Flooding vs Javascript

Question

I use to make an interface to send message to my website by using only HTML (without any kind of human verification). Annoying to get every days many fake message by bots that spam or flood my website, I do this interface by using Javascript : I mean, thanks fo JS, I open a box like a popup on my website, and than the message will be send using this interface.

After done this, I never get any kind of fake message. That I'd like to know : this is a real barrier to avoid the flooding on a website, or there are some kind of bots that can also use Javascript?

score 3 · Answer 1 · answered Mar 10 '11 at 13:15

3

You will find that typical bots will only attempt the "typical" list of weaknesses. If you have come up with some sort of system that is a little more intuitive then others and possibly unique then you should be OK with what you have.

Thats not to say that no bot is out there which might be able to break through your barrier.

answered Mar 10 '11 at 13:15

Simon H

1,735
12
14

And what is the "typical" list of weaknesses ? – Stephane Rolland Mar 10 '11 at 14:19
I am not sure on the exact details here, but I was reading a recent article on it, which explained it all fairly well. – Simon H Mar 10 '11 at 14:21
and do you have any link ? I'm sure it would be a *very* interesting article. – Stephane Rolland Mar 10 '11 at 14:28
1

sure do http://www.smashingmagazine.com/2011/03/04/in-search-of-the-perfect-captcha/ – Simon H Mar 10 '11 at 14:29

score 1 · Accepted Answer · answered Mar 10 '11 at 13:17

1

A bot can be coded to parse the javascript, of course, but most bots don't do this as they go for the easy targets.

If you'd really like to be safe, you need to implement something like a CAPTCHA, which uses images that are very hard to read by machines. But OCR has taken huge leaps forward, so they may be rendered useless in a couple of years.

http://en.wikipedia.org/wiki/Captcha

answered Mar 10 '11 at 13:17

Thom Wiggers

6,938
1
39
65

2

And a lot of the time, I find that after half a minute of desperately trying to figure out what's in the CAPTCHA, all I get back is an error saying that my guess was wrong... – user Mar 10 '11 at 13:20
1

Also keep in mind that there has been recent hype about CAPTCHA not being that great because it can't cater for the visually impaired. It has always been a problem with these type of barriers, other have tried getting users to solve a simple match equation or to slide a slider to the end to submit a form. However, all of these aren't complete solution and still need work to cater for all audiences. – Simon H Mar 10 '11 at 13:27
for every single different language that you might come across? – Simon H Mar 10 '11 at 14:20
So, maybe it's better to do a list of question with one only response instead of captcha? – markzzz Mar 10 '11 at 14:21

Flooding vs Javascript

2 Answers2