Captcha: Sprites, Minefield and Licensing
I want to present three copyright ways to organize anti-spam protection. The first is based on CSS sprites technology, the second on a narrow specialization of bots, and a third on email notifications.
The essence is a simple image with captcha contains 20–30 characters, only 4–5 of them going in succession are code, they start with the 1st character, then the 20th, in general, with an arbitrary, the rest is garbage, using the background positioning in the layer, only the necessary characters are visible . A person will enter them, the bot will recognize and enter all 30. Voila! ;)
It is well known that all bots use field names such as name, email, message, etc. an option would be to create fields with a random name, for example “AjHA8”. For each session random names are generated. This method has two minuses:
To avoid problems with autocompletion, the names of the standard name and email fields do not change, but change with checkboxes,radio buttons , lists, text boxes, or buttons (for example, the buttons for sending a message).
Again, the idea is simple: the user enters an e-mail on the sending form, he receives a link to confirm the sending of the message, after confirmation, the user receives a license for 5 messages with this email, if these five messages have no spam, they receive a license for 10 messages , then by 50, 100, 1000, although, I think, after the first hundred you can give him anlim;)
Thus, the user will not get tired of entering a captcha, will not leave your site due to unwillingness to register and will not spam it., 3
1 - after writing the article, I thought that this method had already occurred to someone. 2
2 - after writing the footnote, I thought that the other methods, probably, had also already come tosomeone ;)
3 - this scheme works for registered users, if needed.
CSS sprites 1
The essence is a simple image with captcha contains 20–30 characters, only 4–5 of them going in succession are code, they start with the 1st character, then the 20th, in general, with an arbitrary, the rest is garbage, using the background positioning in the layer, only the necessary characters are visible . A person will enter them, the bot will recognize and enter all 30. Voila! ;)
Minefields
It is well known that all bots use field names such as name, email, message
- Autocomplete does not work.
Bots-plug-ins will be able to calculate the field via javascript.
To avoid problems with autocompletion, the names of the standard name and email fields do not change, but change with checkboxes,
Licensing
Again, the idea is simple: the user enters an e-mail on the sending form, he receives a link to confirm the sending of the message, after confirmation, the user receives a license for 5 messages with this email, if these five messages have no spam, they receive a license for 10 messages , then by 50, 100, 1000, although, I think, after the first hundred you can give him anlim;)
Thus, the user will not get tired of entering a captcha, will not leave your site due to unwillingness to register and will not spam it., 3
Note
1 - after writing the article, I thought that this method had already occurred to someone. 2
2 - after writing the footnote, I thought that the other methods, probably, had also already come to
3 - this scheme works for registered users, if needed.
')
Source: https://habr.com/ru/post/27815/
All Articles