Resource icon

Registration Form Timer 2.0

No permission to download
Forgot to add...

Here's the full list of options:

Ngcpt.png



Also, the e-mail sent out is fully phrased, here's a screenshot of the template. Just adjust the phrases accordingly:

TRHOd.png
 
My god, if this works well and you left the email notify on, you could have >10,000 emails a day.
Good to see it's an options ;)

Is it switched off by default (it might be worth considering)?

Logs might be a better idea (ACP>>Tools>Form Timer Logs)?

Good idea though, keep it up Chris (y)
 
It is indeed switched off by default :)

I was considering a log. Wanted to get the first version out relatively quickly.

In addition, should there be another option to have IP addresses be automatically discouraged or is this too risky for potentially safe users?
 
I'm avoiding banning IP addresses, I'm looking back at my anti spam plugins and adding options, but banning IP addresses isn't a great idea

1) IP addresses do not pin point a user, they in no way identify a particular user (unless they are for some reason stuck on a static IP address)
2) It's not a good idea for your real users... If you ban thousands of IP addresses, there is an increased chance you will ban a non-spammer by mistake
3) By banning IP addresses, you only target those that aren't bots... since most bot users will be savy when it comes to proxy use... they will cycle through IP addresses and not care that you've banned it

Instead, I'm thinking about banning
1) The email address used (this is a hassle for bot users, since they eventually have to go back and bot hotmail/gmail etc again).. unless they use temp emails, which you should ban anyway
2) Banning usernames (this can be a minor hassle for bot users that don't iterate their username list) << but here, you might needlessly fill up a list, making it harder for users to pick a new username

If you do ban IP addresses.. you could make it temporary (so they find it hard to re-attempt at least for a short while, then you avoid ever negatively impacting real users)
When you are talking 1,000's of bots a day... your banned IP addresses list gets large very quickly

That's my opinion, having an email banning option is preferential to an IP address banning option (and since you have the email passed through... you may as well make use of it ;) )
 
I use to have such a add-on installed on vBulletin. While I love the concept, I can complete a registration in under 5 seconds.

How?

Auto complete fills in my name, e-mail, default settings, and even a generic password I use when I first join a site (if I value the community I change this later). So basically all I need to do is fill in reCAPTCHA and press enter.... ie... 5 seconds to register.

So I've long since stop using these kind of scrips. I do love the concept though... I guess I could change the timer to 3 - 4 seconds or so. Something that even auto complete would not be successful on.
 
I got a question in mind, how much time spammers take in submitting registration form? :unsure:

I tried myself as quick as possible and completed registration form in 30 sec :p
 
Automated bots will complete a registration form in a matter of seconds.

I've been testing it since yesterday, I got pretty quick. My record was 16 seconds with the standard registration form (with reCAPTCHA).
 
Auto complete fills in my name, e-mail, default settings, and even a generic password I use when I first join a site (if I value the community I change this later). So basically all I need to do is fill in captcha and press enter.... ie... 5 seconds to register.
Not with XenForo it won't because the name field is set to autocomplete="off".

E-mail does have auto complete, but I've not seen it then able to fill in the rest of the details on the form such as the date of birth.

Password obviously has to be typed twice and accurately. If you're a genuine user you may need to choose your Time Zone. You will then have to type CAPTCHA accurately.

I've been constantly registering since last night. It is definitely not possible in less than 15 seconds.
 
Not with XenForo it won't because the name field is set to autocomplete="off".

E-mail does have auto complete, but I've not seen it then able to fill in the rest of the details on the form such as the date of birth.

Password obviously has to be typed twice and accurately. If you're a genuine user you may need to choose your Time Zone. You will then have to type CAPTCHA accurately.

I've been constantly registering since last night. It is definitely not possible in less than 15 seconds.
There are Firefox and Chrome plug-ins that ignore

autocomplete="off"

  • name
  • address
  • password (twice)
  • e-mail
  • sex
  • time zone
  • "I agree"
And a dozen other options are all automatically filled for me.

The only thing I need to fill out on a registration page is CAPTCHA. I type nothing else. So for power users like myself, 5 seconds.

I still like the concept though. I guess I'll install this and setup for 4 seconds.
 
Amazing idea and I think is the best way to fight spam. Unless they come up with a way to change the time of registration, let's hope not :cautious:
 
Chris Deeming updated Registration Form Timer with a new update entry:

Can now set time limit to less than 5 seconds


Thank you so much for donating. It is always appreciated!


Version 2.0 of Registration Form Timer now includes the Stop Botters API by tenants.

Extra special thanks goes to tenants for providing and integrating this API.

StopBotters (Optional) Detection Mechanism

  • Stops A high percentage of known bots using an API request.
  • Known bots are detected via IP address / Email Address / Username.
  • The underlying StopBotters mechanism is confidential

Read the rest of this update entry...
 
Top Bottom