I had the difficult experience recently of having to try find a way to block spam on a phpBB forum website. Nothing seemed to stop the wave of spambot user registrations. I tried messing with the default ‘Spambot Countermeasures’ settings that come with the latest version of phpBB including choosing different catpcha complexities, sizes, shapes etc..to the point where I couldn’t even read the codes myself but still they came! I also tried different spam plugins, captchas, etc but nothing seemed to work. I eventually settled on a Question & Answer system thinking that an automated spambot couldn’t possibly answer a question. But guess what!? They can now..
I happened to mention on Twitter that spam bots seemed to be able to answer questions these days and Rahber replied and said that they can only answer Googleable questions. In fairness this is mentioned on the configure screen for the Q & A spambot countermeasures plugin, which I never read!:
These questions should be easy for your target audience to answer but beyond the ability of a bot capable of running a Google™ search.
What this basically means is that a bot can probably answer a question like “What is 2 + 2” because Google can answer this too but they can’t answer a question like “What is the address of this website” which requires a bit of thinking rather then searching.
Here’s the list of questions I’ve put in for the time being which seems to be working, at least until the bots become self-aware. Hopefully, odd as some of them are, they won’t fool too many humans!
The larger the list the better:
- What is the address of this website?
- What are the last 2 words in this question?
- What colour is a blue apple?
- What size is a ‘big’ dog?
- If a piece of string is 1 foot long, how long is it?
- What is the very last letter or symbol in this question?
- How many legs has a 3 legged spider?
- How many strings has a 9 string guitar?
- My dog is a spaniel, what breed is he?