+1-888-365-2779
Try Now
More in this section

Forums / Bugs & Issues / Captcha/Spam

Captcha/Spam

5 posts, 0 answered
  1. John
    John avatar
    5 posts
    Registered:
    03 Oct 2012
    04 Sep 2013
    Link to this post
    We are using SiteFinity on a load balanced server. We have a feedback form on hundreds of pages on our site. I get about one real email per day, and around twenty-thirty replies containing nothing but spam. Why is there no Capcha option in SiteFinity 5.3? The amount of spam going through the system is ridiculous. Using a third-party Captcha isn't working due to our server being load-balanced.
  2. Steve
    Steve avatar
    3037 posts
    Registered:
    03 Dec 2008
    04 Sep 2013 in reply to John
    Link to this post
    You can add it yourself right now
    http://www.sitefinity.com/developer-network/forums/developing-with-sitefinity-/how-to-add-captcha-in-custom-sitefinity-form-builder-

    ...forms in 6.2 will have captcha out of the box now though (but clearly you'd need to update)

    Will that work?
  3. Alex
    Alex avatar
    2 posts
    Registered:
    31 Jul 2013
    25 Nov 2013
    Link to this post
    Hi Steve, 

    We are looking at updating to v6.2 from 5.2, and one of the main driving factors is the built-in CAPTCHA functionality that you mentioned above.  However, do you know whether or not the built-in CAPTCHA implementation uses JavaScript?

    We have the CAPTCHA for Blog Comments turned on in our 5.2 implementation right now, but have found that spam bots are able to get around it (we believe this is due to it being implemented using JavaScript).  

    Any thoughts or insight you have would be greatly appreciated!

    Thanks,
    Alex
  4. Steve
    Steve avatar
    3037 posts
    Registered:
    03 Dec 2008
    25 Nov 2013 in reply to Alex
    Link to this post
    I'm not 100% on THEIR implementation, but it uses the RadCaptcha which can check on the server as well...don't see why they wouldn't use it.

    You can always validate that with JustDecompile
  5. John
    John avatar
    5 posts
    Registered:
    03 Oct 2012
    25 Nov 2013
    Link to this post
    My alternate solution worked great. I just added an extra text input field into our forms. I gave that input filed a max value of one character and then I hid it using CSS. Robots are stupid and can't help but to fully populate every form field on a page with garbage. Only robots/spammers can inject values into this hidden field, and if there is more than one character the form is not submitted. Since I implemented this easy fix our spam has dropped to almost nothing without bugging our visitors to use a captcha input. I believe this is called a "honeypot" technique.
5 posts, 0 answered