Hackers just skip captcha?

  • So the plugin works pretty good for spammers, but hackers are my real issue.

    I’ve had 67 attempts on one of my sites in the last few minutes, they just bypass the captcha.

    my other site is the same way, he’s been at it since yesterday actually.. I’m over 100 attempts now, but he just bypasses the captcha.

    I have log posts plugin that works great, it tells me all the info of someone trying to login.

    When I login it shows the info including the captcha, but when a hacker tries there’s no captcha.

    The plugin also blatantly tells me they skipped it sometimes.

    I have new registrations disabled and this is part of what it says when someone tries to register:

    [captcha_code] => skipped

    This is one of the main reasons I wanted this plugin, but it doesn’t seem to be working on the login page for the hackers, only I’m stuck using the captcha to get into my own site.

    Any ideas as to what’s going on? or how to make them not bypass it?

    https://www.ads-software.com/extend/plugins/si-captcha-for-wordpress/

Viewing 4 replies - 1 through 4 (of 4 total)

  • Which form are they hacking?
    comments, registration, lost password, login?

    I am currently working on this plugin right now to see if I can make improvements.
    Please contact me directly if you want to give me more details that can help me make this better.

    Thread Starter KristoferB

    (@kristoferb)

    Login and Registration.. i have captcha enabled everywhere

    I would like more information. Please contact me then you can forward me some of those emails. And you can try me new version if you want. I have worked on the login page code all day.

    I released a new version 2.7.6.1 last night because I fixed some bugs and added settings for all the error messages. I also used completely different WP hooks for the login page. (my thinking is these hooks are less likely to interfere with other login plugins, but nothing can be for sure) Anybody who was having trouble with 2.7.6, try 2.7.6.1

    Plugin conflicts can cause a captcha bypass issue. Always test the CAPTCHA feature after installing new plugins.
    If it is not working for you, you must test for a plugin conflict.

    Here is how to troubleshoot which plugin is conflicting:
    Look on the Admin – Plugins – menu.
    Temporarily deactivate (not uninstall) all your other plugins. Leave this one still activated.
    Does it work now? If yes, Activate the other plugins one by one to determine which one conflicts. Which one was it?

    If you still have trouble I need to know:

    What is the error or problem?
    What steps to reproduce the problem?
    Which form is it doing that on? login, comment, registration, or lostpassword
    What version of WordPress?
    What theme?
    Are any other plugins causing it? (deactivate all the others to see if the problem goes away)

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Hackers just skip captcha?’ is closed to new replies.