educational

Protecting Your Site Via CAPTCHA

Stephen Yagielowicz

While online forms make it easy for website operators to receive feedback from customers and for customers to seek support services, these tools open the site up to a raft of vulnerabilities due to their allowance of user-submitted text — which when unprotected, could include malware, spam and viruses. As such, one of the most basic steps that webmasters can take to improve the security of their websites is to ensure that form inputs are as free from automated spam and malicious script injection as possible.

One of the most common tools used for this process is CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart).

A CAPTCHA is a program that protects websites against bots by generating and grading tests that humans can pass but current computer programs cannot.

According to its website, www.captcha.net, “a CAPTCHA is a program that protects websites against bots by generating and grading tests that humans can pass but current computer programs cannot.”

In its most basic form, this useful tool, developed by Carnegie Mellon University, requires users to read a random text string and then input that string into a web form before it will allow users to submit their comments, etc. The form validates this information, either processing the submission request or refreshing the CAPTCHA text, graphically obfuscated to prevent machines from reading it. An enhanced audio version is available for the visually impaired.

CAPTCHA offers a variety of website security improvements and other benefits including the ability to prevent comment spam in blogs (a WordPress plugin is available). CAPTCHA protects registration and “join” forms; prevents automated email addresses harvesting; ensures the accuracy of online polling; prevents dictionary-based brute force attacks and malicious code assaults; and prevents badly behaved search engine bots from unwontedly indexing certain pages.

Interestingly, its website addresses — and dismisses — rumors that spammers send CAPTCHA images to porn sites, where viewers are required to solve the test before viewing an erotic image, thus enabling criminals to leverage humans to combat machines.

Related:  

More Articles

educational

S2S Postbacks: Getting Ad Stats in 1 Place

Juicy Jay ·
opinion

Tips to Master Customer Subscription Retention

Cathy Beardsley ·
opinion

A Primer on How to Integrate Paysite Processing

Jonathan Corona ·
educational

Trademark Ruling a Victory for Adult Products, Services

Marc Randazza ·
profile

Q&A: Rich Girls CEO Cristina Enriches Cam Models

Alejandro Freixes ·
profile

Q&A: LiviaChoice Embraces Grand Camming Destiny

Alejandro Freixes ·
opinion

Refined Protocols Reduce STI Risks for Performers

Eric Paul Leue ·
educational

Camming 101: Establish Boundaries to Keep the Fantasy Alive

Steve Hamilton ·
profile

Nikki Night Forges Cam Model Excellence

Alejandro Freixes ·
educational

Ethical Camming Inspires a Cultural Revolution

Mia Saldarriaga ·
Show More