PHPbb Security

[dooper3]

Does anyone know how I can boost the security of the sign-up form in PHPbb - I am using the most up-to-date stable version of it and I have enabled the security image but that does not appear to be enough, I am still getting at least 5 sign ups a day caused by robots etc. and it makes it annoying as then I have to manually approve the genuine people.

Cheers!

[HuggieBear]

Do you have the URL so we can take a look at the signup page?

Regards
Huggie

[dooper3]

I do, it's just a standard PHPbb sign up page though and I'm not certain how much I'm allowed to edit it under the licence terms.

It's at http://www.sulsc.org/discuss then click register.

[HuggieBear]

Hmmm, that's quite interesting, it looks as if the captcha device is working OK, and sensibly it doesn't have the security code in the page code anywhere, only an ID that I guess links into a database.

Are you sure the signups are being created by bots?

Regards
Huggie

[dooper3]

Pretty much, just going on the frequency of them appearing on the site. I can't imagine it's the type of site that would attract fake sign ups anyways. I've heard there are bots about that can "read" the security images anyway.

[fert]

you should make your own bot images. that have two text strings

[tippy_102]

The spam bots are very annoying...and smart - the phpbb captcha doesn't even slow them down.  While waiting for the phpbb authors to change the captcha (I have no idea if they plan to do this), you may want to employ some of the options suggested here: http://www.phpbb.com/phpBB/viewtopic.php?t=427852