Don’t Want Comment Spam? Roll Your Own CAPTCHA
For quite a while, I’ve been using Authimage with Veriword as my CAPTCHA system. It was working well for a while, but soon the spammers found way around it. With one of the latest Wordpress upgrades, Authimage stopped working, not allowing anyone to post comments, except spammers! Somehow Authimage began doing the opposite of what it was suppossed to do. So, I decided to roll my own CAPTCHA using a combination of Flash and PHP.
I would love to open source my work, and give it to the public. But, the truth of it is, if everyone started using it, the spammers would find a way to break through it. So, my recommendation to everyone is, read up on how CAPTCHAs work, and build your own.
There’s no need to make your CAPTCHA hard to read, either. I’ve found that using Flash to display your image is one of the best ways to do it. Another idea may be to use a series of images, or even text, but arrange it in the proper order using dynamically generated CSS. Or, you could use a series of transparent GIFs, overlayed one on top of the other. Anything to make it hard for a computer to read. As long as you choose an original recipe that no one else is using, it won’t be worth it for the spammers to try and break it.
[...] After reading NeuroFuzzy’s post on preventing comment spam, and reading a bit about CAPTCHA systems, I thought I would roll my own. It won’t work if you don’t have Flash, but it won’t break anything if you don’t; you just won’t be able to comment. So few people read this, anyways, that I don’t think it’ll be much of a problem. I lump comment spammers in there with regular old everyday email spammers and people who send junk mail: they’re human trash. Anything that I can do to circumvent them, I’m happy with. [...]
Pingback by OMdCLog » Don’t Want Comment Spam? Roll Your Own CAPTCHA — 7/17/2006 @ 11:33 am