Quote by: Anonymous
I switched to the ReCAPTCHA plugin and it works perfectly for me. No spammer registration attempts are getting past ReCAPTCHA.
I left the CAPTCHA plugin enabled, and that doesn't seem to be a problem. Also it makes it easy to check the captcha log, which shows this for every attempt since I switched to ReCAPTCHA:
"Detected an attempt to bypass CAPTCHA (no session id) in registration"
Maybe that's a clue as to a possible weakness in the CAPTCHA plugin?
Geeklog 2.1.0 comes with it's own log viewer (which long over due). reCAPTCHA and CAPTCHA plugins work internally pretty much the same way. I think the spammers just figured out how to read the CAPTCHA images we use. I still get spammers getting through reCAPTCHA but a lot less than before. I have seen some reports on the net that reCAPTCHA lets through up to 17% of the spammers. That is a fairly high number which I don't currently see on my sites. reCAPTCHA positive feature is that it is maintained by Google and that they can update it as spammers figures thing out. This is also it's negative feature since most spammers will be targeting reCAPTCHA.
I like Ben's slider idea in his updated CAPTCHA plugin.
Ben, I notice it locks the submit button. Does this work with plugins that use CAPTCHA as well? Can we use a combination of the CAPTCHA and the slider?
Here is a feature request. Make it easy to add in new CAPTCHA like security measures by just adding a class to the captcha directory (sort of like how SPAM-X works). If possible also make it easy to have them work in combination of each other.
Another request would be to add some sort of configurable speed control. For example for the CAPTCHA entry to work there must be x number seconds between displaying the form and submitting. Most spam bots problem submit the form in a second or 2 where it will take a user a while to fill out a form before submitting it.
One of the Geeklog Core Developers.