Not Solved I need anti spam question, how do I add it?
#11
Not Solved
CAPTCHA is merely an automated test used to determine if the user is human or a computer program. Both the image CAPTCHA (or even reCAPTCHA) and the Registration Questions are forms of CAPTCHA.

A CAPTCHA should be easy for a human to pass while being non-trivial for a computer program to pose as a human. A good CAPTCHA should not discriminate against humans with disabilities.
Reply
#12
Not Solved
(2011-08-07, 08:02 PM)ranjani Wrote: try this plugin : registration security question

This plugin works good, stopped 99% of spam. BUT very rarely some register on my forum without answering to security question.
For instance in admin panel I see that 15 users passed security questions up to date (and = 15 new members on my forum, all of them genuine) and then suddenly I get 16th member who is spammer and when I look at plugin stats it still says only 15 passed security question.
So somehow spammers register on my forum without filling security question form. How come?
Looking for good reliable hosting? Check out www.greatsitehosting.com and choose from the best
Reply
#13
Not Solved
(2011-08-22, 02:07 PM)mybbfan Wrote:
(2011-08-07, 08:02 PM)ranjani Wrote: try this plugin : registration security question

This plugin works good, stopped 99% of spam. BUT very rarely some register on my forum without answering to security question.
For instance in admin panel I see that 15 users passed security questions up to date (and = 15 new members on my forum, all of them genuine) and then suddenly I get 16th member who is spammer and when I look at plugin stats it still says only 15 passed security question.
So somehow spammers register on my forum without filling security question form. How come?

There is a small bug in the stats function of the plugin and it is possible that the spammer had the conditions just right and he wasn't counted. That doesn't mean he bypassed the system, he just wasn't counted.
I'm still working on a proper way to handle this and will fix it in the next release.
Reply
#14
Not Solved
(2011-08-23, 07:30 AM)- G33K - Wrote:
(2011-08-22, 02:07 PM)mybbfan Wrote:
(2011-08-07, 08:02 PM)ranjani Wrote: try this plugin : registration security question

This plugin works good, stopped 99% of spam. BUT very rarely some register on my forum without answering to security question.
For instance in admin panel I see that 15 users passed security questions up to date (and = 15 new members on my forum, all of them genuine) and then suddenly I get 16th member who is spammer and when I look at plugin stats it still says only 15 passed security question.
So somehow spammers register on my forum without filling security question form. How come?

There is a small bug in the stats function of the plugin and it is possible that the spammer had the conditions just right and he wasn't counted. That doesn't mean he bypassed the system, he just wasn't counted.
I'm still working on a proper way to handle this and will fix it in the next release.

Since I started using this plugin there were 23 genuine members registered and 2 spammers. And ALL of those 23 were counted by plugin stats but ALL 2 spammers were not counted. So that would be hell of coincidence. If you know statistics and probabilities way less than 1% chance of that being true...
Plus my security questions are set up in a language no spammer understand plus set up in a "smart" way that not even human being who does not speak that language could "decrypt it" (using google translate or whatever).. let alone bots decrypting...

So combining those 2 facts I am 99.999999% sure that these two spammers did not get security answers right and bypassed in some other way.
I heard that some security boxes are not shown if javascript is enabled or something like that, so maybe somehow it happened that for some users that security question was not available and forum system let them register without it?
Looking for good reliable hosting? Check out www.greatsitehosting.com and choose from the best
Reply
#15
Not Solved
^ do you have security questions alone OR default captcha system is also used ..
if java script is disabled then captcha system should give error after submitting form ..
Reply
#16
Not Solved
(2011-08-23, 01:08 PM)ranjani Wrote: ^ do you have security questions alone OR default captcha system is also used ..
if java script is disabled then captcha system should give error after submitting form ..

For now I have both - "regular" captcha and this security question one
Looking for good reliable hosting? Check out www.greatsitehosting.com and choose from the best
Reply
#17
Not Solved
(2011-08-23, 12:48 PM)mybbfan Wrote:
(2011-08-23, 07:30 AM)- G33K - Wrote:
(2011-08-22, 02:07 PM)mybbfan Wrote:
(2011-08-07, 08:02 PM)ranjani Wrote: try this plugin : registration security question

This plugin works good, stopped 99% of spam. BUT very rarely some register on my forum without answering to security question.
For instance in admin panel I see that 15 users passed security questions up to date (and = 15 new members on my forum, all of them genuine) and then suddenly I get 16th member who is spammer and when I look at plugin stats it still says only 15 passed security question.
So somehow spammers register on my forum without filling security question form. How come?

There is a small bug in the stats function of the plugin and it is possible that the spammer had the conditions just right and he wasn't counted. That doesn't mean he bypassed the system, he just wasn't counted.
I'm still working on a proper way to handle this and will fix it in the next release.

Since I started using this plugin there were 23 genuine members registered and 2 spammers. And ALL of those 23 were counted by plugin stats but ALL 2 spammers were not counted. So that would be hell of coincidence. If you know statistics and probabilities way less than 1% chance of that being true...


So combining those 2 facts I am 99.999999% sure that these two spammers did not get security answers right and bypassed in some other way.

All I am saying is that you not trust the stats to determine whether or not the spammer answered the question or not. Like I said before there is a bug in the stats system but that does not mean that the spammer 'bypassed' the system.

If you want to reproduce the bug then do this: Disable javascript on your browser, open the registration page and register, you will end up registering but the system will not count this due to the bug. However, that does not mean that you will bypass the system as you can test yourself answering the question wrong will still error out and not let you register.

(2011-08-23, 12:48 PM)mybbfan Wrote: Plus my security questions are set up in a language no spammer understand plus set up in a "smart" way that not even human being who does not speak that language could "decrypt it" (using google translate or whatever).. let alone bots decrypting...

You are underestimating the spammers. If a human user can understand the question and give an answer, then a human spammer can do so too.

(2011-08-23, 12:48 PM)mybbfan Wrote: I heard that some security boxes are not shown if javascript is enabled or something like that, so maybe somehow it happened that for some users that security question was not available and forum system let them register without it?

You heard wrong. If the box is not shown, the user will not be able to register, you can try this yourself by removing the question block from the templates, trying to register this way will error out and not let you register
Reply
#18
Not Solved
a) Mate. Once again - the plugin counted ALL 23 real users and counted ZERO of the 2 spammers. Do you know whats the chance of coincidence there? Its is waaaaaaaaaaaaay less than 1 % chance.

b) Second: No I do not underestimate human spammers. I am saying that my questions are set up in that way that not even SMART HUMAN BEING HAVING 30 MINUTES OF TIME COULD SOLVE IT. Unless he is from that single country (and those two spammers were not). And EVEN if by some miracle they got the answers correct - why EXACTLY THOSE 2 were not counted? Micro chance for that big of coincidence.

But again even without the B part, only A part is no coincidence. If you do not believe that, simple task for you:

Take 25 balls. 23 green and 2 red. Have another person with you. You take one ball and ask him to guess what color it is. And make it 25 times with all the balls. what is the chance that other person will guess all balls correct? That is the chance of coincidence we are talking about... I seriously doubt it was coincidence as I said - its way less than 1% chance.. (Just a quick observation that 2 out of 25 is 8% chance meaning getting both right would be about 0.64% chance - not excatly as after you pick one you have different numbers of balls, but BALLPARK is 0.64% chance)

So you are still saying that sometimes plugin does not count users and you are relying on those 0.64% that it was coincidence and nothing to do with the fact that exactly those 2 were spammers.
And I am relying on 99.36% that it has to do with the fact that those 2 were spammers. I simply do not believe that coincidence which has +- 0.64% chance here

Sorry for my bad English
Looking for good reliable hosting? Check out www.greatsitehosting.com and choose from the best
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)