Captcha/Spam - Bugs & Issues - Bugs & Issues - Progress Community
 Bugs & Issues

Captcha/Spam

  • Captcha/Spam
  • We are using SiteFinity on a load balanced server. We have a feedback form on hundreds of pages on our site. I get about one real email per day, and around twenty-thirty replies containing nothing but spam. Why is there no Capcha option in SiteFinity 5.3? The amount of spam going through the system is ridiculous. Using a third-party Captcha isn't working due to our server being load-balanced.
  • You can add it yourself right now
    www.sitefinity.com/.../how-to-add-captcha-in-custom-sitefinity-form-builder-

    ...forms in 6.2 will have captcha out of the box now though (but clearly you'd need to update)

    Will that work?
  • I'm not 100% on THEIR implementation, but it uses the RadCaptcha which can check on the server as well...don't see why they wouldn't use it.

    You can always validate that with JustDecompile
  • Hi Steve, 

    We are looking at updating to v6.2 from 5.2, and one of the main driving factors is the built-in CAPTCHA functionality that you mentioned above.  However, do you know whether or not the built-in CAPTCHA implementation uses JavaScript?

    We have the CAPTCHA for Blog Comments turned on in our 5.2 implementation right now, but have found that spam bots are able to get around it (we believe this is due to it being implemented using JavaScript).  

    Any thoughts or insight you have would be greatly appreciated!

    Thanks,
    Alex
  • My alternate solution worked great. I just added an extra text input field into our forms. I gave that input filed a max value of one character and then I hid it using CSS. Robots are stupid and can't help but to fully populate every form field on a page with garbage. Only robots/spammers can inject values into this hidden field, and if there is more than one character the form is not submitted. Since I implemented this easy fix our spam has dropped to almost nothing without bugging our visitors to use a captcha input. I believe this is called a "honeypot" technique.
  • Thanks John, I like this idea and it's still relevant. I'd prefer not to have to stick captcha on every form we have.  My question is, is there a way to require the field to be blank? We've had a robot that basically inserted 1 character into every filed, so that would get by the max value of 1. It doesn't seem that SiteFinity will allow a max character of 0.