I'm running a
custom developed forum over at my companies website. The software only gets used there, which has the nice side effect that most spam bots usually ignored the forum. Well, here and there, some bots, which apparently randomly posted stuff in all forms they found on the web got through. But this was removed pretty quickly by adding an own developed
CAPTCHA. I don't like these image based CAPTCHAs, where you need to type barely readable letters, so I came up with an own, simple math based CAPTACHA, which looked like this for example:
What's 3+2-1?
This worked quite well. It is easy to be used by people, and those massive, randomly form posting bots were stopped. But for the last three days, some new bot flooded my forum with posts. Not sure if this was a spam bot (there were no links posted by it), but it was able to break that own, custom developed CAPTCHA. Given the fact that my forum sofware is pretty unique, I think this bot must be quite sophisticated in recognizing forums and even be able to read and answer such math questions. (It only fails in posting the spam URL, maybe that's still a weakness).
So the only, quick fix I could think of for now was a new Captcha. I made it like this:
Please enter the missing letter in: "Admin?stration"
What do you think of this? I hope this works well, and I'm curious if this will hold longer.