Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hi,
It seems to me that it's being bypassed by bots, and I'm getting an average of 10 spams a day from it. Below are my configurations.
Characters Used: aAbBCdEeFfGHhijKLMmNPQRrSTtWXYZ23456789
Code length: 5
Font: DejaVuSans.ttf 2.20
Size: normal
Char spacing: normal
Distortion level: normal
Smooth Distortion (yes)
Add salt and pepper noise (yes) - by the way, pepper is spelt wrongly (peper).
Noise level: normal.
Attached are a few examples of the results.
I can't really make it any more complicated, as it would be too hard for normal users to see the image or letters..
Comment | File | Size | Author |
---|---|---|---|
1536719462.jpeg | 5.77 KB | Anonymous (not verified) | |
1762636771.jpeg | 6.03 KB | Anonymous (not verified) | |
1625125830.jpeg | 5.63 KB | Anonymous (not verified) |
Comments
Comment #1
soxofaan CreditAttribution: soxofaan commentedSpam doesn't always comes from bots, there are also humans that like to be annoying or even get paid for it.
Are you sure that bots posted the spam, and that they did break the CAPTCHA image?
What is the persistence setting of the CAPTCHA module?
Anyway this is not a bug of the CAPTCHA module, just a limitation of the system.
If you can't fight your spam with CAPTCHA, I would suggest something like http://mollom.com or the akismet module
Comment #2
soxofaan CreditAttribution: soxofaan commented(btw, I fixed the "pepper" typo, thanks, good catch)
Comment #3
Anonymous (not verified) CreditAttribution: Anonymous commentedHi,
Thanks for the links, i'll check them out too. Good questions. No i'm not 100% sure it is bots. If there's a way to find out i'll do it. But i *think* it's a bot because I increased my code length from 5 to 6 letters, and I haven't received any spam so far. If it was a user, I think he would have picked it easily. Anyway, I failed to show you an example of the spam. I will when I have some.
As for persistence, it's on "always add a challenge".
It's a shame being a limitation, but what can we do... Anyway, i'll keep you updated on this.
P.S., while you're at it, there are a few more spelling mistakes :)
admin/user/captcha -> administration (spelled adminstration) in 1st paragraph, and under General settings.
admin/user/captcha/image_captcha -> careful (spelled carefull). bilinear (spelled bilineair), overlaid (spelled overlayed)
Keep up the good work!
Comment #4
soxofaan CreditAttribution: soxofaan commentedClosing old/outdated issues for 5.x releases, which is officially unsupported now.