Captcha/Spam

Posted by Community Admin on 04-Aug-2018 16:29

Captcha/Spam

All Replies

Posted by Community Admin on 04-Sep-2013 00:00

We are using SiteFinity on a load balanced server. We have a feedback form on hundreds of pages on our site. I get about one real email per day, and around twenty-thirty replies containing nothing but spam. Why is there no Capcha option in SiteFinity 5.3? The amount of spam going through the system is ridiculous. Using a third-party Captcha isn't working due to our server being load-balanced.

Posted by Community Admin on 04-Sep-2013 00:00

You can add it yourself right now
www.sitefinity.com/.../how-to-add-captcha-in-custom-sitefinity-form-builder-

...forms in 6.2 will have captcha out of the box now though (but clearly you'd need to update)

Will that work?

Posted by Community Admin on 25-Nov-2013 00:00

Hi Steve, 

We are looking at updating to v6.2 from 5.2, and one of the main driving factors is the built-in CAPTCHA functionality that you mentioned above.  However, do you know whether or not the built-in CAPTCHA implementation uses JavaScript?

We have the CAPTCHA for Blog Comments turned on in our 5.2 implementation right now, but have found that spam bots are able to get around it (we believe this is due to it being implemented using JavaScript).  

Any thoughts or insight you have would be greatly appreciated!

Thanks,
Alex

Posted by Community Admin on 25-Nov-2013 00:00

I'm not 100% on THEIR implementation, but it uses the RadCaptcha which can check on the server as well...don't see why they wouldn't use it.

You can always validate that with JustDecompile

Posted by Community Admin on 25-Nov-2013 00:00

My alternate solution worked great. I just added an extra text input field into our forms. I gave that input filed a max value of one character and then I hid it using CSS. Robots are stupid and can't help but to fully populate every form field on a page with garbage. Only robots/spammers can inject values into this hidden field, and if there is more than one character the form is not submitted. Since I implemented this easy fix our spam has dropped to almost nothing without bugging our visitors to use a captcha input. I believe this is called a "honeypot" technique.

Posted by Community Admin on 31-Aug-2017 00:00

Thanks John, I like this idea and it's still relevant. I'd prefer not to have to stick captcha on every form we have.  My question is, is there a way to require the field to be blank? We've had a robot that basically inserted 1 character into every filed, so that would get by the max value of 1. It doesn't seem that SiteFinity will allow a max character of 0.

This thread is closed