• Ingame Name: Xalius
• Which server is this suggestion for?: Not a server, but your website.
• What would you like to add?: Google Recaptcha instead of Areyouhuman spambot countermeasure.
• How would it benefit the server/why do you want to add this?: Improve the website performance and completely shut out spambots.
• Would it be exploitable, and if, how could we make it non-exploitable?: Google Recaptha is a very solid spambot countermeasure, I would daresay it's almost flawless. If anything additional could be done to improve the registration system I'd say you should check if the registration code validates user input using client-side elements (JavaScript, jQuery etc.) or server side-elements (PHP)

Additional notes:

As I mentioned in my introduction post I am a graduated web-developer, while I was by far not the best in my class it's still a subject I am very interested in and become better at, so the temptation to explore flaws and weaknesses in websites is almost impossible for me to resist. Back when I was still an aspiring web developer, finding these flaws was something we did for sport on a regular basis to each other in my class and it has been proven to be a very useful trait to keep up to date - to find and fix potential flaws on a website.

To bring myself back to the topic of this thread, I recently came across the list of users on this forum and decided to see who was registered. To my surprise I found out that the list of users was literally flooded with spambot accounts - each created in a matter of a few minute's interval.
While I am aware these registrations are about a year old, it's still something that happens very regularly on this website (note the join date and last online dates - often the work of spambot generators).

So what can be done about this?
If anyone else in this community is a web based programmer or know a thing or two about the subject, you and I both know and can agree that fighting spambots is a fight that is still being tirelessly fought to this day and many features and implementations have been added over the years to fight this menace; while some methods work, some may not always and in this case it would seem your spambot countermeasure from areyouahuman.com is not doing an optimal job.
By simply using a Google Chrome extension such as Web Developer, you can disable essential website resources such as plugins and JavaScript functions.

I am an avid user of the Web Developer extension and by disabling the resources I mentioned I was able to trick the registration system on Zarpgaming.com (I hope you aren't going to be mad at me, only made one account to see if I was right) and avoid the spambot countermeasure - rendering areyouhuman spam checker completely useless.
While it is always possible to disable JavaScript elements from a website, spambot countermeasure systems shouldn't depend on these kinds of elements to keep its most essential mechanics intact and that is what I am suspecting your current spambot system is.

To sum everything up, I would wholeheartedly recommend that you switch over to Google's ReCaptcha spamchecker. I can tell from personal experience, it has never let me down and it does a very solid job in keeping the most annoying spambots at bay from your website.
You should also consider making users validate their newly registered accounts with a link sent to their email they associated the account with upon registering - a second layer of security that renders an account useless unless it's validated by the user themselves.

I hope you found my suggestion to improve your website's security functions useful and if you need any help or have any questions, I'll be glad to help and again, I am very sorry to have created a useless account to verify my theory - I hope you can forgive me for that.

Any additional information either to add what I've already written or to correct me on certain parts are more than welcome!

[ul] [li][b]Ingame Name:[/b] Xalius[/li] [li][b]Which server is this suggestion for?:[/b] Not a server, but your website.[/li] [li][b]What would you like to add?:[/b] Google Recaptcha instead of Areyouhuman spambot countermeasure.[/li] [li][b]How would it benefit the server/why do you want to add this?:[/b] Improve the website performance and completely shut out spambots.[/li] [li][b]Would it be exploitable, and if, how could we make it non-exploitable?:[/b] Google Recaptha is a very solid spambot countermeasure, I would daresay it's almost flawless. If anything additional could be done to improve the registration system I'd say you should check if the registration code validates user input using client-side elements (JavaScript, jQuery etc.) or server side-elements (PHP)[/li] [b] [/ul]Additional notes:[/b] As I mentioned in my [url=http://zarpgaming.com/index.php/forum/7-introductions/33644-salutations-everyone]introduction post[/url] I am a graduated web-developer, while I was by far not the best in my class it's still a subject I am very interested in and become better at, so the temptation to explore flaws and weaknesses in websites is almost impossible for me to resist. Back when I was still an aspiring web developer, finding these flaws was something we did for sport on a regular basis to each other in my class and it has been proven to be a very useful trait to keep up to date - to find and fix potential flaws on a website. To bring myself back to the topic of this thread, I recently came across the list of users on this forum and decided to see who was registered. To my surprise I found out that the list of users was literally flooded with spambot accounts - each created in a matter of a [url=http://i.imgur.com/2WlKfTx.jpg]few minute's interval[/url]. While I am aware these registrations are about a year old, it's still something that happens [url=http://zarpgaming.com/index.php/user-list?limitstart=0]very regularly on this website[/url] (note the join date and last online dates - often the work of spambot generators). [b]So what can be done about this?[/b] If anyone else in this community is a web based programmer or know a thing or two about the subject, you and I both know and can agree that fighting spambots is a fight that is still being tirelessly fought to this day and many features and implementations have been added over the years to fight this menace; while some methods work, some may not always and in this case it would seem your spambot countermeasure from areyouahuman.com is not doing an optimal job. By simply using a Google Chrome extension such as [url=https://chrome.google.com/webstore/detail/web-developer/bfbameneiokkgbdmiekhjnmfkcnldhhm]Web Developer[/url], you can disable essential website resources such as plugins and JavaScript functions. I am an avid user of the Web Developer extension and by disabling the resources I mentioned [url=http://zarpgaming.com/index.php/forum/profile/3430-awdawdawdawd]I was able to trick the registration system[/url] on Zarpgaming.com (I hope you aren't going to be mad at me, only made one account to see if I was right) and avoid the spambot countermeasure - rendering areyouhuman spam checker [url=http://i.imgur.com/tsD4MUH.jpg]completely useless[/url]. While it is always possible to disable JavaScript elements from a website, spambot countermeasure systems shouldn't depend on these kinds of elements to keep its most essential mechanics intact and that is what I am suspecting your current spambot system is. To sum everything up, I would wholeheartedly recommend that you switch over to [url=http://www.google.com/recaptcha]Google's ReCaptcha[/url] spamchecker. I can tell from personal experience, it has never let me down and it does a very solid job in keeping the most annoying spambots at bay from your website. You should also consider making users validate their newly registered accounts with a link sent to their email they associated the account with upon registering - a second layer of security that renders an account useless unless it's validated by the user themselves. I hope you found my suggestion to improve your website's security functions useful and if you need any help or have any questions, I'll be glad to help and again, I am very sorry to have created a useless account to verify my theory - I hope you can forgive me for that. Any additional information either to add what I've already written or to correct me on certain parts are more than welcome!