Hi,
I have seen many site asking users/ visitors to enter a certain type of numbers before submitting a form to prevent spam attackers.
How does it work actually? Does it really effective? Or is there any other better solutions to avoid spam attacks?
I am trying to look for tutorial or code to write this part for my blog but still can't find any resources yet...
Please let me know if u have any ideas.
Many thanks,
Lau
Enter the numbers below to prevent spam
Moderator: General Moderators
-
lauthiamkok
- Forum Contributor
- Posts: 153
- Joined: Wed Apr 01, 2009 2:23 pm
- Location: Plymouth, United Kingdom
Re: Enter the numbers below to prevent spam
it does prevent spam bots A LOT to my exp, even if u dont wanna code one, just use reCAPTCHA free
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: Enter the numbers below to prevent spam
It is very easy to write a bot that interprets your spam challenge and answers correctly. The "protection" usually prevents only bots that are created for general spamming, but bots that are targeted at your site will easily circumvent it. CAPTCHAs usually prevent even targeted bots.
Re: Enter the numbers below to prevent spam
I don't like captchas, and not every server has gd installed.
I made myself a simple turing test not long ago.
I maintain a short array of questions and answers:
$q = [27]['What is 3 times nine?'];
$q = [6]['What number is half a dozen?'];
On the page I ask the question (kept in a session), and check the returning value against the key.
Three strikes and they are out.
There are only handful of questions and so far we got no spam thanks to it.
I made myself a simple turing test not long ago.
I maintain a short array of questions and answers:
$q = [27]['What is 3 times nine?'];
$q = [6]['What number is half a dozen?'];
On the page I ask the question (kept in a session), and check the returning value against the key.
Three strikes and they are out.
There are only handful of questions and so far we got no spam thanks to it.
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: Enter the numbers below to prevent spam
That would probably block 99% of non-targeted bots, but any targeted bot will pass it. As the time goes on, the number of targeted bots will increase. Cross your fingers.
Re: Enter the numbers below to prevent spam
One option is to use JavaScript to insert the action attribute of a form. If you are developing a bespoke site, this should do the trick. However, if you are making something to be used across numerous sites it is best to use a captcha. The best one is probably recaptcha, but there are some folks who have cracked it with a decent crack rate.
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: Enter the numbers below to prevent spam
It does not matter if the CAPTCHA you use is broken or not. Only a bot that is targeted at your site may bypass the CAPTCHA, therefore, it would be easier to just copy the email & do the CAPTCHA manually than to write a bot to do that for a specific site...david64 wrote:but there are some folks who have cracked it with a decent crack rate.