Sunday, January 29, 2006

Save your websites using CAPTCHA


Save your websites using CAPTCHA

Webmasters have frequently lamented of their websites getting junk submission forms.. Business Development Managers accuse system administrators and network administrators for poorly configuring thier email server and hence they are getting voluminous amount of spam messages.

Unfortunately, the truth is otherwise. Whatever you configure in your network, the spammers and phishers have more sophisticated spam robots which can travel across the web navigating through the hyperlinks. If they encounter an email address of the form mailto:, they add to thier catalog. If they encounter forms, they just try to flood it with these submissions. The net result of these spoof submissions is that in case of blog comments, you get a lot of junk text. In case of serverside processing, you get junk email.

It is not very difficult to combat this menace. There is a new technology called CAPTCHA, which provides generation of dynamic numbers and text, which are rendered as images and saved in the serverside session. Now the form-filler has to visually see this form, fill it in the adjoining text box and submit it. To further secure the dynamic nature of this, the images and text in the images are so much generated with random shapes so as to ensure that only a human eye can decipher it and not a computer program or a spam robot.

Typical examples where you can find CAPTCHAs are:
  1. Google Blogger Comment (The blogger should have enabled it from his blog control panel).
  2. MSN Hotmail/Yahoo or other most webmails' signup forms. MSN Hotmail, I guess, also has an audio to spell out the digits for the visually challenged people.

Now comes the question. How to implement this CAPTCHA for simple websites. Is this too complicated. No not all. There are very many open source CAPTCHA applications, which you can download, modify and use for yourself. If you are bit afraid of modifying code, there are a lot of free remotely hosted CAPTCHA services too, which offer you free service but for a link back or an advertisement to support them.

Here are a few of them.

Source CAPTCHA implementations:

  1. CAPTCHA Image by BrainJar.
  2. CAPTCHA Control for ASP.NET by LordFKiller
  3. CAPTCHA Webservice by Massimo Beatini
  4. CAPTCHA from WebWizGuide.

Remotely hosted CAPTCHA implementations:

  1. CAPTCHAS.NET (This also supports Audio CAPTCHA like in MSN Hotmail)

Tutorial on CAPTCHA (for PHP)

  1. ICEMelon Tutorial

No comments:

[Imported from Blogdrive]Online Virus Scanners

Online Virus Scanners Virus Scanners are no longer difficult to install, tedious to configure. There are easy to use Online Virus Scanne...