I’m currently using the EE CAPTCHA functionality on the member registration page. But I’m getting at least 100 bogus registrations each day. The website admin approval process is getting overwhelmed by these fake registrations.
Can anyone suggest a better form CAPTCHA that works with EE? The built in one doesn’t work and isn’t worth using.
ExpressionEngine is up to date (2.11.9)
Sadly CAPTCHA is not good enough to stop spammers by itself. Most these days are paid humans using a script to help them register en masse, but their software pops up prompts to let them type in CAPTCHA, etc. It’s sickening to see some of the YouTube videos, but that’s the sad reality.
Have you found a pattern to the source? You may find it beneficial to block certain traffic at the firewall level, not even letting it reach ExpressionEngine. Also make sure you are requiring self-validation (though their software helps them make that quick too), and that you have not disabled any of ExpressionEngine’s security features, like “Secure Forms”, the CSRF protection. Lastly, you can augment the built-in CAPTCHA with a honeypot, or even better, a tool like Snaptcha.
Packet Tide owns and develops ExpressionEngine. © Packet Tide, All Rights Reserved.