Anti spam registration protection "cracked"

Welcome to Queenonline. This is the place to report problems, or give feedback about this message board or the entire Queenonline site.

Anti spam registration protection "cracked"

Postby Ian-Highlander » Tue Jan 18, 2011 1:05 pm

It appears that the recaptcha anti spam system I set up on this forum has now been cracked as of about the 4th January according to press reports (if anyone is using reCaptcha on their own forums I suggest you change it for something more secure now).

As a result we've been seing a massive influx of spambot registrations on this site over the last couple of weeks which Rob has been dealing with admirably.

I've just installed and configured a new anti spam functionality for both the registration and contact forms. This new one is in the shape of a puzzle (i.e. you have to put a picture together) so doesn't rely on text being read which no matter how obfuscated is always a weaker method.

Hopefully this should kill the spam bot registrations dead, if not then I'll have to keep working, but it looks good so far.

If you want to see what it looks like, just click on the contact tab at the top and you'll see it.

The ONLY downside to this one is that it requires Flash Player to be installed on the users PC so there is a possibility that some users trying to register may not be able to use it without installing that first.
 
Ian-Highlander
There Can Be Only One

There Can Be Only One
 
User avatar

 

I was born with nothing and I've got most of it left...

      
 
Posts: 722
Images: 0
Joined: Wed Feb 03, 2010 9:28 am
Gender: Male
Has thanked: 10 times
Been thanked: 16 times

Re: Anti spam registration protection "cracked"

Postby Ian-Highlander » Tue Jan 18, 2011 1:45 pm

I considered several different options including the Q&A option, a hidden "honeypot" field option etc etc but in the end I've used KeyCaptcha on here for now and looks good so far. Very easy to install and configure on phpbb3 if you wanted to look at it, just upload the package to the server, replicate the template file to each template and then in your admin panel there will be a new captcha listed, configure it and away you go.

It's here http://www.keycaptcha.com if you wanted to look at it mate.
 
Ian-Highlander
There Can Be Only One

There Can Be Only One
 
User avatar

 

I was born with nothing and I've got most of it left...

      
 
Posts: 722
Images: 0
Joined: Wed Feb 03, 2010 9:28 am
Gender: Male
Has thanked: 10 times
Been thanked: 16 times

Re: Anti spam registration protection "cracked"

Postby Ian-Highlander » Tue Jan 18, 2011 4:06 pm

I'll be upping the protection to include multiple anti spam functionality if I need to, I'm hoping this will be enough for now ;)
 
Ian-Highlander
There Can Be Only One

There Can Be Only One
 
User avatar

 

I was born with nothing and I've got most of it left...

      
 
Posts: 722
Images: 0
Joined: Wed Feb 03, 2010 9:28 am
Gender: Male
Has thanked: 10 times
Been thanked: 16 times

Re: Anti spam registration protection "cracked"

Postby ice on fire » Tue Jan 18, 2011 8:41 pm

Thanks Ian and JLP for the work you put in. I recall on the old board some got through, annoying to say the least.
 
ice on fire
 
User avatar

 
 

Re: Anti spam registration protection "cracked"

Postby JLP » Tue Jan 18, 2011 9:45 pm

ice on fire wrote:Thanks Ian and JLP for the work you put in. I recall on the old board some got through, annoying to say the least.



they won't get through if Ian and I can help it. And if they do we will delete the buggers.
Come on you Tigers.
 
JLP
Site Admin
 
User avatar

 

Growing old disgracefully

      
 
Posts: 10076
Joined: Mon Apr 12, 2010 7:33 pm
Gender: Male
Has thanked: 7 times
Been thanked: 375 times

Re: Anti spam registration protection "cracked"

Postby fairydandy » Tue Jan 18, 2011 9:46 pm

JLP wrote:
ice on fire wrote:Thanks Ian and JLP for the work you put in. I recall on the old board some got through, annoying to say the least.



they won't get through if Ian and I can help it. And if they do we will delete the buggers.


I would keep them. The membership here is woeful! :P
 
fairydandy
Somebody To Love
 
User avatar

 
 
Posts: 7878
Images: 0
Joined: Fri Apr 16, 2010 2:37 pm
Gender: None specified
Has thanked: 3 times
Been thanked: 396 times

Re: Anti spam registration protection "cracked"

Postby JLP » Tue Jan 18, 2011 9:51 pm

fairydandy wrote:
JLP wrote:
ice on fire wrote:Thanks Ian and JLP for the work you put in. I recall on the old board some got through, annoying to say the least.



they won't get through if Ian and I can help it. And if they do we will delete the buggers.


I would keep them. The membership here is woeful! :P



They link to all sorts of dodgy sites. Or so weeman told me. :lol:
Come on you Tigers.
 
JLP
Site Admin
 
User avatar

 

Growing old disgracefully

      
 
Posts: 10076
Joined: Mon Apr 12, 2010 7:33 pm
Gender: Male
Has thanked: 7 times
Been thanked: 375 times

Re: Anti spam registration protection "cracked"

Postby ice on fire » Tue Jan 18, 2011 9:57 pm

Never open those links folks...I know a poster friend of mine did just that on the old board. It may have been what harmed his computer.
 
ice on fire
 
User avatar

 
 

Re: Anti spam registration protection "cracked"

Postby ice on fire » Tue Jan 18, 2011 10:23 pm

I once busted my butt wanting people to join here and people asking me how they could join, and I passed along the info~ never again will I do that. Twice burnt, twice shy :-P .
 
ice on fire
 
User avatar

 
 

Re: Anti spam registration protection "cracked"

Postby Kat » Fri Mar 22, 2013 9:24 am

Re Recaptcha - I had no idea what I was doing wrong, but it took about 15-20 attempts get one accepted. Everytime I did it, a green tick appeared, then said that the solution was incorrect. I nearly gave up before it finally got it. I very nearly didn't become a member here..! :-P
 
Kat
 
User avatar

 
 

Re: Anti spam registration protection "cracked"

Postby julymorning » Fri Dec 06, 2013 11:32 pm

Has anyone else been hit with spam ads here on the forum lately? On the left margin it says "related Searches:
with a map of some kind, then "A New Post, Last Post, Free Forum, Delete All Board Cookies, Indiex Page, and PhpBB Forum. Everytime I 'X' it off, it comes right back. Also some kind of dating site will pop up along the bottom and something else flashing in a box to the right, making it virtually impossible to read or reply to anything.

I'm not getting this on fb or any other site I go to. HELP!
.It is my uppermost hope that even histories' genius's lost their minds as they aged. I'd hate to think that I really am an idiot. sjm
 
julymorning
The Show Must Go On
 
User avatar

 

This is probably as good as it gets.

      
 
Posts: 1503
Images: 18
Joined: Tue Jul 10, 2012 11:17 pm
Location: Missouri, U.S.A.
Gender: Female
Has thanked: 401 times
Been thanked: 217 times

Re: Anti spam registration protection "cracked"

Postby Fizzle » Sun Dec 08, 2013 5:37 am

julymorning wrote:Has anyone else been hit with spam ads here on the forum lately? On the left margin it says "related Searches:
with a map of some kind, then "A New Post, Last Post, Free Forum, Delete All Board Cookies, Indiex Page, and PhpBB Forum. Everytime I 'X' it off, it comes right back. Also some kind of dating site will pop up along the bottom and something else flashing in a box to the right, making it virtually impossible to read or reply to anything.

I'm not getting this on fb or any other site I go to. HELP!


I'm not having any issues like that. In fact I never have. I wonder if anyone else is having that problem.
Image
 
Fizzle
The Show Must Go On
 
User avatar

 

Wannabee pseudo Tolkien-esque

      
 
Posts: 1039
Images: 2
Joined: Thu Apr 15, 2010 9:45 pm
Location: The John Deacon Appreciation Society
Gender: Female
Has thanked: 78 times
Been thanked: 102 times

Re: Anti spam registration protection "cracked"

Postby Ian-Highlander » Tue Dec 10, 2013 12:01 pm

Sounds very much like you've picked up some malware somewhere, there are zero adverts on QOL (apart from threads posted by Admin) and never will be if I have anything to do with it.

I'd suggest you download http://www.malwarebytes.org fully update it and run a full scan with it, then let it remove anything it finds.
 
Ian-Highlander
There Can Be Only One

There Can Be Only One
 
User avatar

 

I was born with nothing and I've got most of it left...

      
 
Posts: 722
Images: 0
Joined: Wed Feb 03, 2010 9:28 am
Gender: Male
Has thanked: 10 times
Been thanked: 16 times

Re: Anti spam registration protection "cracked"

Postby icy » Wed Dec 11, 2013 9:29 am

.
~Godspeed little one~
~Don't talk about angels
Or how I'll be saved
I'm no coward
But I'm not that brave
Rags are blowing
Rain's getting near
I'm done with running
And it's getting dark in here~

~Sleep in peace old friend for me you'll never die~
 
icy
I Want To Break Free
 
User avatar

 

And the wounded skies above say it's much too late

      
 
Posts: 14526
Images: 0
Joined: Sun May 01, 2011 4:44 am
Location: Persona non grata
Gender: None specified
Has thanked: 218 times
Been thanked: 491 times

Re: Anti spam registration protection "cracked"

Postby fairydandy » Thu Dec 12, 2013 4:46 pm

Ian-Highlander wrote:Sounds very much like you've picked up some malware somewhere, there are zero adverts on QOL (apart from threads posted by Admin) and never will be if I have anything to do with it.

I'd suggest you download http://www.malwarebytes.org fully update it and run a full scan with it, then let it remove anything it finds.


I downloaded that programme and it found seven items that I deleted, so thanks!
 
fairydandy
Somebody To Love
 
User avatar

 
 
Posts: 7878
Images: 0
Joined: Fri Apr 16, 2010 2:37 pm
Gender: None specified
Has thanked: 3 times
Been thanked: 396 times

Next

Return to Queenonline

Who is online

Users browsing this forum: No registered users and 1 guest