking which question a user answered when registering?
As for the second question, I have added tracking of how many times a question was answered correctly/incorrectly. If you look in your admincp>>configuration>>security questions you'll see a column for stats with a gray bar if question has not been answered yet or a split red/green bar showing the percentage of correct/incorrect answers. You can mouse over the bars to get the exact percentage and number of correct/incorrect tries.
Well, someone said that a hacker can find a question they can answer, and then program their spambot to register with that answer. Seeing which ones each user answered might be helpful, when looking at spam accounts, before deleting them. If all the spam accounts are answering the same question to register, then we can go change/update that question.
The stats part will be very useful, but just not as much for this particular thing I mention.
Thats a very interesting take. I will try and include this in the next release.
EDIT: To all: I have been toying with an idea to ban a user for xx minutes if they either refresh or change the question yy times. A regular user should be able to answer the question in a few tries, a bot would need to keep refreshing the page in order to get the right question/answer. Do you guys think this would be something that would be desirable?
(2011-07-27, 06:14 PM)- G33K - Wrote: [ -> ]Thats a very interesting take. I will try and include this in the next release.
Thank you for the consideration, and all your work! So far, no more spam registrations for me, since installing the plugin. Hopefully, instead of trying to circumvent that, these a**holes just leave my site alone now, and move onto the next one. Not holding my breath.
Thank you G33K, I changed the settings and now I hope it works.
Can I also see the stats of correct or fault answers with the changings I make??
(2011-07-27, 06:14 PM)- G33K - Wrote: [ -> ]EDIT: To all: I have been toying with an idea to ban a user for xx minutes if they either refresh or change the question yy times. A regular user should be able to answer the question in a few tries, a bot would need to keep refreshing the page in order to get the right question/answer. Do you guys think this would be something that would be desirable?
Excellent Idea with a timelimit for answering or banning when they add the wrong answer, people can find the answer with google.
I hope you will still make it working for 1.4.
(2011-07-27, 06:14 PM)- G33K - Wrote: [ -> ] (2011-07-27, 06:03 PM)Jayfore Wrote: [ -> ] (2011-07-27, 05:44 PM)- G33K - Wrote: [ -> ]What would be the use/benefit of tracking which question a user answered when registering?
As for the second question, I have added tracking of how many times a question was answered correctly/incorrectly. If you look in your admincp>>configuration>>security questions you'll see a column for stats with a gray bar if question has not been answered yet or a split red/green bar showing the percentage of correct/incorrect answers. You can mouse over the bars to get the exact percentage and number of correct/incorrect tries.
Well, someone said that a hacker can find a question they can answer, and then program their spambot to register with that answer. Seeing which ones each user answered might be helpful, when looking at spam accounts, before deleting them. If all the spam accounts are answering the same question to register, then we can go change/update that question.
The stats part will be very useful, but just not as much for this particular thing I mention.
Thats a very interesting take. I will try and include this in the next release.
EDIT: To all: I have been toying with an idea to ban a user for xx minutes if they either refresh or change the question yy times. A regular user should be able to answer the question in a few tries, a bot would need to keep refreshing the page in order to get the right question/answer. Do you guys think this would be something that would be desirable?
I vote YES on both points. And this plugin seems to be working fine on 1.6.4.
Amazing plugin really, it stops a lot of bots !
Requesting an additional feature that can be enable the questions in posting threads also?
Thanks !
Thank you for this plugin.
(2011-07-27, 06:14 PM)- G33K - Wrote: [ -> ]EDIT: To all: I have been toying with an idea to ban a user for xx minutes if they either refresh or change the question yy times. A regular user should be able to answer the question in a few tries, a bot would need to keep refreshing the page in order to get the right question/answer. Do you guys think this would be something that would be desirable?
I vote YES for that and here are some ideas:
Ban user from registering (IP address based I guess?) for xx minutes if:
they refresh reg. page/change question(i.e. ask for a question) yy times, OR:
they answer incorrectly zz times
if xx = 0 the setting is considered to be OFF
the "refresh/change question" and "incorrect attempts" counter should be reseted on successful registration, to allow multiple users registering on the same machine (e.g. public computers).
Also, it would be nice to have an option to reset the question stats, perhaps where the "Edit" and "Delete" links are located in the settings. Thanks.
(2011-07-27, 06:14 PM)- G33K - Wrote: [ -> ]... I have been toying with an idea to ban a user for xx minutes if they either refresh or change the question yy times. A regular user should be able to answer the question in a few tries, a bot would need to keep refreshing the page in order to get the right question/answer. Do you guys think this would be something that would be desirable?
Yes. That would be welcomed definitely.
Maybe as a must not for all of us, but as an option surely.