Hi,
Is it just me or just recently there have been some bogus members joining only to advertise their websites (SPAM). I've done a search on google and they seem to be joining all the simplemachines forums.
Is this the norm.
jamzapper
May happen depending on your SMF version and what settings that you have on user registration.
Highly suggest the latest SMF version with CAPTCHA enabled on registration.
Hi,
I'm currently using version 1.1.4 and when registering people still have to enter a code (CAPTCHA) if I understand you correctly. So someone must be visiting all the simplemachines forums and doing it manually, maybe via a google search??
If this carries on, I might activate member approval registration. Not ideal.
jamzapper
What level of CAPTCHA are you using on your forum? Admin -> Registration -> Settings
There is no option called CAPTCHA when I chose those options. My current theme is for version 1.1.3 of Simplemachines. If this is the problem?
jamzapper
Sorry meant the following setting "Complexity of visual verification image"
Also I do suggest to always have the latest version of SMF. I belive inside the package manager there is an option to upgrade to SMF 1.1.4
Hi the current setting is 'Medium - Overlapping colored letters, with noise' and my version of SMF is 1.1.4, only the theme is 1.1.3 complient. I forgot to add it is a custom theme I have designed myself when running 1.1.3.
jamzapper
I suppose the general question is if those members have managed to post or are only joining? Often, big-time spammers will have real humans solve the captcha images for them (you'd be surprised the various methods they use). I've seen signups from obvious spam accounts, but never an activation (I require e-mail activation on the boards I run).
Any theme for 1.1.3 should work fine with 1.1.4 as no theme items were changed on that update.
And FYI - at least one jerk has automated the breaking of medium strength captcha - takes him about .4 seconds between the request for the img and his submission of the (correct) answer. It might be the same guy that hit you - he registered, but never completed the "click-thru" email.
So, use high strength. Or, stick with medium and combine it with the "Are you human" mod, which is (for now) offering quite a few people some strong results.
If you're somewhat accustomed to PHP, you might also tweak the captcha generation - make the chars have random spacing and offset, more rotation, and make the number of chars random from 5 to 7.
Lainaus käyttäjältä: Smurfbutcher Bob - tammikuu 08, 2008, 09:35:47 IP
And FYI - at least one jerk has automated the breaking of medium strength captcha - takes him about .4 seconds between the request for the img and his submission of the (correct) answer. It might be the same guy that hit you - he registered, but never completed the "click-thru" email.
So, use high strength. Or, stick with medium and combine it with the "Are you human" mod, which is (for now) offering quite a few people some strong results.
If you're somewhat accustomed to PHP, you might also tweak the captcha generation - make the chars have random spacing and offset, more rotation, and make the number of chars random from 5 to 7.
I'm not sure how you timed it, but you could always put in a check - if less than 10 seconds since request for image before submission of answer. discard the response, since it wasnt likely made by a human?