Captcha problem

Started by siavoshkc, September 14, 2017, 06:07:14 AM

Previous topic - Next topic

siavoshkc

Users couldn't register in my forum because of text which was shown in the Captcha was not accepted. Users could still choose to hear it (which is a security bridge of course as speech recognizers could simply find the letters) and what could be heared was different from what was shown.

So I searched a bit and found this:
http://wiki.simplemachines.org/smf/Spam_-_my_forum_is_flooded_with_spam,_what_can_I_do

Somewhere it says "Be aware that the CAPTCHA has been broken for many years and causes real users more of a headache than the spammers.". Is it true still? Can't we fix it?
Persian Translator

Kindred

that statement is not saying that CAPTCHA is "broken" as in "not working" on the forum side...

it means CAPTCHA has been "cracked" as a security measure and is basically worthless.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

siavoshkc

Quote from: Kindred on September 14, 2017, 06:18:18 AM
that statement is not saying that CAPTCHA is "broken" as in "not working" on the forum side...

it means CAPTCHA has been "cracked" as a security measure and is basically worthless.


Aaah. I am relieved.

So I should investigate why captcha isn't working in my forum.  WHICH I JUST DID. It is sowing letters backward which is an RTL issue. captcha should not be RTL. How do you suggest I fix it?

[edit] And how do you suggest I disable the read aloud?
Persian Translator

Looking

You should look for other ways to prevent spammers, the captcha will only serve to frustrate legit users trying to login into your site.

siavoshkc

Quote from: Looking on September 14, 2017, 07:22:36 AM
You should look for other ways to prevent spammers, the captcha will only serve to frustrate legit users trying to login into your site.
I plan to do so but captcha is enough for start. The problem is that my security question is not shown when I disable catcha.

[edit]
BTW only Bad Behavior mod seems to be compatible with v2.0.14 from the listed anti spam mods in wiki page.
Persian Translator

Looking

Have you been modifying your files adding or removing mods?

Shambles

QuoteThe problem is that my security question is not shown when I disable catcha.

Have you set the actual number of questions required, correctly?

siavoshkc

Quote from: Looking on September 14, 2017, 07:51:24 AM
Have you been modifying your files adding or removing mods?
Beside adding Persian Calendar no.

Quote from: Shambles on September 14, 2017, 07:53:29 AM
QuoteThe problem is that my security question is not shown when I disable catcha.

Have you set the actual number of questions required, correctly?

Set to one and is displayed when captcha is enabled.
Persian Translator

Arantor

Are you sure only Bad Behaviour is compatible with 2.0.14? ;D

Kindred

Stop spammer also works just fine


Additionally,  you should have 10-20 questions, and ask 2 during each registration. Otherwise the spammers w ill catalog your single question and answer and get automated again
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

siavoshkc

Quote from: Arantor on September 14, 2017, 07:54:44 AM
Are you sure only Bad Behaviour is compatible with 2.0.14? ;D

Well you are faltering my trust in mod summary pages.
Persian Translator

Kindred

in general, any mod for 2.0.x will work with any other 2.0.x version...

the one exception might be 2.0.14 which introduced support for php7 and https...   some mods may need updates to support those (however, if you don't use php7, you are probably fine with any 2.0.x mod.)
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

siavoshkc

Quote from: Kindred on September 14, 2017, 06:05:00 PM
in general, any mod for 2.0.x will work with any other 2.0.x version...

the one exception might be 2.0.14 which introduced support for php7 and https...   some mods may need updates to support those (however, if you don't use php7, you are probably fine with any 2.0.x mod.)

Well I do use PHP7 and I plan to use https for login.

BTW any idea how to fix captcha RTL problem?
Persian Translator

Illori

i am not aware of that being an issue. so at this time i doubt there is a fix available.

Cerrone

Quote from: Looking on September 14, 2017, 07:22:36 AM
You should look for other ways to prevent spammers

Do you have any good suggestions? I've tried asking basic questions but they crack them too.

Shambles

Quote from: Cerrone

Quote
You should look for other ways to prevent spammers

Do you have any good suggestions? I've tried asking basic questions but they crack them too.

Spam - my forum is flooded with spam, what can I do

siavoshkc

I fixed the captcha problem by reversing the order by which the letters were displayed in the respective php file. Though it is not the systematic solution as I didn't have time or knowledge to investigate the issue.
Persian Translator

Advertisement: