WordPress.org

Ready to get started?Download WordPress

Forums

s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members)
anti-spam - silent captcha - via registration form? (6 posts)

  1. bobeaston
    Member
    Posted 1 month ago #

    First: please DO NOT suggest the use of ANY form of visible CAPTCHA. My goal is NO visible CAPTCHA of any type.

    Second: this is about s2Member "Registration/Profile Fields & Options." I'm concerned only about blocking spam bots from registrations. No worries about comments (Thank You Akismet!)

    Assumed: hidden empty input fields work well. Humans don't see them and they stay empty. Bots fill in everything. A bot will fill in a tempting field ... and if I can see a value in that field, I'm relatively certain it is a spam registration.

    Question: s2Member's Registration/Profile fields offer a lot of capability (THANKS), but what is the right combination of options to:
    1. Make the field and its label invisible to the user.
    2. Keep the field invisible from profile editing.
    3. Ensure data entered by a bot IS visible to me ... in the Users panel.

    https://wordpress.org/plugins/s2member/

  2. Cristian Lavaque
    Member
    Plugin Author

    Posted 1 month ago #

    Well, making the field completely hidden probably won't help with the bots...

    What you could try is have it visible and require a particular format for its value, so a bot will get it wrong but a human will be fine. WP Admin -> s2Member -> General -> Registration/Profile Fields -> Edit field -> Expected Format

    If that's not good enough, you could try an antispam plugin that doesn't show up in the interface, e.g. CleanTalk. http://wordpress.org/plugins/cleantalk-spam-protect/

    I hope that helps. :)

  3. plannb23
    Member
    Posted 1 month ago #

    I just did something like this

    Enter the two digit solution to 4 + 3 + 2 + 1

  4. bobeaston
    Member
    Posted 1 month ago #

    Sorry Christian, but there's a huge amount of experience that shows bots are very capable of filling hidden fields. Bots don't use regular browsers. Using hidden fields is a heavily recommended technique. All I'm asking is how to have one, as a Registration/Profile Field, that is hidden on the regular form at registration time, that is hidden from users doing profile edits, but visible in the WordPress Users panel.

    and, NO, I don't want to pay to run everything through a service like cleantalk.

  5. Cristian Lavaque
    Member
    Plugin Author

    Posted 1 month ago #

    Well, you can try setting the field's "Allow Profile Edits" set to "No (uneditable/invisible during/after registration)". See if that works.

    Of, if you're using pro-forms, you could try adding the field in a custom template. http://www.s2member.com/kb/pro-forms/#custom-data-w-pro-forms

    If you're using wp-login.php you could find another anti-spam plugin that doesn't add stuff to the interface, I'm guessing there may be one that doesn't charge. http://wordpress.org/plugins/search.php?q=spam+registration

  6. bobeaston
    Member
    Posted 1 month ago #

    Thanks Christian!
    That's the setting I guessed would work, but am not quite sure ... yet.

    It is indeed hidden on the form the visitor sees, and on their profile editing form when they are logged in. Good! It is visible to admins in the User panel, and when editing the user's profile via the admin panel. Also good!

    I've labeled the field "Repeat email" and titled it "repeat_email." That is a "honey pot" approach. Now, we wait for the bots to show up.

    Thanks again, Bob

Reply

You must log in to post.

About this Plugin

About this Topic