Better Spambot Protection in phpBB3?

[th23]

Just a quick question to those who already have some more experience with the spam-prevention measures than I have actually: Does it make sense to have the register-template redesigned - maybe even randomly choosing between multiple ones that are redesigned?

E.g. that might have the fields assorted differently and/or the captcha on an other place on the page and stuff like that...

Thanks
th23

[Wernight]

And I'm sure you will see many spam prevention MODs become available for phpBB3, and I would recommend picking one up when you can.

How can you be so sure?

Does it make sense to have the register-template redesigned - maybe even randomly choosing between multiple ones that are redesigned?

E.g. that might have the fields assorted differently and/or the captcha on an other place on the page and stuff like that...

Not that much improvement as the name of the form field keeps the same: <input name="xxxx" ...>.

What would be better, like Highway of Life said, would be to add a field: "Math test: (5 - 1) divided by 2 = ". This is just one example. If everyone change the CAPTCHA method in a unique way it would be a hell for bots for many years.

[Highway of Life]

Does it make sense to have the register-template redesigned - maybe even randomly choosing between multiple ones that are redesigned?

It makes little difference to the bots where you put your fields, and could care less if you even use a style at all.

How can you be so sure?

There are an uncountable number of these types of MODs for phpBB2.0.x, and registration on phpBB3 is just as simple for Spambots, therefore, it's easy to assume this will be the case, I myself am making one, another MOD author is making one... and we are not even in Gold yet.

There are many, many different, but effective ways to defeat spambot registrations, each one has it's pro's and con's... Visual Confirmation is a must, but many times, and especially if you have a decent sized-board, something more is needed... the more randomization you can make to the registration process, the better success you will have... but I cannot stress enough, don't go overboard so far that Grandma can't sign up.

[th23]

Does it make sense to have the register-template redesigned - maybe even randomly choosing between multiple ones that are redesigned?

It makes little difference to the bots where you put your fields, and could care less if you even use a style at all.

Ok, that makes sense... my intention was more using different field and/or captcha file names... Sounds better?

[Highway of Life]

Using a different, or random input NAME would work, but you must remember that it must match the input validation on the registration processor.

[th23]

Using a different, or random input NAME would work, but you must remember that it must match the input validation on the registration processor.

that's sure but managable... maybe I start a MOD targeting this

[th23]

Okay, just to clarify for me: Spam Bots identify the fields to input the data by their name-tag not by position?

[cutaia]

Anyone know how well mods like Kittyauth work? And has anyone heard if they are making a Kittyauth mod for PHPBB3?

[Highway of Life]

Don't know what Kittyauth is.

[cutaia]

Well, then allow me to enlighten you. It's a grid of random pictures that changes on each page load. The person must click (for example) all the pictures that contain tigers before submitting the page. It seems like a damned good idea as it pretty much reqires a human to descern between pictures.

Here's an example of the process at work on their website, although, admittedly it doesn't seem to have been updated very recently at all.

http://kittenauth.com/node/5

Come to think of it, I probably should have asked this question over there instead of here.

Oh well...you live, you learn.