1. Changed the number of letters: no effect, after *one* failure the spammer
corrected it. Idea: make the numbers flexible (working on it)
2. added and removed fonts: absolute no effect.
3. renamed img.php, also in helpers.php: spammer needs ca. one hour, than he
uses the new filename (used img1.php - maybe it was to simple). Possible
workaround is to make the name of img.php flexible in helpers.php (ok,
crazy)
4. Change code of image.php so that it did not work as it should: this
interrupts the whole process so no comments are possible for everybody.
Stops the spam temporarily, but
5. Added some code to img.php to log all $_GET, $_POST, $_SERVER, §_REQUEST:
couldn't find any useful info yet. It was going to be obsolete as I ...
6. Switched to SVG: Was taken some time, because I needed to rebuild php.
Good news: **IT WORKS** - at least until now. No spam comes through, IMHO
because img.php is no longer used. Spammer needs a new technique, but looks
like he is working on this.
Conclusion: Don't use the image captcha as with the state of now! The
spammer did successful create (semi-)automated spam posts. On failures he
inspected the Website and implemented corrections. I think the spammer have
some knowledge about dokuwiki.
Usually I'm not but in this case I'm a
believer: The spammer didn't solve the captcha, he creates it.
Another weird thing I saw is, that with the image captcha the code didn't
change anymore. It was always the same for a page, and it was not a caching
issue with the browser. Perhaps it is a caching issue of dokuwiki. Don't
know, even I have ~~NOCACHE~~ inside the most pages.
@Andi: many thanks for your assistance! Now you can enjoy your weekend -
hopefully ;).