Alternative to Captcha - Your opinions for Ajax Tookit, JQuery Side lock, Drag and Drop_问答_开发者

Alternative to Captcha - Your opinions for Ajax Tookit, JQuery Side lock, Drag and Drop

开发者 https://www.devze.com 2023-04-03 08:10 出处：网络

Net Web Forms, I\'m looking for a solution to avoid bot and spammer using my online contact form. Captcha is pretty safe solutio开发者_如何转开发n but sometimes could be to \"Difficult\" for inexperi

Net Web Forms, I'm looking for a solution to avoid bot and spammer using my online contact form.

Captcha is pretty safe solutio开发者_如何转开发n but sometimes could be to "Difficult" for inexperience user to use (in my opinion).

Here some solution alternative I found, I would like to know if you implement one of theme in a real world scenario, wich is the safest and easier to implement.

1 - Ajax Tookit Nobot

2 -Jquery Side Locker (her one example but there are many of theme). What is the best?

3 - Drag and Drop solution like this one

Thanks for your time.

See if a honeypot captcha helps. It is simple, does not require JavaScript and does not require user interaction. It works because a typical spambot will try to fill out all fields present of a form. This you can detect on the server side:

<form action="" method="post">
    <label>Name</label>
    <input type="text" name="Name">
    <br />
    <label>Please leave this field empty</label>
    <input type="text" name="Email">
    <br />
    <input type="submit" />
</form>

Server side code (PHP):

<?php
if($_POST["Email"] != "") {
    die("Thank you for spamming!");
}

Server side code (ASP.NET/C#):

void Page_Load(object sender, EventArgs e)
{
    if(Request.Form["Email"] != "") {
        Response.Write("Thank you for spamming!");
        Response.End();
    }
}

This is an old question, but found a ASP.NET MVC honeypot NuGet Package:

https://nuget.org/packages/SimpleHoneypot.MVC

Project Site:

https://github.com/webadvanced/Honeypot-MVC

I would implement Jquery Side Locker and not bother with the other two (the third one didn't work on my browser).

Have a look at this web app. I added a "mechanical action" anti-spam feature on the sign-up form. It's a drag & drop.

I'm having a similar problem and decided to approach it first by blocking IP addresses from particularly "spammy" countries. If you have an app that doesn't have a worldwide audience, this may be an option.

See https://serverfault.com/questions/305681/iis-7-address-restrictions-importing-list-to-block-china-and-korea-ips for a possible approach in an IIS7 environment.

It depends on your intent. Anti bot protection doesn't really require a captcha. There a few solutions that take advantage of the way these work to block them, the fact they don't have javasript enabled for instance. The HoneyPot also works well, taking advantage of the form greedy nature of bots.

If on the other hand you also wish to stop attackers from writing automated scripts then it does require more effort. I haven't looked at the ones you mentioned in detail but they look on the face of it like they would do the job. The thing to be weary of is reliability, localization, and performance. This is where the smaller less well known solutions usually fall down compared with say reCaptcha.

Yes it is a sweeping generalisation, not saying it's always the case just be sure to take in into consideration. I've looked at a few that all suffer on one of these points.