Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Ranjan12

macrumors newbie
Original poster
Aug 3, 2011
1
0
Captchas impose an extra burden on the user. Bad captchas are extremely frustrating; good captchas are merely annoying.

It's a trade-off. If you want to encourage people to use the contact form as much as possible, then take off the captcha. This may increase the amount of spam you get.

In my experience, a simple honeypot form field is enough to prevent all spam. No need for a captcha:
Add an extra field to your form
Hide it using CSS {display: none}
For accessibility, add a label that says something like, "Please leave this field blank; otherwise your message will be rejected. This is an anti-spam measure; sorry for the inconvenience."
When handling the form, check if that field submitted anything. If it did, reject the message
 
I can't possibly recount all those times I've cursed to the heavens and hell and back again whenever I encounter those captcha thingies.
 
i usually don't bother contacting anyone who sets up captchas on their contact forms. it's time consuming and unprofessional, and there are ways to get a contact form to repel a lot of spam without using a captcha. ex: fastsecurecontactform [dot] com
 
these days different kinds of captchas are being used like arranging a scrambled picture or doing a math calculation which are less time consuming and less irritating, but like it or not captchas will always be required against automatic spamming.
 
Having a field (or fields) to enter a future date is also useful - default it to something in the past and check it on submission.

Another check is to log the time that the user visits the page and also the time that they submitted the form. If it's too quick then it's likely to be a spambot.

Do all your checking server side and don't provide any feedback or at least nothing that would indicate that the spam has been trapped.

Along with the hidden field I've trapped all spam. I've had a few false positives, usually because someone is using Chrome and has autofill turned on which fills in the phone field which is my honeypot field.
 
Captchas impose an extra burden on the user. Bad captchas are extremely frustrating; good captchas are merely annoying.

It's a trade-off. If you want to encourage people to use the contact form as much as possible, then take off the captcha. This may increase the amount of spam you get.

In my experience, a simple honeypot form field is enough to prevent all spam. No need for a captcha:
Add an extra field to your form
Hide it using CSS {display: none}
For accessibility, add a label that says something like, "Please leave this field blank; otherwise your message will be rejected. This is an anti-spam measure; sorry for the inconvenience."
When handling the form, check if that field submitted anything. If it did, reject the message
Yes sir, you got it. Been doing it for years. I have a script that bypasses captchas faster than I can read them.

Honeypot only works for bots, not directed attacks. The form requires a little bit more work to ward off DOS style hits; unique id issued upon creation to prevent script POST'ing etc.
 
captcha is for sure annoying, but ever since I learned that they are actually using the forms to translate and decipher old, damaged text from books, I have a much more forgiving opinion of them. Certainly better than the ones which require you to watch an advertisement, or those that ask you a survey question, undoubtedly for marketing purposes. I'd rather contribute to global knowledge than corporate wealth.
 
"I want to get rid of the CAPTCHA on the contact page, my search engine optimization analyst was looking at and saw chines characters! I would rather get a thousands of spams than put off one customer".

Just thinking if there is any comfort to this?
 
i HATE Captcha with a passion

A certain website i use daily as my own personal DVR site (cant mention it directly, I don't want to be accused of promoting piracy but its NOT the pirate bay) has started using, or its host has started using, Captcha, a LOT.. somedays it asks for captcha after EVERY LINK clicked, which is, quite frankly, fricking annoying as hell.

I wouldnt mind, but ive taken to running screenshot of captchas through OCR software because its more accurate at getting them right than i am, i can't make out 90% of them, my OCR software gets about 80% right.
 
"I want to get rid of the CAPTCHA on the contact page, my search engine optimization analyst was looking at and saw chines characters! I would rather get a thousands of spams than put off one customer".

Just thinking if there is any comfort to this?
LOLZ! SEO analyst!! XHTML cert... front page.... seriously... my side is hurting from laughter. You may want to get your money back. Probably have better luck spending it on Tarot cards.

Easy peasy, drop the captcha from your contact page.
 
Captcha

Captchas protection is always necessary to protect from spamming. It is truth that captchas are frustrating and irritating but at the same time are necessary from protection point of view.
 
I use a simple mathematical question (ex.: 2X4) to make sure that it's not a computer on the other side. It's not perfect but it's good enough to keep spam to a minimum.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.