Spam defense for sites: alternative methods
Spam, he did not appear yesterday. First, he flooded our mailboxes, then made his way to blogs and registration forms. Spam was a parasite, a problem that required an urgent solution. This led to the emergence of several effective, but primitive and double-edged countermeasures, the most famous of which is the captcha. Today, there are more accurate and humane ways of fighting to our services, but captchas still live and limit our freedom on the Net. So let's see what alternatives we have.
Beat the captcha
Those of you who are familiar with the problem of content accessibility on the Web know that captchas are difficult to establish correctly. After all, you need not only their audio alternatives for the visually impaired and the blind (if you have visual captchas, which is most likely), it is also difficult to find captchas that equally successfully oppose machine invasion and human casualties.
')
Even if we leave aside accessibility issues for a minute, the captchas will remain hemorrhoids. No matter how easy it is to properly reproduce or solve them, there is hardly anyone who likes to go through them. This is an additional barrier, and people are not always willing or willing to overcome it, especially when there is no mood or laziness. So, by and large, in the modern web they are simply not needed.
Protection against spam today is not so difficult to annoy users with the vagaries of your anti-terrorism paranoia. Below is a list of the techniques that Niels Matthijs of Onderhond.com uses on his blog.
Flies separately, cutlets separately
In the first place is the method called “honey pot”. This is a very simple solution. You need to add one extra text box in the feedback / registration / comments form and hide it in CSS. Humans will never notice this field, and many spam bots will be delayed simply because they are trying to fill in any available field in the web form. If something was entered in this field, you can assume that you have been attacked by a spam bot.
For better accessibility, you need to add a label with a description of its purpose to this hidden field, so that people using a screen reader or a text browser understand its meaning. To be safe, it is better to refrain from using the words spam or empty in this explanation.
The honey pot is not perfect, and some spam bots are already adapting to it. He faithfully serves Niels and blocks the way to a fair amount of uninvited guests. However, a couple of times his site was attacked by "smart" bots, so it is time to apply more serious measures.
Akismet
Most blog platforms have a selection of plugins that are designed to fight spam. Akismet was originally developed for WordPress, but then quickly offered its services to people using their own platforms. It is a system that evaluates spam based on more intelligent technologies.
Not only automatic analysis technologies are involved in Akismet, but also the testimony of bloggers who mark spam messages that managed to get through the Akismet filter. This is a system that learns, the more people use it, the smarter it becomes. She does not look at how spam was launched, she looks and assesses the message itself.
Akismet, of course, is also not perfect, but it only has the potential to become better over time when more people use it.
Mollom
This is a spam defense technology from the author of CMS Drupal, Dries Buytaert. She, like Akismet, “learns” from webmasters. In addition, Mollom helps determine the quality of content to make the site better; makes moderation faster, and user activity safer.
Already, this technology works for 4000 sites. The system now blocks almost 10 million spam messages with an efficiency of 99.79%. So far, Mollom has plugins for Drupal, Wordpress, Joomla !, Radiant (CMF on Ruby On Rails) and DaliCMS.
Two weeks ago, Mollom came out of beta and got a lot of positive feedback. Mikkel Høgh, for example, says that his experience with Mollom was more effective than he used before (including Akismet).
Do not put all your eggs in one basket.
Akismet and the honey pot are working on Onderhond.com. Akismet and Mollom are good things, but they are services, and the service may unexpectedly fail. Besides, he's not perfect. The "honey pot" spam bot is a little easier to get through, but this technology is easy to install and reliable. From the moment Nils began using both technologies, spam on his website no longer has a place. And the most remarkable thing is that no user has suffered from this. So, advises Nils, throw away the captcha! And make your web forms safer with other, better methods.
based on onderhond.com and mollom.com
Beat the captcha
Those of you who are familiar with the problem of content accessibility on the Web know that captchas are difficult to establish correctly. After all, you need not only their audio alternatives for the visually impaired and the blind (if you have visual captchas, which is most likely), it is also difficult to find captchas that equally successfully oppose machine invasion and human casualties.
')
Even if we leave aside accessibility issues for a minute, the captchas will remain hemorrhoids. No matter how easy it is to properly reproduce or solve them, there is hardly anyone who likes to go through them. This is an additional barrier, and people are not always willing or willing to overcome it, especially when there is no mood or laziness. So, by and large, in the modern web they are simply not needed.
Protection against spam today is not so difficult to annoy users with the vagaries of your anti-terrorism paranoia. Below is a list of the techniques that Niels Matthijs of Onderhond.com uses on his blog.
Flies separately, cutlets separately
In the first place is the method called “honey pot”. This is a very simple solution. You need to add one extra text box in the feedback / registration / comments form and hide it in CSS. Humans will never notice this field, and many spam bots will be delayed simply because they are trying to fill in any available field in the web form. If something was entered in this field, you can assume that you have been attacked by a spam bot.
For better accessibility, you need to add a label with a description of its purpose to this hidden field, so that people using a screen reader or a text browser understand its meaning. To be safe, it is better to refrain from using the words spam or empty in this explanation.
The honey pot is not perfect, and some spam bots are already adapting to it. He faithfully serves Niels and blocks the way to a fair amount of uninvited guests. However, a couple of times his site was attacked by "smart" bots, so it is time to apply more serious measures.
Akismet
Most blog platforms have a selection of plugins that are designed to fight spam. Akismet was originally developed for WordPress, but then quickly offered its services to people using their own platforms. It is a system that evaluates spam based on more intelligent technologies.
Not only automatic analysis technologies are involved in Akismet, but also the testimony of bloggers who mark spam messages that managed to get through the Akismet filter. This is a system that learns, the more people use it, the smarter it becomes. She does not look at how spam was launched, she looks and assesses the message itself.
Akismet, of course, is also not perfect, but it only has the potential to become better over time when more people use it.
Mollom
This is a spam defense technology from the author of CMS Drupal, Dries Buytaert. She, like Akismet, “learns” from webmasters. In addition, Mollom helps determine the quality of content to make the site better; makes moderation faster, and user activity safer.
Already, this technology works for 4000 sites. The system now blocks almost 10 million spam messages with an efficiency of 99.79%. So far, Mollom has plugins for Drupal, Wordpress, Joomla !, Radiant (CMF on Ruby On Rails) and DaliCMS.
Two weeks ago, Mollom came out of beta and got a lot of positive feedback. Mikkel Høgh, for example, says that his experience with Mollom was more effective than he used before (including Akismet).
Do not put all your eggs in one basket.
Akismet and the honey pot are working on Onderhond.com. Akismet and Mollom are good things, but they are services, and the service may unexpectedly fail. Besides, he's not perfect. The "honey pot" spam bot is a little easier to get through, but this technology is easy to install and reliable. From the moment Nils began using both technologies, spam on his website no longer has a place. And the most remarkable thing is that no user has suffered from this. So, advises Nils, throw away the captcha! And make your web forms safer with other, better methods.
based on onderhond.com and mollom.com
Source: https://habr.com/ru/post/41678/
All Articles