User group permission: Force CAPTCHA on Contact Us

DragonByte Tech

DragonByte Tech

Well-known member
Literally the very first Contact Us form submission we received after upgrading to XF2 was a submission calling into question the functionality of my manhood but helpfully offering me links to a place where I could purchase remedies :P

Of course, it is impossible to 100% stop every piece of spam, but I feel like optionally forcing CAPTCHA on the Contact Us form would serve as a bit more of a deterrent for any human manually bypassing captcha, and/or providing an additional chance for the CAPTCHA to correctly identify the current user as a bot, even if they are registered.

I've solved this @ DBTech by adding a small template modification that forces it for all users, but I feel like this would be an useful core feature while taking up minimal development / QA time :)


Fillip
 
Upvote 7
Are you saying someone registered and as a registered member they used the contact form? That’s fairly rare.

The CAPTCHA would have been displayed already if they were in fact a guest.
 
Chris D said:
Are you saying someone registered and as a registered member they used the contact form? That’s fairly rare.
Click to expand...
I'm not sure, here's the words from the email:
The following message has been sent from JafesCLump <miklefis@yandex.com> (IP: 5.164.230.26) via the contact form at DragonByte Tech | XenForo and vBulletin Mods & Addons.
Click to expand...
(I don't think I need to censor the email address since it was a spammer?)

I don't know if the wording is different if the user is a guest vs a member, but there you go anyway. I do know we get the occasional registration that is clearly a human registering in order to manually bypass captcha - at least we did back on vB - so I just think it would be a nice feature to have that members who are not in our Customers user group have to complete the captcha again to use Contact Us.


Fillip
 
We're also experiencing this issue on an XF2 installation - Spammers registering and then using the contact form to spam without the captcha. Super annoying to deal with.
 
Since XF 2.1 we have at least started running the contact form content through the spam checking method we have - if stuff is getting through you may need to look into your anti-spam configuration - Akismet and spam phrases are particularly effective.
 
SpecialK said:
We're also experiencing this issue on an XF2 installation - Spammers registering and then using the contact form to spam without the captcha. Super annoying to deal with.
Click to expand...

Are you still having this issue? How many are you getting a day? Is your contact us form the default XF one, or a custom one?

If it is the default one, would you like to test an XF2 addon that might just solve the bots that are targeting the form?
 

Similar threads

L
  • Question Question
bug on the second user group permission
Replies
10
Views
795
Black Tiger
Black Tiger
A
  • Question Question
XF 2.2 User group permission problem
2
Replies
21
Views
2K
Anacleto
A
Lloyd32552
  • Question Question
XF 1.5 NoCaptcha on Contact Us form
Replies
5
Views
869
TPerry
TPerry
Betclever
  • Question Question
XF 1.4 User group permission issue
Replies
3
Views
1K
Lawrence
L
Amaury
  • Suggestion Suggestion
Lack of interest Add User Group Permission to Bypass Prefix Selection Requirement
Replies
1
Views
693
Paul B
P
Back
Top Bottom