Any good blog needs the ability for users to be able to discuss articles made on it in the comments. Of course, most websites also have some sort of Contact form. This varies from site to site, but usually is provided for the product or service that the website is selling. Other forms include opt-in forms for newsletters. Of course, having forms on a website always has a downside…
Bots can be very helpful for many reasons. But they can also be incredibly harmful as well. Bots are often uses to relentlessly spam comment and email forms to try and sell a product or service, or to try and get users of a website to access malicious software. Dealing with them is always a huge, huge concern, and there are a number of ways to do it. However, not all of them are the most successful, and these resolutions don’t last long.
Captcha is what most people flock to in order to prevent spambots from… well, spamming. It has worked well in the past, but it is also a serious nuisance to the end-user as well, as Captchas become more increasingly difficult. In fact, I’ve come to post this immediately after encountering the absolutely greatest Captcha word I have ever encountered.
I’ve only just managed to finally get a Facebook App created for my website so I can send posts to my Facebook page. Naturally, in a desire to continue the trend, I set one up for The Shadow Realm. And lo and behold, its the almighty Captcha, back with a vengeance. In fact, this Captcha is so great, I just HAD to go out and blog about it.
Needless to say, we’ve got a huge, huge problem. Captcha just isn’t cutting it. Captcha is absolutely horrendous for the end-user and generally turns users away from actually using the form. In fact, it doesn’t even really stop bots, either. Spam companies have ever increasingly started writing the bots in such a way that when a Captcha is reached, it is sent to be manually bypassed by real people being paid to bypass the Captchas. This isn’t the only problem, though, as Captchas are simply a nuisance for users and are only ever getting worse.
Solving the problem isn’t particularly easy, either. There are workarounds that do help, but there’s no for-sure solution to stop it. What we do know is that Captcha doesn’t work, bots get by them all the time even when they aren’t being human-processed, and Captcha is a hindrance to users as well. One method I’ve tried in the past is fake form inputs.
A while back on The Shadow Realm, many years ago, I modified the forum’s IPB core’s registration form and inserted a secret, hidden field. I named it something a bot would think was a valid, required field, but in reality when checked it would ban the bot. I didn’t have any bots after that for a couple years. Naturally, though, when I started neglecting TSR and I came back some time later, I had a ton of bots again. So it worked for a while, but eventually they found out and got through again.
I’ve also tried using a new Captcha alternative solution, Are You a Human? So far its working decently enough on TSR, but I’m also using Akismet over there as well. The real test comes once I start getting hits on this site. I’ll have to keep a close eye out on it, because I cannot afford to use Akismet on this website. Regardless of how well it works, though, Are You a Human? is definitely far, far more user-friendly.
You definitely should have something to try and block spam. ANYTHING helps… but Captcha honestly can be just as much as a hindrance to valid users as it is to spammers, oftentimes even more beneficial to spammers. If you’re interested, try out Are You a Human? and see how it works for you. I know I had some trouble getting it to work on this site at first (which I only got fixed after an update), but I definitely prefer it greatly to using Captcha.