Sticky How to protect my forum from spam

whay again spamer can post? :S

CAPTCHA doesn't stop humans from posting spam. You can hire people to post spam (or resolve CAPTCHA challenges for bots), and it doesn't even cost much. But CAPCTHA will make spamming a lot slower than it used to be, so even people will go and try to find easier way to make their living.

See here how we are stopping spammers: lineboring.org/login/register

We require new users to demonstrate some knowledge of the topic.

A nice upgrade would be a hotlink in the "new user email notification" so that the admin could approve the new user without even logging in.

Currently the admin must login, find the new user, open the user, read the 'demonstration of knowledge' then approve the user.

Matias, agree that this seems what it has come down to - I thought about removing the ReCaptcha, but at the very least we can make the spammers spend some pointless money and time in solving Captchas (incidentally, I can only say this because of the SpamFighter extension, which now works even better than when I last posted and doesn't waste any of my time moderating and deleting spam).

Interesting approach beyondthenet...

Maybe something similar - involving customisation - is the future of spam fighting on Joomla sites?

Just thinking out loud here. The problem with re-captcha is that it is so widespread, so it makes sense for people to specialise solving recaptchas, and then spam across 1000s of smaller sites that all use Re-Captcha.

Obscurity and small size, here, would provide some security.

What about a Captcha system in Kunena where every admin could specify whatever Captcha challenge they could think of - their only limit being their imagination and their audience. I.e.: Upload a picture of whatever - scrambled text, a picture of a dog asking what animal is this?, a pic of a flower with text like 'what do plants need to live?', or a question (like: how many people are in this picture) - and provide the possible correct Captcha responses in another field (e.g. the text, 'dog', 'earth, water, sun, sunlight, sunshine', 3, etc).

The captcha would be static and would always have the same response, but 'human farms' of captcha solvers likely wouldn't bother with something this small or potentially requiring application of mind.

Of course, the problem is that if Kunena were to implement this as a default, the total user base might again become big enough to make it worthwhile for the farmers to specialise in training their staff to recognise custom captchas. Plus, once it's solved, they don't even need humans anymore but can just use the same answer every time on your forum.

I suggest this because for a couple of months I had a dirty hack which had a scrambled word XYZ image and normal HTML text below saying: "Type the text in the photo (hint, the word is XYZ)".

This was enough to fool 99% of spammers and enough for humans to be happy with.

Again, not necessarily suggesting that you code this into Kunena but I think allowing individual admins to customise their captcha will remove the economies of scale that 'captcha farmers' experience in selling ReCaptcha solving services.

I mean - why does Google not use Recaptcha for most of its own services, for example, despite owning it? (Google's own captchas incidentally are illegible to humans half the time).

naimless wrote: What about a Captcha system in Kunena where every admin could specify whatever Captcha challenge they could think of - their only limit being their imagination and their audience. I.e.: Upload a picture of whatever - scrambled text, a picture of a dog asking what animal is this?, a pic of a flower with text like 'what do plants need to live?', or a question (like: how many people are in this picture) - and provide the possible correct Captcha responses in another field (e.g. the text, 'dog', 'earth, water, sun, sunlight, sunshine', 3, etc).

These kinds of captchas have actually been gaining territory because of the reasons you mention here.

naimless wrote: Of course, the problem is that if Kunena were to implement this as a default, the total user base might again become big enough to make it worthwhile for the farmers to specialise in training their staff to recognise custom captchas. Plus, once it's solved, they don't even need humans anymore but can just use the same answer every time on your forum.

I dont think this is the way to go.
From a development point of view we'd rather support third party extensions, which will give the users a whole lot more opportunities. This is actually being talked about and slowly planned, but havent had big attention since its not possible with J1.5 and we need to move past that first

naimless wrote: I mean - why does Google not use Recaptcha for most of its own services, for example, despite owning it? (Google's own captchas incidentally are illegible to humans half the time).

Google knows exactly what you're writing here, and I believe they use a lot more complex technologies for this purpose internally.
Of course they earn money on reCaptcha, but by not using it I'd say they by themselves support these arguments very well...

Edit:
More info on human solving of captchas: en.wikipedia.org/wiki/CAPTCHA#Human_solvers

Hi All,

New to all this, but have a spammer that has posted a thread on my forum and i cant delete it, keeps opening error 404 page when i click to open it. Can anyone help me in deleting this thread on my forum please?