CustomImgCaptcha: Spam Combat 2.4.1

CustomImgCaptcha: Spam Combat 2.4.1 2.4.1

No permission to download
Overview Updates (31) Reviews (17) History Discussion
You can make this responsive and work on the iPhone with the following TMC edits:

customimgcaptcha_captcha

Find:
Code: 
                    <dd>
                        <div style="" id="custom_img_captcha">
                            <div class="captchaCtrl" id="custom_img_captcha_image" style="width: {$width}px; height: {$height}px;">
                                <img width="{$width}" height="{$height}" src="{xen:helper public-cic-img, $public_uuid}">
                            </div>
                            <div class="ddText">
                                <label for="custom_img_captcha_response_field">{xen:phrase sf_answer_the_above_question}:</label>
                            </div>
                            <span id="public_uuid_holder" style="display: none;">
                                <input type="hidden" value="{$public_uuid}" id="public_uuid" name="public_uuid">
                            </span>
                            <input type="text" class="textCtrl OptOut" id="custom_img_captcha_response_field" name="custom_img_captcha_response_field" autocomplete="off">
                            <p class="explain">
                                (<a href="http://xenforo.com/community/resources/customimgcaptcha.1161/">CustomImgCaptcha</a> By <a href="http://www.surreyforum.co.uk/">Surrey Forum</a>)
                            </p>
                        </div>
                    </dd>

Replace:
Code: 
                   <xen:if is="@enableResponsive">
                    $0
                            </xen:if>

customimgcaptcha_captcha.css
Find
Code: 
.captchaCtrl
{
    @textCtrl
}
Replace
Code: 
$0

@media (max-width:@maxResponsiveNarrowWidth)
{
#custom_img_captcha_image, img
{
  width: 240px !important;
}
 
Sorry Mike, another question on this.

The StopBotters API key hasn't changed from the default one. Should I change this to the same one that is being used by FBHP on my site?
 
If you have FBHP installed, it wont change..

You should already be using StopBotters via FBHP (this is the route suggested to use the StopBotters API, since you'll get more information out of it), so it ignores the API in this case
 
This is interesting (IMO). I never saw this with just FBHP installed, but you can see a pattern with the bots when they try to register.

They first try to register, fail, and they go to the contact page
captcha.webp
 
Yes, some bots do not fill non-default fields

It's easier to set up automation to target the XenForo form with no customisation (but quite a few use the form field index number, and run through the entire form)

For those that just target XF, you will see them not even attempt the CAPTCHA. Other bots try to fill it with QA answers, but have no idea what the question is (they can not read the image, and even if this CAPTCHA was targeted, there are several thousand versions of each of your images, so a binary comparison is quite hard)

I've worked in automation for a while, I know the pitfalls the bots are going to face (especially XRumer, which is the dominant bot)

Some people don't realise, it is easy to stop bots... 100% without even touching an API (But, its not something that can really be done with the core, since then the mechanism will be targeted). FBHP does stop 100%(more than once), customImgCapthca also stops 100% (but some bot users come back an re-attempt, messing a little with the results).

My money is on FoolBotHoneyPot for the mechanism that will last the longest

By the way, you kind of did see it.

Look for logs that don't complete the entire form (I think that's 24 honey pots... I can't rememberer off hand). For those bots that do not complete every field (including the honeypots), they wont ever reach the CAPTCHA... so, they populate the 1st 12-14 feilds then don't bother with the rest
 
Last edited:
It's VERY impressive! Just trying to build up my collection of images.

Although, have come across a little issue on my laptop at home. I've a resolution of 1336x768 (HP Ultrabook). Both Chrome and Waterfox.

The popup to edit the images drop below the bottom of my screen (even with the task bar minimised).

resolution.webp

I can only get to the bottom if I F11 and set the browser full screen. Didn't have this at work as it's got a stupidly high resolution display on my laptop there.
 
Hmm, I think you can tab into the submit.

But looking at that overlay, I should reduce the image size of the preview
 
By the way, I couldn't answer that question.

You'll get some stats back about the number of bots that fail your CAPTCHA and the number of humans that fail it. It's worth looking at the human scores, since you don't want to block them (make them human friendly ;) )

I even found a picture of a scorpion was too hard for some humans (what insect is this, starts with an S.... spider ?>!")
None have had any trouble with a cow or a sheep
 
tenants said:
By the way, I couldn't answer that question.

You'll get some stats back about the number of bots that fail your CAPTCHA and the number of humans that fail it. It's worth looking at the human scores, since you don't want to block them (make them human friendly ;) )

I even found a picture of a scorpion was too hard for some humans (what insect is this, starts with an S.... spider ?>!")
None have had any trouble with a cow or a sheep
Click to expand...
All the images I'm using are images of members cars. People who use our site will own one of the cars I'm using in the images as they are all using the engine the site is specific to.
 
Just been reviewing the logs from this, and it doesn't appear to be catching human errors

Code: 
An incorrect answer was provided
Today at 12:25 PM
CAPTCHA Name: VX220.jpg
generated_by_username_attempt: Marduk
generated_by_email_attempt: buzzwire2012@gmail.com
IP Address: 212.202.139.234
Expected Answer(s)
a:1:{i:0;s:5:"vx220";}
Users Answer
speedster

From the image itself:
Code: 
CAPTCHA Statistics For VX220.jpg (3 humans, 144 bots)
Human Success: 100%
Human Passed: 3, Human Failed: 0
Bot Success: 0%
Bot Passed: 0, Bot Failed: 144

He registered OK on the next image
captcha.webp
 
i've been using this for a while (thanks!) but after upgrading to XF 1.2, i noticed im getting a lot of server errors when people register for the site. im using the latest version of this plugin. here's one of the errors im getting:

Code: 
Zend_Db_Statement_Mysqli_Exception: Mysqli statement execute error : Field 'full_url' doesn't have a default value - library/Zend/Db/Statement/Mysqli.php:214
Generated By: Unknown Account, 35 minutes ago
Stack Trace

#0 *domains/squattheplanet.com/html/community/library/Zend/Db/Statement.php(297): Zend_Db_Statement_Mysqli->_execute(Array)
#1 *domains/squattheplanet.com/html/community/library/Zend/Db/Adapter/Abstract.php(479): Zend_Db_Statement->execute(Array)
#2 *domains/squattheplanet.com/html/community/library/Zend/Db/Adapter/Abstract.php(574): Zend_Db_Adapter_Abstract->query('INSERT INTO `sf...', Array)
#3 *domains/squattheplanet.com/html/community/library/XenForo/DataWriter.php(1612): Zend_Db_Adapter_Abstract->insert('sf_customimgcap...', Array)
#4 *domains/squattheplanet.com/html/community/library/XenForo/DataWriter.php(1601): XenForo_DataWriter->_insert()
#5 *squattheplanet.com/html/community/library/XenForo/DataWriter.php(1393): XenForo_DataWriter->_save()
#6 *squattheplanet.com/html/community/library/CustomImgCaptcha/Model/Log.php(14): XenForo_DataWriter->save()
#7 *squattheplanet.com/html/community/library/CustomImgCaptcha/Model/Log.php(165): CustomImgCaptcha_Model_Log->logRegistrationAttempt(Array)
#8 *squattheplanet.com/html/community/library/CustomImgCaptcha/Captcha/Captcha.php(18): CustomImgCaptcha_Model_Log->LogEvent(Array)
#9 *domains/squattheplanet.com/html/community/library/XenForo/Captcha/Abstract.php(129): CustomImgCaptcha_Captcha_Captcha->isValid(Array)
#10 *domains/squattheplanet.com/html/community/library/XenForo/ControllerPublic/Register.php(200): XenForo_Captcha_Abstract::validateDefault(Object(XenForo_Input))
#11 *domains/squattheplanet.com/html/community/library/Tac/CustomImgCaptcha/ControllerPublic/Register.php(51): XenForo_ControllerPublic_Register->actionRegister()
#12 *domains/squattheplanet.com/html/community/library/XenForo/FrontController.php(337): Tac_CustomImgCaptcha_ControllerPublic_Register->actionRegister()
#13 *squattheplanet.com/html/community/library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#14 *domains/squattheplanet.com/html/community/index.php(13): XenForo_FrontController->run()
#15 {main}

Request State

array(3) {
  ["url"] => string(53) "http://squattheplanet.com/community/register/register"
  ["_GET"] => array(0) {
  }
  ["_POST"] => array(14) {
    ["username"] => string(11) "plalcheraic"
    ["email"] => string(28) "fjptly048+msijc020@gmail.com"
    ["password"] => string(8) "********"
    ["password_confirm"] => string(8) "********"
    ["dob_month"] => string(1) "4"
    ["dob_day"] => string(1) "4"
    ["dob_year"] => string(4) "1977"
    ["gender"] => string(4) "male"
    ["timezone"] => string(16) "America/Miquelon"
    ["public_uuid"] => string(25) "f0ba880a8a50520e81f256adb"
    ["agree"] => string(1) "1"
    ["submit"] => string(7) "Sign Up"
    ["_xfToken"] => string(8) "********"
    ["reg_key"] => string(32) "0f382ce38530b454d7f92bce9d9ffae6"
  }
}

anyways, not a huge deal, but seems to be related to this plugin. any suggestions would be great :)
 
Last edited:
The error is a bit strange, since there is only one place the log datawriter is called from, and at the point just before it, full_url is set.

Can you try un-installing it and reinstalling it (you might have a broken table / other)
 
You must log in or register to reply here.
Top Bottom