Why not just filter the links out? It’d be way easier for someone to just do it instead of just doing weird captchas.
5 Likes
It currently makes users under the required age do more puzzles (Which can be specified). In the next update I’m adding a second option to allow users over an age or playtime to bypass verification.
This is what I do currently, but like I said, it’s only a matter of time before the bots bypass this. google(dot)com is an obvious example of a URL filter bypass, but there are too many ways to block them all.
1 Like
Their are over 2 thousand different dot address types and more being added. It’s simply impossible to stop all links.
I may add an extra feature that allows developers to add blocked text/links.
Hi, this is an awesome system and is very intuitive. However, I came across a bug that can bypass the system (sort of)
Maybe this video will speak for itself:
Also, instead of restricting this Captcha system to only the chatbox, maybe have it so that you have to do the puzzle before accessing the entire game (possibly the GUI covers the whole screen)?
2 Likes
Thank you! I’m working in a game-wide version as many devs only want to block the chat (So I didn’t want to impose it game-wide). I’m also most likely going to change the mute system. I will probably manually check on every client if a player is verified and if not delete the UI element physically as Roblox’s system sucks.
2 Likes
CC: @mutex_lock, @Robot_Engine
I am talking about blocking malicious scam websites. Roblox already provides filtering in chat for your typical websites.
2 Likes
Possible. But I’ve noticed a new link every day for most of these scam websites. Would you really want to update your game every day to keep up-to-date with scams?
This is a neat concept! I have an idea on a better mute system that doesn’t utilize many lines of code. You should try out the RegisterProcessCommandsFunction function of the default chat system. It’s partially documented here, but since Roblox is bad at documenting stuff like this I’ve created a test script that utilizes this function.
--> click the "current client" button in studio on the top bar when the game runs and go to ServerScriptService, this will be created as part of the default chat system.
local serverScriptService = game:GetService("ServerScriptService");
local runner = serverScriptService:WaitForChild("ChatServiceRunner");
local chatService = require(runner:WaitForChild("ChatService"));
local verified = {};
--[[
Try firing a remote event when the captcha is completed (please add valid security if you're going to do this).
And if it's a success add the player's name to this verified array as "true".
Example: verified[player.Name] = true;
]]
chatService:RegisterProcessCommandsFunction("botCheck",function(speakerName,messageObject,channelName)
if(verified[speakerName]) then --> is "speakerName" in the verified table? ex: once verified, do: "verified[player.Name] = true"
return false; --> display message
else
return true; --> don't display message
end
end)
This code actually works, but it’s up to you to add the other part of it if you want to. Good luck!
3 Likes
This is extremely helpful! Thank you! I’ll be sure to switch my method to this ASAP. 
1 Like
You’re welcome! Good luck with this captcha system, it looks pretty promising 
2 Likes
Thanks!
Quick question where should the script be parented and will this work with my module script setup?
You don’t have to with external databases…
1 Like
You shouldn’t need to add a new script, and it should work with your module setup. If it messes up for some reason, redefine the variables according to the “ChatServiceRunner” you forked in the MainModule.
I believe all you should need to do is:
- Add a “verified” table to the “RoStop” script somewhere at the top
- On the “RunVerify” remote function once the user is going to be unmuted, you can simply do:
verified[Plr.Name] = true - Remove your old mute system (
Events.Mute:Fire("Unmute",Plr.Name)) and make sure to replace it with the verified array thing. - Add the code I sent to the bottom of the script, and when the player tries to chat it’ll check the “verified” table to see if they’re verified. If they are verified it’ll let them send a message otherwise, it won’t let them send a message in the chat.
If that system works, you can just remove your old mute system.
And last thing, regarding @DoctorNO2106’s question:
It’s possible, and it’s very straightforward. You can add this code to the bottom of the “GUICreate” script after “RoStopGUI” is defined.
local modalButton = Instance.new("TextButton");
modalButton.Parent = RoStopGUI;
modalButton.Modal = true;
modalButton.Size = UDim2.new(1,0,1,0);
modalButton.BackgroundTransparency = 1;
modalButton.Text = "";
This creates an invisible TextButton with the “Modal” property and parents it to the main frame, there’s slightly more detail on here. This allows you to move your mouse around in first person on the chat system.
2 Likes
Once again thank you for the help! I don’t even believe I need to define an array as I already have a value stored in the player of if they can chat or not. Being able to remove my mute script will make this much more accessible as-well. Thank you!
Also the modal thing is interesting i’ll add that as well!
1 Like
My alternate solution would be to use the account age, bots should be fairly new accounts and a system that triggers this one-time chat verify system only when you have been in roblox for less than a month. Trust me when I saw the account age used in a game I was a little suprised but more shocked, there are literal to no people who would tell you how old your account is in a story game.
I thought Roblox removed the require() feature, or at least that you needed the script in the game in order to use it. Because people had so many viruses hidden inside, or am I misunderstanding something?
Uhhh no??? Why would they remove that feature? The only issue is that people abuse it, but many of us use it for our own game. You’ve probably heard this as a mistake and/or misunderstanding.
3 Likes
its very cool but hope it wont be like the roblox captcha 
3 Likes
Never do this. Let‘s say you have 2 children that are 5 years old. The first knows Roblox, his friend not. Now, the child who knows Roblox shows his friend, who dosen‘t know it, what is the game. And this motivates the friend to play Roblox, too. And now let‘s say that he just created his account, and the first game that he will play is your game, but then he gets kicked because he is new. This isn‘t good at all, no ones do this. You newer should use the AccountAge for filtering bots, this could be counterproductive. And no, in no case, even top AAA games like Fortnite, RocketLeague and etc. (idk why I said Fortnite or RocketLeague, they are the only games that I have in mind) don‘t solve their bot problems by this way, so you shouldn‘t to it either. If you are willing to sacrifice new players just to stop bots, there are big issues:
-
Who even says that Roblox bans bots? Ok, Roblox may ban bots, but not all. Or just simply: The bot creator creates the bots, waits that the bot accounts are 1 month old or more, and then spamms your game. This would be even heavier for your game, because the malicious programmer had 1 month time to creates a lot of bots.
-
This will ruin the reputation of your game, and by a lot. With this I mean that, if new players can‘t join the game because they are new, then they will spread the information and say that your game is bad because they can‘t play it, and, they are right then. If you buy a game with or just simply want to play a game, but you can‘t because you are new, then the game can be the best made game of all the times but it will remain a bad one. Everyone should be start to play some game, if popular or not
-
Bots simply can change their AccountAge property, and by this I mean that: You have a new bot, that just was created, but when you read the AccountAge propertie, it says more than one year or something other. This is because they can fake properties. This is one of the reasons why speedhackers are difficult to find (if we ignore the physics glitch that you start flying over 999 km/h over the map): They have a Humanoid.Speed of 50 or etc., but when you print this out it says you 16. More informations on @starmaq‘s topic All you need to know about metatables and metamethods in section "
VIII.About exploiting". It‘s the last one.
Now, correct me if I am wrong.
TL:DR: Never rely on AccountAge for important things like this, or you will ruin the fun of innocent people + anyways, this is can be bypassed without too many efforts.
AccountAge property for security checks = very bad
5 Likes