Most phpBB bots are pretty basic. Even if you have a bot that can beat the CAPTCHA, the bot will be confused if you make a simple modification to the sign up form.
On the actual sign up form you would put something like this:
Then in the PHP code that processes the form you have some simple code like this:
Code:
if($_POST['f23dfg56er2r'] != "2r3e6f3x2s30") {
die("Go to hell");
}
The bots don't actually parse the sign up form as far as I can tell (perhaps except to get the CAPTCHA), they just attempt a registration using the pre-defined variable names which are expected.
EDIT: Of course this still does not stop human spammers.
Does the forum have e-mail verification? I suppose that's easily broken.
What about asking the person a question about Macs? Something simple that almost anyone interested in this forum would know, but something that a chinese kid getting 10¢/hr to spam forums wouldn't.
Q: A Power Macintosh 4400 contains what kind of CPU?
1. 68K (the chinese might see this in the name of the forum and pick this choice and fail)
2. PPC
3. SPARC
4. POWER4 (they might equate POWER Macintosh 4400 with this)
5. INTEL (maybe they know the latest Macs have Intel chips.)
If the user fails the question then they are directed to email
blablabla@68kmla.org for moderator assistance.
