The success of my anti spam measure
Spam is one of the worst things about the Internet. It frustrates me to no end to read a great online article, only to have the comments at the end swamped in a mindless list of advertisments. It seems anywhere you accept user input, spam can be inserted. There are many different ways to combat spam, with CAPTCHAs seeming to be the most used. I often find these cryptic images awful to use, and frustrating to have to fill out.
I have found that reCAPTCHA seems to be the best - it's premise dictates that it should be OCR proof - i.e. it only shows words that an OCR could not decipher. It also has the added benefit of helping transcribe old books to digital media. What some people might not know about reCAPTCHA too is that only one of the words have to be correct - one word is already OCR'd and known, and the other is a word that couldn't be translated. It could be that a lot of words are being failed to be deciphered correctly because they got one of the words correct. ReCAPTCHA is the best CAPTCHA, but still a pain.
When I first launched my site, I was hit by a huge wall of spam with the comments section. At first, I thought I could go on only approving valid comments, and trashing the spam. This grew tedious however, so I rolled my own anti spam measure that to this day has prevented every bit of spam. The downside is that it will only work for unpopular sites - it will only capture primitive automated attempts. If someone really wanted to spam my site, it would be rather trivial. I am lucky I am not worth their time!
The anti spam is very simple. In my comments form, I ask for Name, Email, URL and Comment. There is also another field, that says Type Alex. If a comment is submitted without that field having the word Alex, it is marked as spam and rejected. To make the user experience easier, I automatically add Alex to that input field and hide it with CSS if JavaScript is enabled. It turns out most of these spam bots are just parsing the HTML and submitting forms in that way - they are not using JavaScript powered browsers.
Feel free to examine my source to see my implementation - just a few procedural lines in jQuery. Good luck with your spam fighting!
Comments
andyk
Posted on Thursday, 3rd December 2009 @ 1:29pm.nice!
Alexander Dickson
Posted on Monday, 30th November 2009 @ 11:45pm.@nickf I remember when Jeff had that... I was wondering when someone would defeat it (considering how wide spread his blog is).
I have also incorporated on a client's site a simple question What colour is grass?. I then do a simple
if (strcasecmp(trim($userInput), 'green')) == 0) return true.nickf
Posted on Monday, 30th November 2009 @ 11:40pm.hehe no but really, that's a very easy and completely unobtrusive way to solve 99.9% of the problems! good work. For quite some time, Coding Horror used to have a "captcha" on its comment section which was always "orange". It's changed to a proper captcha now, so maybe it didn't work out in the end, but still!
nickf
Posted on Monday, 30th November 2009 @ 11:24pm.FREE CIALIS
Leave a Comment
Note: Your comment may require approval before it is posted to the site.