Not planned add QapTcha to the core

Adam Howard

Adam Howard

Well-known member
Normal capTcha is easier for bots to read then it is for normal people.

And I'm sorry, but the question & answer option does not exactly play out if you have members who speak & write in different languages and who likely have different keyboard setups.

e vs ё

Is not going to be seen as the same. Not to mention after while those Q&A's need to be changed fairly often.

XenForo needs a more universal & use friendly capTcha option, which also requires less general maintenance.

Info
http://www.myjqueryplugins.com/jquery-plugin/qaptcha
demo
http://demos.myjqueryplugins.com/qaptcha/
live demo on XenForo site
http://www.sociallyuncensored.eu/forums/forums/test-posting.64/create-thread

QapTcha does not depend on flash player, is mobile web friendly, fast, uses no resources, is hosted locally so it's not dependent on an outside source & is CDN compatible. It is also idiot poof in that it is universally understood and is not language dependent. And finally, requires zero effort from an administrative point of view (turn it on and you're done).

There is currently an add-on thanks to @serene which I have been maintaining
http://xenforo.com/community/goto/post?id=621439#post-621439

But this really should be something easily added into the core. :)
 
Last edited:
Upvote 0
This suggestion has been closed. Votes are no longer accepted.
It's also not a CAPTCHA as it doesn't provide anything that's particularly hard for a script to defeat. Here's a comment from "Marcus" in January (from here: http://www.myjqueryplugins.com/jquery-plugin/qaptcha)
So what if I have a script that does the following:

1. Get the form page
2. Parse the PHP session id from the response header
3. Post a random number to the server with the session header
4. Post the spam form data + the same random number in the body

Tada... you've got spam.

Simple and nice, but I wouldn't trust this if you risk facing targeted attacks
Click to expand...

This works specifically because it's not in the core. Your site and customizations aren't targeted. However, XenForo as a platform, is targeted. This provides marginally more security than the unique key that we have on the form but that's it.
 
Mike said:
It's also not a CAPTCHA as it doesn't provide anything that's particularly hard for a script to defeat. Here's a comment from "Marcus" in January (from here: http://www.myjqueryplugins.com/jquery-plugin/qaptcha)


This works specifically because it's not in the core. Your site and customizations aren't targeted. However, XenForo as a platform, is targeted. This provides marginally more security than the unique key that we have on the form but that's it.
Click to expand...
I'm sure XenForo can come up with an alternative solution which is as simple as point & click (or in this case drag & slide).
 

Similar threads

Moshe1010
  • Solved
XF 2.2 Is there a way to add default colors to the color picker in the editor?
Replies
6
Views
628
kelle67
kelle67
beycandeveloper
XF 2.1 Add users to the paid subscription package with the code
Replies
1
Views
634
beycandeveloper
beycandeveloper
gogo
  • Question Question
XF 2.2 I need to add some images to the avatar gallery
Replies
4
Views
694
Paul B
P
AddonsLab
As designed Unable to add a breadcrumb item that links to the current page
Replies
2
Views
552
Chris D
Chris D
RobinHood
  • Suggestion Suggestion
Add XF style colour variable id next to the colours they're associated with in the style properties
Replies
6
Views
1K
Russ
Russ
Back
Top Bottom