Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#225785 - 04/07/2004 00:11 Protecting a web page using human character recognition?
AndrewT
old hand

Registered: 16/02/2002
Posts: 867
Loc: Oxford, UK
I want to protect a part of a website from bots and other automated "crawlers" with a form of human character recognition (sic).

The page can be either php or, I think, Asp on Linux. I'm assuming this has been done tons of times before and considering that I know s h i t about php, a semi-turnkey solution would be preferable

To (attempt to) clarify what I'm looking for I'll give an example:
-> The page displays a randomized prompt such as [1] [7] [0] using 3 bitmapped cells
-> The user user types "170" into an html <input ..> field and hits a submit buttom to proceed to the destination page. If the user gets it wrong they are returned to a new randomized prompt where they can try again to type in the new number <rinse & repeat until they get it right>.

I've seen this on various signup pages for anonymous web-based email accounts and the suchlike before (not that I can readily find an example to help explain my request here, typical!.

Can anyone point me in the right direction please?

Top
#225786 - 04/07/2004 05:21 Re: Protecting a web page using human character recognition? [Re: AndrewT]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
While I lack any specific recommendations, be aware that some proxies may cause users grief. The one at work likes to overcache, and this has led to me getting the same image when retrying one of these things, even though the server since changed it to something else. Caching the last few for a particular issue if they hit back to retry a typo might be a good idea.

Top
#225787 - 04/07/2004 23:42 Re: Protecting a web page using human character recognition? [Re: AndrewT]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
Never used it, but this PHP class looks pretty good.
_________________________
Bitt Faulk

Top
#225788 - 05/07/2004 05:09 Re: Protecting a web page using human character recognition? [Re: drakino]
Roger
carpal tunnel

Registered: 18/01/2000
Posts: 5683
Loc: London, UK
Quote:
While I lack any specific recommendations


Not to hijack this thread unduly, but I'm considering doing something similar in ASP.NET.

However, I'm leaning towards having people sign up with an email address -- they'll get a validation link to click on in the email.

Any thoughts about the pros and cons of the two approaches?
_________________________
-- roger

Top
#225789 - 05/07/2004 07:13 Re: Protecting a web page using human character recognition? [Re: Roger]
andym
carpal tunnel

Registered: 17/01/2002
Posts: 3996
Loc: Manchester UK
i saw a signup sheet that featured a word displayed in a picture to stop automated processes scanning the email and automatically logging it.
_________________________
Cheers,

Andy M

Top
#225790 - 05/07/2004 07:19 Re: Protecting a web page using human character recognition? [Re: andym]
Roger
carpal tunnel

Registered: 18/01/2000
Posts: 5683
Loc: London, UK
Quote:
..to stop automated processes scanning the email and automatically logging it.


Er, I'm not sure I understand what you mean, Andy.

These things are designed to stop comment spam, as I understand it. I'm doing a website where people have to sign up, but there's no comments as such. I'm just wondering if I should go the whole hog and do the character recognition thing, or whether the email confirmation is fine.

The way I figure it, most spammers don't have email systems, or is that just for the bots, and the harvesting does use it? Anyone got any numbers?
_________________________
-- roger

Top
#225791 - 05/07/2004 08:40 Re: Protecting a web page using human character recognition? [Re: Roger]
andym
carpal tunnel

Registered: 17/01/2002
Posts: 3996
Loc: Manchester UK
I signed up to a picture uploading service which when I registered an email appeared which sent me to a page on the site to authenticate the registration. On that page was an image (jpeg) with a key word in it. All the page wanted to do for you to read the word and type it into a form on the page. Apparently their service had been 'spammed' whereby a bot was continually registering accounts using them to host pictures of a dubious nature. By putting the word into an image the bot can't read it.

Sorry if the first post didn't make much sense, it was written during a particularly tedious phone conference.
_________________________
Cheers,

Andy M

Top
#225792 - 09/07/2004 13:23 Re: Protecting a web page using human character recognition? [Re: wfaulk]
AndrewT
old hand

Registered: 16/02/2002
Posts: 867
Loc: Oxford, UK
Thanks for the suggestion, it does exactly what I need.

It also appears to work ok through caching proxies too.

Top