Hey, List Owners With Captcha, Give Webmasters A Break

[horney]

Both fine, JackDaniels.

[pornhitzman]

Captchas are necessary today if want to protect your site from viagra spammers and such. It's not very fun to wake up in the morning and see hundreds of spam submits. I do agree they are annoying and I've tried other things like banning spammer ips in htaccess but it didn't work at all. The only effective method I know is using captchas.

[Porn Junkie]

I really don't have a problem with them at all, but if more could use the one like hoes.com does, it would be a lot easier.

Like Jim said, if you can't read that one, then you need better glasses

[horney]

Point made, I think. I had a look around those I was having most difficulties with and they are all now readable, so peeps read here. Thanks for a great board, GG&J!

There is nothing inherently wrong with captchas. Hoes is so easy to use I hadn't even registered it as one, which illustrates the point I've been making. If anyone's going to attract the crap as well as the submissions, it's going to be them and a few others. So if a readable one works for them, why were the smaller guys hiding access from the peeps they want to let in?

Anyway, it seems people have been taking note. I just slapped four submissions of (I hope) good sites on one I couldn't even read last week - I had it down as a "don't even bother any more".

[ronnie]

Maybe I have been lucky, but I use to get spammed with crap and spammers and I just added a question and answer on the submit form, which I can change at any time and could be any question. Never had a problem since.

Using the same concept on some blogs.

I know I've seen talk of bots reading images, seems it's caused captcha images to be tougher for even humans to read...

[horney]

Which is why I like your approach, Ronnie. It works, ffs. That's all it takes. For the users, it's easy to read and takes a few seconds. For the webmaster, it's easy to put in, easy to control and easy to change. For the bots, it's impossible.

[ronnie]

I wouldn't say it's bullet proof, thats my question, if they can read images, could they read text? Seems they would have to have some intelligence though. Only time will tell.

I don't know about being easy to put in place. It was easy for me as it is my own script, so I know the code and how it works. Might not be as easy for other scripts. Might be a good suggestion for script owners to give the creators.

Seems captcha "was" a solution.

[Maj. Stress]

Quote:

Originally Posted by ronnie

I wouldn't say it's bullet proof, thats my question, if they can read images, could they read text?

Maybe they can. I'm not sure but you have a pm with a link. See what you think about that.

[horney]

Whoever writes the script to defeat that approach would have to second guess each and every possible question you could ask, get the script/bot they are writing to recognise and distinguish between them, and supply the correct answer.

I wouldn't like to be charged with writing that one! You have found a good solution, ronnie.

[ronnie]

It might be a good solution, but it wasn't my finding. The idea has been around for some time..

[horney]

lol. No need to claim proprietary rights. If it's in the public domain, you can use it.

[Viper]

As a programmer, I can tell you right now that there is currently no way for anyone to stop auto-submitters via your forms.. Captcha can be bypassed and more and more auto-submitters will be building that into their software as time goes on... All these methods really do is push the real submitters away and you end up with primarily auto submitted stuff which will tend to redirect or install exploits etc.

For the idea of putting on a question.. Here's how I would overcome that... First thing I do is reload your form a bunch of times to get a bunch of your question... (a group of guys that auto-submit a shit load could have some lackey check your form a couple times a week and do this as necessary)... Then I put the questions and answers in my DB. Another thing I do is have a script monitor your submit form.. You change it and I get flagged to check it out and see if I need to make changes to my script. So now my autosubmitter goes to your page and if I recognise the question, I submit.. If I don't, then I reload until I find a question I know. If my autosubmitter reaches some threshold of reloads, it stops and flags me so that I have to go to your site and grab a bunch of your new questions... then I reset and away I go again... If you use "simple" questions, I can actually code it in so that I can answer them automatically. Let's say you actually write code to monitor your page to see if the page is reloaded a bunch of times before submitting and you stop that.. no problem, I'll just use some proxies... and the bigger auto-submitters are going to have multiple cheap dial-up accounts to be able to do this stuff as well.

Instead of trying to stop all these auto-submits, ask yourself WHY you want to stop them... Is it because they end up redirecting etc.? Then set up a program to scan your DB to auto-delete sites that end up doing that.. Is it because they change the site? Then implement code to store a CRC32 or MD5 of all 4 pages and then scan the pages and delete the site if they change... Get more active in banning domains, IP blocks, registrars, nameservers and affiliate IDs on the sites... Don't accept sites where the nameserver is some other site or the same as the domain that's been submitted... Don't allow submissions that are coming from servers... And more...

All of this stuff should be part of your DB software and be automatic for the most part. You need to fight technology with technology but just be aware that you will always be behind and playing catchup. I hate cheating submitters and I've been battling these guys for a long time now... I do all of this stuff on my TGPs and it makes a big difference. It's allowed me to keep my submit forms completely open for 5 years now.

By the way.. I'm currently hand submitting some free sites and it's just not cost effective from the amount of traffic/sales that are generated... I'm seriously considering auto-submitting...

[Viper]

I should mention something else I do... If you do decide to continue using something like Captcha, then perhaps you should implement a submitter "rating" system.. For example, on my sites I monitor my submitters... as time passes and they "prove" themselves (or can otherwise show they're not cheaters, gallery spammers etc.), they get to move up in the listings and get relaxed rules. So for example, if you have submitters that you know aren't cheaters, then let them submit without captcha.

[LD]

That's a very interesting post, Viper. I use Dragon Scipts which requires the submitter to sign up, but suppose that could be beaten as well.

I too find that submitting is tedious, and like many I would rather spend time building sites, so the auto submit thing is awful tempting, however I am afraid I would end up being blacklisted everywhere.

[Viper]

Quote:

Originally Posted by LusciousDelight

I use Dragon Scipts which requires the submitter to sign up, but suppose that could be beaten as well.

Yep.. I could write a script that would "sign up" new accounts every day and then submit to them without any problem. Add a Captcha would slow me down, but I could just signup a few accounts manually every day.. or hire some cheap offshore guys to do it for pennies...

[pc]

[/quote]

I too find that submitting is tedious, and like many I would rather spend time building sites, so the auto submit thing is awful tempting, however I am afraid I would end up being blacklisted everywhere.[/quote]

I agree with you .15 ? minutes extra spend on submitting freesites is nothing to compare .... and 'captha' never bothered me?!@#

[LD]

Quote:

minutes extra spend on submitting freesites is nothing to compare .... and 'captha' never bothered me?!@#

Bottom line for me is that if there's a list I want to be on, I'll do the captcha, although I hate the goddam fucking things. It's only kept me from submitting a couple of times when I just could not read it. I do understand why they are there and respect the list owners for trying to weed out the cheaters.