Hi. Sorry that this is my 1st post, but I just signed up and it took 5 attempts. I could only sign up once there was no doubt if I was being presented with a capital "H" or capital "K". The image verification makes these 2 letters indistinguishable - you may wish to remove them from the available characters.

Cheers!

Nicholas

I think this is normal. I myself had this problem dozens of times on other sites where I couldn't distinguish between 1 and l or o and 0...
But there's nothing you can do about it if you don't want to open up all your forms to spam robots... :(

I agree with this. I run a vBulletin site and I am planning to upgrade from 3.5.3 to 3.6.5 to overcome this problem. A much better image verification exists in the 3.6.x train.

I think this is normal. I myself had this problem dozens of times on other sites where I couldn't distinguish between 1 and l or o and 0...
But there's nothing you can do about it if you don't want to open up all your forms to spam robots... :(

What I do not get is how they are still postig spam on this forum?

I know that "captcha" is hacked, but are that many programs allready using this "captcha" hack?

Also.. It looks like most spam is always in the ISPconfig forum... Why is this?

What I do not get is how they are still postig spam on this forum?

I know that "captcha" is hacked, but are that many programs allready using this "captcha" hack?

Also.. It looks like most spam is always in the ISPconfig forum... Why is this?

Its really abit strange that nearly all spam is in the ISPconfig general forum. maybe they scan for the word "General" in the forum name?

Another possibility might be that these spams are from poeple paid for re3gistering to a forum and spamming and not from bots??

What I do not get is how they are still postig spam on this forum?

I know that "captcha" is hacked, but are that many programs allready using this "captcha" hack?

Also.. It looks like most spam is always in the ISPconfig forum... Why is this?

I have the same problem, but the script kiddies can bypass captcha and other "anti-spam" measures...I have installed them all.

After going to a captcha-based image verification system, my spam registrations went from 10-15 a day to 1-3 a day immediately. It works, but it's not perfect.

After going to a captcha-based image verification system, my spam registrations went from 10-15 a day to 1-3 a day immediately. It works, but it's not perfect.Which vBulletin version do you use?

Which vBulletin version do you use?

I run a heaivily modded vB 3.5.3.

I've read that the captcha has become more difficult to crack in vBulletin 3.6. But we're using 3.5.4.

I run a phpbb forum and it gets quite a bit of spam so i made a little filter and searches there profile for dogy websites and intrests becuase most spam bots are stupid enough to put that in there profile, and it has been very effective:)

Can you post how you did that? Might be interesting for users who run a phpbb forum. :)

Sure, nice to give something back here :)

Should i post it here or write it as a how to?

Post it here. :)

I still think you should run your own captcha program... not one provided by vbulletin because the more people use the same system the more interesting it becomes to hack... however if you are the only one using a certain captcha who would bother to hack it?

This post will hopefully stop spammers from signing up on your phpbb forum. Just follow the steps below:

1. First open the file in the phpbb root, /includes/usercp_register.php

2. Find this part in the script:
else if ( $mode == 'register' )
{
if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) )
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Fields_empty'];
}

3. Now add the following exactly below it:


// ---- check not a dogy user ------
// By Alex Illsley 2006
// www.fireproductions.co.uk

function user_dogy_check($word) {
if(stristr(strtolower($_POST['occupation']), $word)) { return "TRUE"; }
if(stristr(strtolower($_POST['interests']), $word)){ return "TRUE"; }
if(stristr(strtolower($_POST['website']), $word)) { return "TRUE"; }

}

if (user_dogy_check("sex")
OR user_dogy_check("anal")
OR user_dogy_check("porn")
OR user_dogy_check("tramadol")
OR user_dogy_check("pharm")
OR user_dogy_check("viagra")
OR user_dogy_check("dating")
OR user_dogy_check("nude"))
{ $error=TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . "Dogy User Profile, ACCESS DENIED!"; }

// CHECK END


I also made my own PHP capatcha aswell for my phpbb forum, i get like no spam bots now.

I hope this helps someone,
Alex

another spambot wave hits the forums here... I'm still of the opinion that an own verification service/captcha service would be better because adaptation will be less likely...

Once you hack the default vb mechanisms you can spam on ever vb board that uses those ones.

Although it might very well be, that the registration of accs is done manually and once the acc is confirmed use the spambots.

The never ending war :)

I'm went over lots of CAPTCHAs including my own and none of them was so successfull as the one i'm using now. recaptcha.net, its free, its for a good cause and so far its not been beatable by a OCR.

You even have it set for this forum: http://www.vbulletin.org/forum/showthread.php?t=151824

Of course sometimes spammers do get over this protection by using real people to post spam.