ASP - anti bot checking?
in [ASP]
|
From: . on 2 Sep 2010 20:09 Hello, would anyone recommend the best / easiest way of implementing a bot checker? I've heard of CAPTCHA, session length timers, random 2 numbers to add, etc... any more effective and easier than the others?
From: Evertjan. on 3 Sep 2010 03:40 .. wrote on 03 sep 2010 in microsoft.public.inetserver.asp.general: > Hello, Wow, anonymous, this is not a telephone, > would anyone recommend the best / easiest way No, I hope not. "best" and "easiest" are subjective in programming, so my "best" and "easiest" and your "best" and "easiest" programming cannot and should not be the same. > of implementing a bot checker? Easiest == shortest code? > I've heard of CAPTCHA, session length timers, random 2 > numbers to add, etc... any more effective and easier than the others? What bots do you want to check and why? What do you mean by "bots", "crawlers" perhaps? What would you do with the results of your "check", publish them or put them in a database or change the page, or do you really mean "bot-stopper"? It the latter, do you want to stop google-bot too? Do you want to do this, whatever it is that you want to do, serverside? -- Evertjan. The Netherlands. (Please change the x'es to dots in my emailaddress)
From: Dooza on 3 Sep 2010 03:51 On 03/09/2010 01:09, . wrote: > Hello, would anyone recommend the best / easiest way of implementing a bot > checker? I've heard of CAPTCHA, session length timers, random 2 numbers to > add, etc... any more effective and easier than the others? To prevent form-bots from automatically submitting data I use the honeypot method. In my form I have 2 additional fields, one with a known value, and one with no value. These form fields are in a div hidden by css. This is to allow screen readers the chance to understand what these fields are for. The label will tell the user what to do if they come across them. Then on the processing script I will only send the form data if the empty field is empty, and the known field is as expected. This works because most form-bots fill in all fields they find with random information. Obviously this doesn't get around users who are paid to submit spam in forms, there is nothing you can do to stop these. The method I have been using has worked successfully on many sites over the last 10 years that I have worked on. Dooza
|
Pages: 1 Prev: Posting data from ASP to WebService Next: membership database |