WordPress plugin: Anti-Captcha
What the heck is this 'Anti-Captcha' you speak of?
Anti-Captcha -as a concept- is a transparent Captcha solution which does not require any end-user interaction. This particular Anti-Captcha is based on the technique best described in this related article.
Anti-Captcha as a WordPress Plugin
The aim of this plugin is to prevent automated attacks (by bots) on the following WordPress actions:
- Posting comments
- Logging in
- Registering for a new account
- Requesting a lost password
When a comment is posted without a valid Anti-Captcha token, it shall be instantly marked as spam. This way, you can always manually approve this comment in hindsight if it appeared to be sincere.
Download
You can download this plugin directly from the WordPress plugin repository:
http://wordpress.org/extend/plugins/anti-captcha/
Requirements
This plugin is written for WordPress (up to version 2.9.2). It has been tested and verified to work on most browsers, including the dreaded IE6.
Note: the user does need to have javascript and cookies enabled for form submission to succeed. Generally, it's frowned upon if you don't write javascript in an unobstructive way. The reason for this is that some visitors don't support javascript but should still be able to get around your website.
AFAIK there are four types of user-agents not supporting javascript:
- Search-engine spider bots
- Users of a command-line browser (like Lynx)
- Users who actively disabled javascript in their browser
- Mischievous bots trying to spam or hack into your blog
Obviously, search-engines don't need to comment, register or login so they can be ruled out. Lynx users and users with javascript disabled are likely to be a very small percentage of the internet population, who have actively excluded themselves from certain webfeatures. Finally, badly behaving bots, is what the Anti-Captcha plugin is trying to block.
Changelog
=> 20100708
- Tested on WordPress version 3.0
=> 20100426
- Changed error message to be more descriptive
- Changed cookie mechanism to not rely on PHP sessions
- Added 'Back/Forward Cache' prevention
- Removed jQuery dependency
- Tested on WordPress version 2.9.2
=> 20090821
- First release
1. Activate the plugin through the 'Plugins' menu in WordPress
August 27th, 2009 - 11:33
This is anecdotal. I have installed the plugin using wordpress built-in installer, and IT DID NOT WORK! It keeps telling me:
Error, please enable javascript and try again…
in all recent browsers.
August 27th, 2009 - 11:59
@Henry At which WP-action did you get this error (login, register)? Did you clear out your browser cache? On this blog I use the exact same plugin, you commenting here shows that it can work
September 15th, 2009 - 07:04
Thank You for the plugin, it works ok.
But if You would please to describe me (or maybe add such function in next versions) how can I instantly delete spam mesages instead of marking them “spam”? For example “change string #126 in file make_post.php from $Message->Mark(“SPAM”) to $Message->Delete()”, or something like that.
Thank You.
September 15th, 2009 - 09:29
@SolutionFix Try to change line 47 of anti-captcha.php into:
add_filter(‘pre_comment_approved’, create_function(‘$a’, ‘return 0;’));
I have not tested it, but that should probably work.
September 21st, 2009 - 17:21
Nice job!
September 22nd, 2009 - 06:52
IE must be killed!!! use Google Chrome
October 7th, 2009 - 04:19
thanks for the plugin, it works
i hate using akismet, it slowing my site
October 7th, 2009 - 11:22
@indra Thanks, it works wonders for spam on this blog as well. To be honest I wasn’t even aware of the magnitude of WordPress spam until after I released this plugin.
October 11th, 2009 - 03:21
Just installed the plugin. It successfully activated. How do I know that it is working?
dave
October 11th, 2009 - 05:48
I now have the problem that HENRY has on login. Thoughts. When i disable this plugin the problem goes away. ANy ideas why. I did clear cache, no change.
Dave
October 12th, 2009 - 15:18
@dave Do you have a cookie-blocker in place? Please check and see if a cookie is set, it should be named “PHPSESSID”
October 21st, 2009 - 02:58
Captcha is going on my nerves when I come to an blog and leave a coment then Capca code is required, I type a code properly then display it is wrong re-type and the answer is the saime… but we need Captcha becouse of stupit booots
and now this problem.
I was download and set up the plugin on my site. Nice job and thanks!
November 4th, 2009 - 23:02
TEST
November 12th, 2009 - 18:29
gracias
November 13th, 2009 - 14:35
test…faut bien voir a quoi ressemble la marchandise
November 14th, 2009 - 11:14
Great!
November 20th, 2009 - 19:54
I’ll try
November 26th, 2009 - 21:47
test
December 3rd, 2009 - 19:16
test
December 15th, 2009 - 02:01
No CAPTCHA here? Thats odd.
December 15th, 2009 - 11:43
@Brent Ah but there is! Read the article
January 4th, 2010 - 17:52
This seems to be THE solution – thank you. One question: when a message is qualified SPAM it gets reported as SPAM but at that moment we DO NOT get a mail message informing us that a new message (spam or not) was entered – so we are not aware untill we login into the WP Dashboard.
Do you have a solution which also informs us by email when a spam message gas been entered? Tx a lot – Erik Wust
January 5th, 2010 - 16:21
@Erik Not at the moment no, it might be a good feature for a future release. However, you probably would get quite a lot of extra emails. Maybe it’s easier to check the spam category once in a while…
January 7th, 2010 - 02:18
Thank you for the excellent plugin! I previously had no antispam captcha on my site. Unfortunately, the spam has the upper hand, I have tried several plugins. Thine is my opinion after the baste. many thanks, for that!
regards
sebastian
January 7th, 2010 - 10:54
mal testen was das hier macht
January 8th, 2010 - 02:47
Hi Fili
What’s your suggestion re Akismet if using Anti-captcha? Disable Akismet?
January 8th, 2010 - 04:37
Does this work with BuddyPress. Main issue on BuddyPress is spam member registrations!
January 8th, 2010 - 13:17
@phillwv You can use Akismet together with Anti-Captcha if you want to (i have). @RuthMaude I’m unfamiliar with BuddyPress, so please don’t hesitate to try it out and let us know!
February 3rd, 2010 - 20:12
testing
February 7th, 2010 - 03:07
Klase Plugin ist das
February 8th, 2010 - 18:56
OK, I downloaded this plugin, installed it, now I CAN’T LOG IN TO MY WP BLOG!
I’m getting the same error message mentioned above:
“Error, please enable javascript and try again”
Javascript is enabled, cookies are not blocked, AdBlock has been disabled. Please tell me how to disable this.
February 8th, 2010 - 19:05
@Dad have you tried empty-ing your cache? Probably the Anti-captcha module is not loading because you’re looking at a cached version of the login-page.
February 9th, 2010 - 02:14
I’ve tried emptying my cache, restarting and I got the same thing. Then I tried opening the site in both Chrome and IE (neither of which I’ve ever opened the admin site with) – same results. Right now I’m locked out of my own WP admin page, I just want to get in and disable this plug-in.
February 9th, 2010 - 12:18
@Dad Very strange, I never heard of that before. What version of WP do you have? You could try and rename the plugin directory using FTP. This way WP can’t find the plugin and should hopefully let you pass. If not, please rename the directory back the way it was and re-contact me.
February 16th, 2010 - 19:42
Hey I’m using this anti captcha Version 20090821 on the 2.9.1 wordpress and it does work, because before I activated it, I was getting spam comments through, but now after activating this anti captcha the annoying spam stop or extremely decreased. Great easy plugin, I recommend it.
February 18th, 2010 - 02:39
@fili I just had the same problem as Dad. I had to rename the folder to get back into my site. This was after I (a) cleared my cache, (b) cleared my cookies. But, this was decidedly a problem with AntiCaptcha: it was happening with multiple browsers Chrome, FireFox and even (eww, yuck, eeek) IE. I dunno why it suddenly broke — I updated a couple of other plugins, but I hadn’t encountered any problems with that before.
February 18th, 2010 - 13:53
@gdb This shouldn’t happen, what version of WP are you running?
February 28th, 2010 - 14:26
Watcha!
Great plugin but I’ve just started having the same problem as a number of users above: “Error, please enable javascript and try again”. This occured when attempting to log in to the site either as an admin or as a user.
I got this on every browser I have installed: IE 8, Firefox 3.6, Chrome 4 and Opera 10.5. Like others, I had to FTP and disable the plugin folder directly, to be able to log into my site.
Something that may be relevant is that I host two blogs on the same site. I have two WP instances running off of a single DB with different table prefixes. I enabled you plugin on both sites but the error only occurs on one. Could this explain it? Some sort of cookie conflict?
March 1st, 2010 - 17:57
what kind of plugin is this that you yourself don’t even use it in your own website?
March 2nd, 2010 - 12:48
@Oli Thanks for your message. It’s hard for me to debug the problem if I can’t reproduce it. Could you e-mail me the version of WP you use and all the plugins you have installed (it could be caused by a combination of plugins). As soon as I can find some time I’ll look into the matter deeper.
@Farhad I do use it on this site.
March 8th, 2010 - 04:19
Working good
March 10th, 2010 - 23:38
nevermind my last comment. Chrome needed to update. Ugh
April 12th, 2010 - 12:00
Hi,
If I want to use this with a WordPress site do I simply install the plugin and activate it or is there more I need to do?
April 12th, 2010 - 12:26
@Chris Yes, there is nothing more to it!
April 13th, 2010 - 11:19
I like that answer!
April 18th, 2010 - 22:31
Is it working?
April 27th, 2010 - 20:10
nice
April 29th, 2010 - 15:58
Thank for the plugin. I just install it successfully. Great Works.
April 29th, 2010 - 17:52
thanks
April 30th, 2010 - 19:43
YOU are the man!
Thanks a bunch for this great plugin!