Probably will never stop fighting people who want to put down their links poreklamirovat or something, with people who do not want to see in their own in the comments or at ...
As a person who in the past spent a lot of time to develop means to spam a web form. I would like to highlight points that are missing, many authors advocating a particular method of protecting.
Repeatedly on different resources raised similar themes, but all the articles that catch my eye, were written by people who are on the other side.
The small historic ekskursUzhe many years have passed since then, as. botmaster. published his famous. HRumer. At that time it was a real revolution in the technologies of spam, spam, moved to the industrial level.
Automatic recognition of captures (at first the most simple, and then a rather complex), account activation by email, to lead the dialogue with himself, hrefer, which allows you to quickly build the necessary base index, the work of hundreds of streams - all of it justified a rather high price of . Moderators forums, guestbooks, blogs and later cleaned out tons of spam, and sometimes even prohibited the registration of new users....
Advertise hrumer will not, but it was a truly revolutionary and unique product in its class (the word. was. not quite appropriate, since it in general, relevant, and at this time).
Black SEO that time mainly consisted of a competent sweep untwisted resource bases for the right forums and guestbooks. Very often, these simple actions have led to dramatic results.
The defense forums, guestbooks and blogs of those times was at a fairly primitive level, at best, they were simple captcha, and often completely absent protection....
Public response has been to develop methods to combat malicious software. Of course, before hrumera was soft for spam protection, but that with the advent of the software, this problem has become particularly acute.
Modern methods of anti-spam Web Forms.
Captcha - Image. - There does not talk about anything, all seen all kinds of captcha -picture. Also, many people know about the universal service. reCAPTCHA. Providing some of the most difficult to recognize CAPTCHAs.
Different types of text captcha. - A bunch of captcha that ispollzuyut question-answer and offer to write a response to the proposed question. It also includes captcha offering to do some arithmetic and enter the correct answer in the box.
Interactive cAPTCHA. - Is fairly new and still kind of Rare captures the meaning of which is an interactive user interacts with certain objects. There are several implementations of these captures a specific CMS ( mostly WP). As well as the universal service. KeyCAPTCHA. , Which, like. reCAPTCHA. can be integrated into any CMS.
... - This method is actively promoted in many articles on the protection against spam, as the method that least ...
This class of protection include:.
All kinds of tricks on the JS -type formation forms ...
Pitfalls of the Web server:.
Creating invisible sections of the site, which is reached only robots and later Bath over IP.
Checking the delay on the rate of filling out forms.
Filter anonymous proxy.
And also any other types of traps, varying degrees of sophistication depending on the imagination of the webmaster.
service. Akismet.
service. Disqus. , Even though he only blogs, but it too can be roughly classified in this category.
How zaspamlivayutsya resources that contain the above methods of protection.
Captcha - Image. - If you do not pass through OCR, is recognized at a price of about $ 1 for 1000 - ANY CAPTCHA images. This is a reasonable price that is willing to pay almost any serious spammer.
At the moment, is already actively operating several services for the ... The picture, obtained from a Web page, using the script is passed to the service, after which the person has successfully detected (usually schoolchildren, students and Chinese ), and the service returns a spammer ready answer in text form, and then spam the program inserts it into the form .
Of course, not all workers antigeytov (we call them so in honor of the most popular such service ) are working in good faith, so these services have a system of feedback and ... Poor performers, which you complain are punished ruble. Integration with services already built into modern programs for spam.
So personally I do not quite understand the persistence of some uslozhniteley captcha - image captures, no matter what difficulty was not captcha - captcha image, it will still be recognized with the service ... Especially it concerns the protection of the registration form, pay $ 1 for registration akkov 1000, in my opinion it is not difficult, even for very ...
word cAPTCHA. - Everything is on one side is much easier on the other hand is much more complicated. If you have a very imaginative and not very popular resource, such protection can save you, if it is manually set. Otherwise, the software developers to continually replenish the spam text database of questions and answers, and quite successfully spam through this protection.
Interactive cAPTCHA. - This kind of captures until the low distribution. At the moment, I know a few non-generic implementations for WP, as well as a universal service, which can be integrated into any CMS, it is. KeyCAPTCHA. While I personally do not know the methods of spam using bots in protected form KeyCAPTCHA. And I think in the next few years, protected forms of protection will be the most impervious to spam bots.
Beskapchavaya protection. - This method of protecting a particular interest and requires a more detailed analysis.
Protection from all kinds of tricks JS. - Here is the majority of programs to manage spam at the moment can no longer,.
because this would require a real rendering HTML with JS and full processing of all the events page.
Everything would be fine, but there is not a complete emulation software for the browser, rather it is simply driven by an absolutely honest IE. This browser is completely controlled by the right spammer scripts. That is, can 100% emulate real browser on any spammer algorithm written in PHP or any other scripting language.
These browsers are able to change the proxy, taking pictures directly from the screen, simulate clicking on the checkbox and link with the mouse, view any otreydrennye styles. In general, do everything you want. Moreover, there are software through which you can create a spam- a machine that can simultaneously run dozens of these browsers now managed.
Protection based on tricks of the web server in the form of any traps for bots. - Easy and cost by using the above -managed browser, because it (controlled by the browser ) will go only to see the links, unless it is programmed.
Protection from spam filtering service. Akismet. - Protection of the service is based on the isolation of some of the signs of spam text messages and can be an IP address, browser cookies can be. As a consequence, can not apply it to any arbitrary web forms, such as the registration form to reliably protect Akismet is not likely to be able, if a spammer uses is not ... But, in practice, on a blog with an average attendance still appear regularly spam posts, then experienced villains bypass Akismet protection and contextual. The whole issue just in competent preparation spam.
Protection from. Disqus. - Is, as I already wrote above, the solution is also not universal, it completely removes the comments from the content of your site and puts them on the server Disqus. Then the visitor of the site are loaded using JS. On the one hand, it is effective, but not without drawbacks, as the comments are no longer part of your site. A spam through this protection can be managed using the same browser, and the comments in your still there ...
Finally would be desirable to summarize and summarize all the above in a comparative label.
Method or service protection. | value. | limitations. | The possibility of breaking. |
Captcha - Image. |
|
|
|
text CAPTCHA. |
|
|
|
Beckapchavye tricks on JS. |
|
|
|
Beckapchavye tricks in the form of server-side. |
|
|
|
Akismet. |
|
|
|
Disqus. |
|
|
|
KeyCAPTCHA. |
|
|
|
Discuss.
No comments:
Post a Comment