Extension talk:QuestyCaptcha

Oh yes!
Thanks a lot. That should be very secure :) --Subfader 12:18, 7 August 2009 (UTC)
 * It won't help you much against a determined vandal with a bot, though. After he gets the Questy answers, he can feed them into the bot and have it wreak havoc. Leucosticte (talk) 09:32, 20 March 2014 (UTC)

oh no!
the download for 1.15.x doesn't contain QuestyCaptcha.php
 * I could confirm this. Ive used 1.16x instead, it seems to work --84.171.29.220 08:56, 4 February 2012 (UTC)
 * Yeah, copying the Questy* files from 1.16 into the version for 1.13 (which also doesn't have them) works as well.
 * I had the same problem. The extension page says QuestyCaptcha is supported by MediaWiki "1.6+ (in theory)", but the download for 1.15.x doesn't contain QuestyCaptcha.php. Tim Smith (talk) 03:41, 1 July 2012 (UTC)

Spam getting past QuestyCaptcha
Hi,

To my great surprise, I'm still getting a few spam edits! I can't find anyone talking about spam getting past QuestyCaptcha, so I thought this might be worth mentioning here. My daily spam is reduced from more than 50 to around 3, so I'm a happy user and I recommend QuestyCaptcha, but I'm puzzled by the trickle of spam that persists.

I guess this means there's a human somewhere in the world targeting my site, which is surprising since my site isn't all that big: en.swpat.org. But if it's a human, I wonder why they so rarely beat the captcha - maybe there's a distributed network of people and only some have sufficient English?

I set QuestyCaptcha up with these two questions:
 * What swims in the sea? (four letters) -> fish
 * Which wooly farm animal says baaaaa? -> sheep

Account creation and all edits require passing a captcha, but logged in users are exempt. I've had it installed for three days and there've been two spam pages created by IP addresses, three spam accounts created, and three pages created by those spam accounts.

(To see the spam edits, you have to show bot edits - I use RecentChangesCleanup to tag spam as bot edits) Ciaran 23:07, 3 September 2011 (UTC)


 * Four months later, my spam is down again from 3 per day to 5 per week. I guess some spammers have removed my site from their lists of spammable wikis. Ciaran 12:19, 29 January 2012 (UTC)


 * I have also seen spammers get past the QuestyCaptcha. Maybe we should do an experiment: set the answer to something random (e.g. password generator output) for a month and see if spammers still gets through (with an email address where humans may ask for the password). If this doesn't stop them, then there is a security problem somewhere. If it does stop them, you can assume that you are fighting a bot using Mechanical Turk or similar. In that case, simply invent a new question with an unique answer every time you catch a spammer. --Maliomero (talk) 11:06, 14 April 2013 (UTC)


 * Add a log to see which questions your spammers are getting answered correctly, then remove or modify the weak question. To log questycapture events edit extensions/ConfirmEdit/QuestyCaptcha.class.php and add the following to the beginning of the keyMatch function:

wfErrorLog( date('Y-m-d H:i:s') . " - {$_SERVER['REMOTE_ADDR']} - {$_SERVER['REQUEST_URI']} - {$info['question']} answered $answer. Correct answer is {$info['answer']}\n", "/home/user/logs/questycaptcha.log" ); 50.53.100.144 19:09, 24 October 2014 (UTC)

Do not support mediawiki 1.18
it shows Warning: preg_match [function.preg-match]: Empty regular expression in /home/public_html/wiki/includes/Linker.php on line 1529 in my wiki. —The preceding unsigned comment was added by Zoglun (talk • contribs)


 * I can't reproduce this. What CAPTCHA questions did you set? —Emufarmers(T 06:10, 27 February 2012 (UTC)

Multiple Answers to a Question
Would like to know if the extension allows for multiple answers to a single question, in the event that the end-user spells it wrong... or even doesn't add a capital letter to a proper noun. -- Joe Beaudoin Jr. (talk) 18:23, 13 March 2012 (UTC)


 * You can provide several acceptable answers to a given question. The answers shall be in lowercase. An example:

--Link0ff (talk) 11:54, 3 April 2012 (UTC)

Extension broken?
I've installed ConfirmEdit with Questy, in my wiki (MW 1.18) but it's not working. I tried creating a new user, but when I do that I succeed without answering the test question! the problem is definitely in Questy, I tried SimpleCaptcha and indeed could not create a user without answering the simple math question. Osishkin (talk) 17:52, 11 April 2012 (UTC)

Rotation
Since the questions rotate, couldn't a spammer figure out the answer to one question, and then have an automated script keep making attempts to pass the CAPTCHA until it came back to that question? Leucosticte (talk) 06:47, 11 November 2012 (UTC)


 * IMO there is no point of having multiple questions that the spammers can choose from. Just a single unique answer should do the trick (exchange it from time to time). And the answer shouldn't be the site's domain name, or things like "5" or "blue" which will be in every dictionary. --Maliomero (talk) 11:06, 14 April 2013 (UTC)

Special page
It shouldn't be too hard to do the special page. Probably Special:Interwiki would be a good one to model it after. Another possibility would be to implement it via an editable wiki page that is only viewable by authorized users, if we ever get some decent access restrictions put in place. This would have the advantage of having a page history for reversion and accountability purposes (since the changes to the questions can't be logged, unless access to those log events is to be restricted). Leucosticte (talk) 06:49, 11 November 2012 (UTC)

Doesn't display in Mobile View
Great extension on the main site.

It doesn't display when trying to 'create a new user' on the mobile site.

Any thoughts? MarkJurgens

Others
--Nemo 08:40, 20 March 2014 (UTC)
 * https://github.com/kiskolabs/humanizer
 * https://github.com/rsanheim/brain_buster
 * https://github.com/danmurf/CI-MathCaptcha

Multiple Answers not working
The Question and Answer Setup section claims it is possible to add multiple answers to a question by putting the answers in an array. This did not work for me. Using multiple answers in an array, I was consistently told I had provided an incorrect answer. Reducing it to one answer as a string, the answer was recognized.

This is with revision 9fd11f947abc9c51d6403f786471b69f4a2212ee; the README references version 1.2 in the changelog. - Renegade 2A02:8108:380:145C:0:0:0:3 22:21, 16 June 2014 (UTC)

Multilanguage questions?
Is there anyway to add translation for questions (make them language dependent)?

The Extension:QuestyCaptcha paage should be merged and deleted.
QuestyCaptcha is part of the ConfirmEdit extension. It is not a separate extension. Content here should be merged into ConfirmEdit's page, and the QuestyCaptcha page should be deleted. It's already got a lot of duplicate information. Yes, it is a module within ConfirmEdit, but based on examples from other extensions which have modules, it should not have it's own page. Ian Kelling (talk) 21:30, 4 September 2014 (UTC)