Authmereloaded: Add captcha to register? Solution for spambot

Created on 2 Sep 2016  路  17Comments  路  Source: AuthMe/AuthMeReloaded

We're having problem with spambots that can register and then full spam server chat.
I thought that register with captcha would help to prevent this... IP ban is not helpful here, because it uses proxy IPs (+ dynamic IPs etc).

Picture of spambot doing task: https://i.gyazo.com/ab3a705b350db0144bba369351e03d68.png

enhancement

All 17 comments

Noncheatplus? xD

Captcha on register would annoy players, we can add it but i don't think it would be good dor your server.

Agree, but on the other hand registering will only be done once per player :)

@ljacqu I would close this as wontfix, is that ok for you?

It's a reasonable feature request. Why are you against it?

but on the other hand registering will only be done once per player :)

You said that, sorry, i'm not against that, but we have to move it to the next milestone

Wow, you're quoting me totally out of context. It was a reply to you saying we shouldn't do it because it will annoy people

Sorry, it's been a stressful week for me xP

Wow, you're quoting me totally out of context. It was a reply to you saying we shouldn't do it because it will annoy people

Sorry i think i didn't understand the context at all, sorry ;)

The sorry's all mine; I didn't have to get so worked up ^^ Sorry :)

I'm stuck at the moment because when a user connects to a server I need to use the RegisterCaptchaManager in ~BungeeService~ LimboService to check if a captcha is required (to set the appropriate message), but at the same time I need to use ~BungeeService~ LimboService inside RegisterCaptchaManager to update the captcha message when the code check has failed (because the code then changes).

So either I split services, introduce a mechanism to have circular dependencies, or I go the cheap way and just set a message on login that doesn't contain the captcha code. I'm not happy with any of those approaches.

Edit: Or I put the registration captcha code on LimboPlayer so I can access it without needing the captcha manager xD

Edit 2: BungeeService -> LimboService

Hi @sgdc3 @games647 @HexelDev, although I'd prefer not to have any circular dependencies I think this might be the best approach for this case here. I don't see any natural way to split the services. What do you think?

@ljacqu Does the captcha service really needs to have BungeeCord access? Shouldn't there only be two cases:

1) player is logged in by the previous server -> force login without captcha
2) player is not logged in -> require register with an independent generated captcha

or do I miss something?

I'm an idiot, sorry, I meant the limbo service. This has nothing to do with bungee :smile:

Hi @Typhome, this is now available with build n. 1897 and above at https://ci.xephi.fr/job/AuthMeReloaded/

Could we ask you for feedback whether we can close this or if something doesn't conform to your expectations?

Hello @ljacqu, I tested this new feature and it works & meets expectations. Thank you. Now this issue is solved, I'll close it.

Thank you for the prompt answer! :)

Was this page helpful?
0 / 5 - 0 ratings

Related issues

iNanmu picture iNanmu  路  6Comments

TheDarkSkill picture TheDarkSkill  路  9Comments

yannicnoller picture yannicnoller  路  4Comments

prefislt picture prefislt  路  6Comments

LoXR picture LoXR  路  3Comments