Spam Hurdles Module (CAPTCHA's and other anti-spam tools)
Posted by Maurice Makaay
Re: Spam Hurdles Module (CAPTCHA's and other anti-spam tools) February 01, 2007 09:50PM |
Registered: 21 years ago Posts: 687 |
One other option - use Phorum's feature of moving the "reply" input box to a separate screen. This will dramatically reduce the number of CAPTCHAs generated.
I've done this on my site, ever since the first version of this module took my server down repeatedly with tens of thousands of files.
If you can't bear to do that, hacking the module to remove the duplicate data in each record stored shouldn't be too hard.
For example, this is what is stored in the phorum_spamhurdles.data field:
I'm thinking that :
freedman's idea of reusing CAPTCHAs sounds intriguing to me...
/\dam
--
My notable Phorum sites:
Movie Deaths Database - "review comments" system mostly powered by Phorum
Learn Chinese! - integrated forum quiz
I've done this on my site, ever since the first version of this module took my server down repeatedly with tens of thousands of files.
If you can't bear to do that, hacking the module to remove the duplicate data in each record stored shouldn't be too hard.
For example, this is what is stored in the phorum_spamhurdles.data field:
a:6:{s:11:"create_time";i:1170371608;s:3:"key";s:32:"a49cbf62f689d48353dd314081353828";s:9:"form_type";s:7:"posting";s:16:"prev_key_expired";b:0;s:13:"captcha_class";s:15:"captcha_maptcha";s:7:"captcha";a:7:{s:8:"question";s:32:"Question: how much is 19 plus 6?";s:6:"answer";i:25;s:15:"input_fieldname";s:10:"k2i1tq8a75";s:11:"spoken_text";s:0:"";s:9:"html_form";s:549:"<div id="spamhurdles_captcha"><div id="spamhurdles_captcha_title">Spam prevention:</div><div id="spamhurdles_captcha_explain">Please, solve the mathematical question and enter the answer in the input field below. This is for blocking bots that try to post this form automatically.</div><div id="spamhurdles_captcha_image">Question: how much is 19 plus 6?</div><label for="spamhurdles_captcha_answer_input">Answer: </label><input type="text" name="k2i1tq8a75" id="spamhurdles_captcha_answer_input" value="{FIELDVALUE}" size="3" maxlength="2" /></div>";s:15:"html_after_form";s:0:"";s:5:"error";s:90:"You did not provide the correct answer for the spam prevention question. Please try again.";}}
I'm thinking that :
<div id="spamhurdles_captcha"><div id="spamhurdles_captcha_title">Spam prevention:</div><div id="spamhurdles_captcha_explain">Please, solve the mathematical question and enter the answer in the input field below. This is for blocking bots that try to post this form automatically.</div><div id="spamhurdles_captcha_image">and
You did not provide the correct answer for the spam prevention question. Please try again....could be hardcoded into the module for a start, which would reduce the data by approx 30%.
freedman's idea of reusing CAPTCHAs sounds intriguing to me...
/\dam
--
My notable Phorum sites:
Movie Deaths Database - "review comments" system mostly powered by Phorum
Learn Chinese! - integrated forum quiz
Re: Spam Hurdles Module (CAPTCHA's and other anti-spam tools) February 02, 2007 03:28AM |
Admin Registered: 20 years ago Posts: 8,532 |
For generating captcha's, I am using a class based system. So for the example above, I load the base class and the maptcha class and create an object using that. After that, the object will generate the code to display on screen for that specific captcha. For performance, I only want to use the captcha modules for generating this data and after that letting Phorum cache it in the database.
If you guys are really this much into shrinking the size of the table for the spam hurdles mod, then I could create an option in the admin interface for configuring whether the object generated data should be cached or not. If not, then a couple of fields could be left out of the data. Personally, I feel more for the approach of reusing captcha's, since that would bring down the number of times that a captcha object has to generate its data.
Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce
If you guys are really this much into shrinking the size of the table for the spam hurdles mod, then I could create an option in the admin interface for configuring whether the object generated data should be cached or not. If not, then a couple of fields could be left out of the data. Personally, I feel more for the approach of reusing captcha's, since that would bring down the number of times that a captcha object has to generate its data.
Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce
Re: Spam Hurdles Module (CAPTCHA's and other anti-spam tools) February 02, 2007 07:54AM |
Registered: 21 years ago Posts: 687 |
Just to clarify, I was just trying to help milos, I don't have strong views on the redundant data in the table. However, I host with a provider that is very "tight" with diskspace too, so I do have some sympathy with his position!
/\dam
--
My notable Phorum sites:
Movie Deaths Database - "review comments" system mostly powered by Phorum
Learn Chinese! - integrated forum quiz
I agree wholeheartedly. That could shrink DB storage by a large amount, and still provide decent protection against spammers. Users could tweak the scale of the reuse according to their needs.Quote
Personally, I feel more for the approach of reusing captcha's, since that would bring down the number of times that a captcha object has to generate its data.
/\dam
--
My notable Phorum sites:
Movie Deaths Database - "review comments" system mostly powered by Phorum
Learn Chinese! - integrated forum quiz
Re: Spam Hurdles Module (CAPTCHA's and other anti-spam tools) February 02, 2007 10:05AM |
Admin Registered: 20 years ago Posts: 8,532 |
Oh, that's not the kind of reuse I was thinking of. Reuse can only be done in a sane way if the captcha wasn't used for posting some data to the server. As soon as a captcha is used (for either registration or posting), the captcha can no longer be valid and a new one must be generated.
Reuse of a captcha would be valid in the situation where a user is reading a lot of pages with the reply form on the same page, without doing an actual reply. There's no problem in presenting the same captcha over and over again then.
Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce
Reuse of a captcha would be valid in the situation where a user is reading a lot of pages with the reply form on the same page, without doing an actual reply. There's no problem in presenting the same captcha over and over again then.
Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce
Re: Spam Hurdles Module (CAPTCHA's and other anti-spam tools) February 02, 2007 10:07AM |
Admin Registered: 21 years ago Posts: 9,240 |
Re: Spam Hurdles Module (CAPTCHA's and other anti-spam tools) February 02, 2007 10:47AM |
Admin Registered: 20 years ago Posts: 8,532 |
Yes, you are right, I don't know how many people would work like this, but for those this might be a bad idea.
Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce
Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce
Re: Spam Hurdles Module (CAPTCHA's and other anti-spam tools) February 02, 2007 10:52AM |
Registered: 21 years ago Posts: 687 |
Yes, but the problem of huge numbers of CAPTCHAs in caused by spiders (in my opinion).Quote
As soon as a captcha is used (for either registration or posting), the captcha can no longer be valid and a new one must be generated.
If you could detect a spider and only generate one CAPTCHA for it that would be tremendously helpful. Do spiders accept cookies though?...
They won't lose anything, they'll just have to re-renter a CAPTCHA for their 2nd and 3rd posts :-)Quote
and what if he opens 3 read pages
/\dam
--
My notable Phorum sites:
Movie Deaths Database - "review comments" system mostly powered by Phorum
Learn Chinese! - integrated forum quiz
Re: Spam Hurdles Module (CAPTCHA's and other anti-spam tools) February 02, 2007 11:06AM |
Admin Registered: 21 years ago Posts: 9,240 |
Re: Spam Hurdles Module (CAPTCHA's and other anti-spam tools) February 02, 2007 11:27AM |
Registered: 21 years ago Posts: 687 |
If they are that keen on my site that they are drafting three messages at once, then they aren't going anywhere :-)
--
My notable Phorum sites:
Movie Deaths Database - "review comments" system mostly powered by Phorum
Learn Chinese! - integrated forum quiz
--
My notable Phorum sites:
Movie Deaths Database - "review comments" system mostly powered by Phorum
Learn Chinese! - integrated forum quiz
Re: Spam Hurdles Module (CAPTCHA's and other anti-spam tools) February 03, 2007 02:45AM |
Registered: 18 years ago Posts: 110 |
ahhh, see... here's the problem... I have it on good authority that I have no class :PQuote
mmakaay
For generating captcha's, I am using a class based system.
personally, I'm happy with the module as it is, but I havn't had the need to apply it to every post, it's just used for registrations in most cases...
but if implementing an option to reuse generated captcha's wouldn't be overly time consuming, I think it would be the most efficient and universal solution.
Sorry, only registered users may post in this forum.