Spam from free version; can we fix the flaw ourselves?

  • Resolved webstress

    (@webstress)


    7 years, 10 months ago

    Is there any way to alter the weak captcha in the free version, say assign 2 *specific* numbers that have to be typed in? I know how to put an image in the form. So I could show a picture of the numbers I want typed in. Perhaps show an image of it spelled out in words, e.g. “Type the number version of the word twenty.” Then make the field require the number 20, no more than 2 digits.

    As I said in my other post, I would love to pay for this valuable plugin!

    If I could get some assurances that neither the free nor pro version of this form have been abandoned, and their flaws are being fixed, that would help allay my fears.

    FYI, the bad guys are buying up popular but abandoned plugins (they probably email the techie who created a popular plugin only as a side project, “Let me make you an offer you can’t refuse!”). They are then able to compromise the websites the plugin is installed on. If you don’t think this is a problem, Google “Panama papers plugin.”

    As I understand it, the Pro version uses Google’s recaptcha. This is the easy one that just requires the user to check a box to verify their humanity. ?? You can see this in action on whois.godaddy.com when you do a Whois lookup. Since GoDaddy has to protect against robots on a much grander scale than mere webmasters do, I take it that the much friendlier recaptcha must be working well for them.

    Any captcha that makes it easier for the user is a big plus in my book.

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hi there, thanks for getting back to me. Yes, the Pro version doesn’t come with the better Captcha. Unfortunately, the free version only has that one option. Feel free to use the Demo for the Pro version(link below).
    https://demo.vfbpro.com/

    Thanks!
    Shane
    vfb

    You mean the Pro version DOES come with the better captcha, right?

    • This reply was modified 7 years, 9 months ago by jlehrer.
    • This reply was modified 7 years, 9 months ago by bdbrown.
    Thread Starter webstress

    (@webstress)

    @jlehrer, Yes, that is what he meant. I know because after trying the demo of the Pro version in the link above, I can verify it does use the recaptcha I wanted… the good one where the user just needs to check the box. Awesome! (Though I still don’t understand how this can thwart a bot.)

    I just had a “DOH!” moment reading my original post. We can just create our own captcha field in the free version! We don’t need to be able to retrofit the existing one as I laid out. The spammers who know about the flaw and are exploiting it are probably not going to realize there is a 2nd captcha field. I’ll call it the “gotcha” field ??

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Spam from free version; can we fix the flaw ourselves?’ is closed to new replies.