User group permission: Force CAPTCHA on Contact Us

DragonByte Tech

Well-known member
Literally the very first Contact Us form submission we received after upgrading to XF2 was a submission calling into question the functionality of my manhood but helpfully offering me links to a place where I could purchase remedies :p

Of course, it is impossible to 100% stop every piece of spam, but I feel like optionally forcing CAPTCHA on the Contact Us form would serve as a bit more of a deterrent for any human manually bypassing captcha, and/or providing an additional chance for the CAPTCHA to correctly identify the current user as a bot, even if they are registered.

I've solved this @ DBTech by adding a small template modification that forces it for all users, but I feel like this would be an useful core feature while taking up minimal development / QA time :)


Fillip
 
Upvote 8

Chris D

XenForo developer
Staff member
Are you saying someone registered and as a registered member they used the contact form? That’s fairly rare.

The CAPTCHA would have been displayed already if they were in fact a guest.
 

DragonByte Tech

Well-known member
Are you saying someone registered and as a registered member they used the contact form? That’s fairly rare.
I'm not sure, here's the words from the email:
The following message has been sent from JafesCLump <miklefis@yandex.com> (IP: 5.164.230.26) via the contact form at DragonByte Tech | XenForo and vBulletin Mods & Addons.
(I don't think I need to censor the email address since it was a spammer?)

I don't know if the wording is different if the user is a guest vs a member, but there you go anyway. I do know we get the occasional registration that is clearly a human registering in order to manually bypass captcha - at least we did back on vB - so I just think it would be a nice feature to have that members who are not in our Customers user group have to complete the captcha again to use Contact Us.


Fillip
 

SpecialK

Well-known member
We're also experiencing this issue on an XF2 installation - Spammers registering and then using the contact form to spam without the captcha. Super annoying to deal with.
 

Chris D

XenForo developer
Staff member
Since XF 2.1 we have at least started running the contact form content through the spam checking method we have - if stuff is getting through you may need to look into your anti-spam configuration - Akismet and spam phrases are particularly effective.
 

Ozzy47

Well-known member
We're also experiencing this issue on an XF2 installation - Spammers registering and then using the contact form to spam without the captcha. Super annoying to deal with.

Are you still having this issue? How many are you getting a day? Is your contact us form the default XF one, or a custom one?

If it is the default one, would you like to test an XF2 addon that might just solve the bots that are targeting the form?
 
Top