Hi (further to my previous post about bogus email reg.)
I have an open 1.9 site which I have to leave running for now. In spite of Captcha being enabled bogus accounts are created on a regular basis. I don't know what they hope to achieve because all profile fields are blocked against links and the accounts never create any activity. I delete them daily.
My idea: How about including a security question based on the content of the site alongside the captcha? My site is open to browse with content to of a fairly academic nature and a question related to the content would probably defeat a 'bot' or any moron who is creating the accounts by hand. The offer of creating an account is only relevant to those who have an interest in the content anyhow.
Does anyone have a suggestion for a PHP patch to include in signup.php ?
Putting the questions and answers in the Database is beyond me. Would they be secure in an Array of some kind?