FILI'S TECH THOUGHTS – All wiyht. Rho sritched mg kegtops awound?

20Aug/0972

WordPress plugin: Anti-Captcha

What the heck is this 'Anti-Captcha' you speak of?
Anti-Captcha -as a concept- is a transparent Captcha solution which does not require any end-user interaction. This particular Anti-Captcha is based on the technique best described in this related article.

Anti-Captcha as a WordPress Plugin
The aim of this plugin is to prevent automated attacks (by bots) on the following WordPress actions:

  • Posting comments
  • Logging in
  • Registering for a new account
  • Requesting a lost password

When a comment is posted without a valid Anti-Captcha token, it shall be instantly marked as spam. This way, you can always manually approve this comment in hindsight if it appeared to be sincere.

Download
You can download this plugin directly from the WordPress plugin repository:
http://wordpress.org/extend/plugins/anti-captcha/

Requirements
This plugin is written for WordPress (up to version 2.9.2). It has been tested and verified to work on most browsers, including the dreaded IE6.

Note: the user does need to have javascript and cookies enabled for form submission to succeed. Generally, it's frowned upon if you don't write javascript in an unobstructive way. The reason for this is that some visitors don't support javascript but should still be able to get around your website.

AFAIK there are four types of user-agents not supporting javascript:

  • Search-engine spider bots
  • Users of a command-line browser (like Lynx)
  • Users who actively disabled javascript in their browser
  • Mischievous bots trying to spam or hack into your blog

Obviously, search-engines don't need to comment, register or login so they can be ruled out. Lynx users and users with javascript disabled are likely to be a very small percentage of the internet population, who have actively excluded themselves from certain webfeatures. Finally, badly behaving bots, is what the Anti-Captcha plugin is trying to block.

Changelog

=> 20100708

  • Tested on WordPress version 3.0

=> 20100426

  • Changed error message to be more descriptive
  • Changed cookie mechanism to not rely on PHP sessions
  • Added 'Back/Forward Cache' prevention
  • Removed jQuery dependency
  • Tested on WordPress version 2.9.2

=> 20090821

  • First release
To install simply:1. Upload the 'anti-captcha' folder to the /wp-content/plugins/ directory
1. Activate the plugin through the 'Plugins' menu in WordPress
Tagged as: , , , , 72 Comments
 « Newer Entries  Older Entries »

Articles