Recaptcha allowing spammers

General questions relating to Joomla! 3.x.

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting.
Forum Post Assistant - If you are serious about wanting help, you should use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10
Post Reply
goble
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 212
Joined: Sat Jan 09, 2010 11:23 am

Recaptcha allowing spammers

Post by goble » Thu May 13, 2021 6:54 am

Hi,

AM noticing a few spammers who are able to register using the default joomla registration form.

Using recaptcha with Security Preference set to most secure.
The user also have to agree to ToS.
P.S Tested : cannot register if both options are not attended.
Password set to at least 6 characters & at least 2 lower case.

The form seems to be working correctly. Error message if :
- min requirements for password are not met.
- Email address and confirm email are not the same.

Has anyone got more luck using 'invisible recaptcha' ?

User avatar
AMurray
Joomla! Champion
Joomla! Champion
Posts: 6774
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: Recaptcha allowing spammers

Post by AMurray » Thu May 13, 2021 9:33 am

Captchas are not a guarantee of "no spam" - I don't think they ever claim to be.

If Recaptcha is not working as you would like, try hCaptcha or hashcash.

Hashcash requires no user input.

hCaptcha is similar to the ReCaptcha v2, "I"m not a robot" type, with the occasional challenge such as, "choose all the pictures with motorbikes".

The alternative could be to have only a social network sign-on e.g. only sign on with Facebook/Twitter/instagram etc, that way the prospective user has to have one of those accounts in order to sign on/create the account on your site. Auto-spam bots or human spammers may then not bother. An example is SLogin.
Regards - A Murray

goble
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 212
Joined: Sat Jan 09, 2010 11:23 am

Re: Recaptcha allowing spammers

Post by goble » Thu May 13, 2021 12:28 pm

Thanks @AMurray,

"Captchas are not a guarantee of "no spam" - I don't think they ever claim to be."
I concur but getting 5 spams in 1 hour : seems it ain't doing anything. Website is under dev using a temporary link no one is aware of + settings are set to no-index no-follow.

Moreover I don't get challenge to solve. Just have to tick "I'm not a robot" > I guess it's because Google trust my IP ?
I have accessed the site using a VPN, same thing.

I was thinking that setting "Security Preference" to "most secure" would make recaptcha more aggressive.

Anyway I will check other Captcha and /or use social logins.


Post Reply

Return to “General Questions/New to Joomla! 3.x”