What's the word Ben? Everything still working out for you?
..:.:.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http://acoderslife.com
-Original Message-
From: Ben Nadel [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 16, 2006 8:33 AM
To: CF-Talk
Subject: RE: Capture Alternatives
Bobb
That's good news. I hope it keeps on keepin on :-)
..:.:.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http://acoderslife.com
-Original Message-
From: Ben Nadel [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 16, 2006 8:33 AM
To: CF-Talk
Subject: RE: Capture Alternatives
Bobby,
I
-ben/
-Original Message-
From: Bobby Hartsfield [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 15, 2006 7:32 PM
To: CF-Talk
Subject: RE: Capture Alternatives
http://www.houseoffusion.com/groups/CF-Talk/thread.cfm/threadid:48814#26
0340
...:.:.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http
and ASSUME the BOT will try to populate it?
~Brad
-Original Message-
From: Matt Robertson [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 15, 2006 3:23 PM
To: CF-Talk
Subject: Re: Capture Alternatives
On 11/14/06, Bobby Hartsfield <[EMAIL PROTECTED]> wrote:
> I'd REALLY l
Ben Nadel has it on his blog now but the more the better :-)
..:.:.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http://acoderslife.com
-Original Message-
From: Matt Robertson [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 15, 2006 4:23 PM
To: CF-Talk
Subject: Re: Capture Alternatives
On
> Could someone explain to me which method was the hidden form one (we
> talked about so many)?
>
> Is that where you put a form field in which actually is
> type="hidden" or
> where you put in a type="text" field in a div which is hidden, mark it
> "leave me blank" and ASSUME the BOT will try
he BOT will try to populate it?
~Brad
-Original Message-
From: Matt Robertson [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 15, 2006 3:23 PM
To: CF-Talk
Subject: Re: Capture Alternatives
On 11/14/06, Bobby Hartsfield <[EMAIL PROTECTED]> wrote:
> I'd REALLY love for
On 11/14/06, Bobby Hartsfield <[EMAIL PROTECTED]> wrote:
> I'd REALLY love for someone with a serious spam issue to try the hidden form
> field method and see how it works out... and then of course post their
> findings for the rest of us.
Someone may beat me to it but I'll take that on myself. T
> I first put a hidden field in the feedback form with a timecode and
> on the action page figured out how much time elapsed. I save each
> message to a database along with how long it took them to fill out
> and submit the form.On my admin page, I display the emails -
> marking the suspec
> Anywhere you dynamically convert URLs to links.. in message boards,
> blogs, etc... add the rel="nofollow" attribute.
>
> I'm doing this in blogcfm (and I think in cfmbb too)
FYI, BlogCFC does this as well.
"EMF " made the following annotations.
Good point (and idea) Rick
..:.:.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http://acoderslife.com
-Original Message-
From: Rick Root [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 15, 2006 8:43 AM
To: CF-Talk
Subject: Re: Capture Alternatives
Ray Champagne wrote:
> Here's a
woohoo - go microformats!
On 15/11/06, Rick Root <[EMAIL PROTECTED]> wrote:
>
> Ray Champagne wrote:
> > Here's a question that hasn't been answered, maybe 'cause there isn't
> one:
> > we talk all day about protecting ourselves from these gnarly bastages,
> is
> > there any way to fight back?
> >
Ray Champagne wrote:
> Here's a question that hasn't been answered, maybe 'cause there isn't one:
> we talk all day about protecting ourselves from these gnarly bastages, is
> there any way to fight back?
>
> I'd love to see a way for me to block them, then fire back with my own
> script - it mi
Nope... not an American girl either.
..:.:.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http://acoderslife.com
-Original Message-
From: Crow T. Robot [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 14, 2006 9:36 PM
To: CF-Talk
Subject: Re: Capture Alternatives
You're not a britis
[mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 14, 2006 3:36 PM
> To: CF-Talk
> Subject: RE: Capture Alternatives
>
> Here's a question that hasn't been answered, maybe 'cause there isn't one:
> we talk all day about protecting ourselves from these gnarly bas
;-)
..:.:.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http://acoderslife.com
-Original Message-
From: Ray Champagne [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 14, 2006 3:36 PM
To: CF-Talk
Subject: RE: Capture Alternatives
Here's a question that hasn't been answered, maybe 'cause ther
One thing that I have done that helped tremendously:
I run a brain cancer web site. The feedback form would usually
get about 50 real responses a day - and about 500 spams a day.
One problem I have is that there is no tolerance for false negatives
- these are very important messages.
I firs
> Here's a question that hasn't been answered, maybe 'cause
> there isn't one:
> we talk all day about protecting ourselves from these gnarly
> bastages, is
> there any way to fight back?
>
> I'd love to see a way for me to block them, then fire back with my own
> script - it might not solve a
t solve anything, but man, it would feel good...
> -Original Message-
> From: Munson, Jacob [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 14, 2006 3:25 PM
> To: CF-Talk
> Subject: RE: Capture Alternatives
>
> > * Check the form was actually submitted from w
> > * Check the form was actually submitted from within the
> site? Perhaps via CGI. although I'm sure that may have issues as well.
>
> CGI.HTTP_REFERER can be spoofed quite easily.
What I did for this was generate a session variable on the form page,
and then check for it in the processor. Th
> * Check the form was actually submitted from within the site?
> Perhaps via CGI. although I'm sure that may have issues as well.
This is a good idea, but I don't think it will stop all spammers.
You're correct that some spammers directly access the submission form.
When I first put my math ques
Richard Cooper wrote:
>
> Quick question though, would any of my previous ideas work?
>
> * Check the form was actually submitted from within the site? Perhaps via
> CGI. although I'm sure that may have issues as well.
CGI.HTTP_REFERER can be spoofed quite easily.
> * A field that checks when
I think I'm going to go for Bobbies suggestion. It seems the easiest to
implement
Quick question though, would any of my previous ideas work?
* Check the form was actually submitted from within the site? Perhaps via CGI.
although I'm sure that may have issues as well.
* A field that checks wh
Ben Nadel wrote:
>
> I think that was covered. The main goal of this particular thread is get
> people to be able to submit forms without having to think at all or have
> special browser capabilities:
Ah, yes if you're blind, you're pretty much SOL with most captcha
solutions out there. Try buy
..
Ben Nadel
Certified Advanced ColdFusion MX7 Developer
www.bennadel.com
Need ColdFusion Help?
www.bennadel.com/ask-ben/
-Original Message-
From: Rick Root [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 14, 2006 2:21 PM
To: CF-Talk
Subject: Re: Capture Alternatives
I
I missed this thread.
Did anyone mention image.cfc's captcha capability?
http://www.opensourcecf.com/imagecfc/captcha/
rick
~|
Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting,
up-to-date ColdFusion i
Great thanks!
..:.:.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http://acoderslife.com
-Original Message-
From: Ben Nadel [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 14, 2006 12:18 PM
To: CF-Talk
Subject: RE: Capture Alternatives
Bobby,
This new technique is now live. (ex.
http
/
-Original Message-
From: Bobby Hartsfield [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 14, 2006 11:50 AM
To: CF-Talk
Subject: RE: Capture Alternatives
Great. Let me know how it works out. I don't really have anywhere with
any serious spam issues to te
Interesting. I am implementing a captcha for a client who is
ridiculously flooded with porn spam. But I bet once I bring up the
issue of accessibility we will re-think the solution. I like the math
concept.
I have another client who insisted against my recommendations that he
wanted a string-ba
It sounds like you are doing the math JS similar to my method on my
blog, but I'm not providing the answer. That's a good idea.
> I will check out your project, though. Can you re-link it if
> you already have?
http://cfformprotect.riaforge.org/
> I agree making the user think sucks, but it'
On Tuesday 14 November 2006 16:12, Ray Champagne wrote:
> I check the answer via javascript before uploading then give them an alert
> that they are wrong and HINT: this is the answer: X. So, even if they get
Very nice, I like that :-)
--
Tom Chiverton
Helping to autoschediastically integrate 2
o do,
takes what, like an extra three-four seconds?
> -Original Message-
> From: Munson, Jacob [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 14, 2006 11:01 AM
> To: CF-Talk
> Subject: RE: Capture Alternatives
>
> > I just implemented a solution exactly like
-Talk
Subject: RE: Capture Alternatives
Bobby,
I like that. I will implement that on my blog today as a test. That
would cover:
1. Non-javascript users
2. Blind people
3. Not making the user think
Awesome!
...
Ben Nadel
Certified Advanced ColdFusion MX7 Developer
Sent: Tuesday, November 14, 2006 8:53 AM
> To: CF-Talk
> Subject: Re: Capture Alternatives
>
> On Tuesday 14 November 2006 12:20, Richard Cooper wrote:
> > Both suggestions seem good ways of preventing spam bots, but in the UK
now
> > all websites need to be accessible by
On Tuesday 14 November 2006 12:20, Richard Cooper wrote:
> Both suggestions seem good ways of preventing spam bots, but in the UK now
> all websites need to be accessible by law
Not all. Some.
The best accessible CAPTCHA I've seen is asking you to add two random numbers
(0http://www.fusionautho
TECTED]
> Sent: Tuesday, November 14, 2006 8:53 AM
> To: CF-Talk
> Subject: Re: Capture Alternatives
>
> On Tuesday 14 November 2006 12:20, Richard Cooper wrote:
> > Both suggestions seem good ways of preventing spam bots, but in the UK
now
> > all websites need to be acces
Math IS the universal language after all :-)
..:.:.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http://acoderslife.com
-Original Message-
From: Tom Chiverton [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 14, 2006 8:53 AM
To: CF-Talk
Subject: Re: Capture Alternatives
On Tuesday 14
Both suggestions seem good ways of preventing spam bots, but in the UK now all
websites need to be accessible by law so this does raise some problems.
Although Sandra's option is accessible I'm not keen on human maintenance side
of it.
How do spam bots work?
I'm guessing they work like search
.:.:.:.:.:.:.:.:.:.
Bobby Hartsfield
http://acoderslife.com
-Original Message-
From: Ray Champagne [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 14, 2006 10:30 AM
To: CF-Talk
Subject: RE: Capture Alternatives
Oh, sorry, I was replying to this, but I see that probably wasn'
?
www.bennadel.com/ask-ben/
-Original Message-
From: Bobby Hartsfield [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 14, 2006 11:40 AM
To: CF-Talk
Subject: RE: Capture Alternatives
Ahh ok gotcha. I'm not too fond of that one either. Most people assume I
support/use catchas just because I
> I just implemented a solution exactly like this and am waiting for the
> results to assess it's effectiveness. Does anyone out there
> use this as a
> solution? Care to share your assessment?
I did the math thing on my blog contact form:
http://www.techfeed.net/blog/contact.cfm
I haven't got
> Apparently 'most' bots like to fill in every field they find
> in the form and
> the majority of them won't parse the styles.
>
> You could also just put the field in a div with a message
> like "Leave this
> field empty" inside the div as well then hide the div. That
> way, if the
> field sh
vember 14, 2006 9:03 AM
> To: CF-Talk
> Subject: RE: Capture Alternatives
> Importance: High
>
> > I just implemented a solution exactly like this
>
> Exactly like which one?
>
> ..:.:.:.:.:.:.:.:.:.:.:.
> Bobby Hartsfield
> http://acoderslife.com
>
>
Hopefully (for myself included) that's the case - because people have
started suing the owners of sites they can't access and they are
winning the cases.
On 11/14/06, Munson, Jacob <[EMAIL PROTECTED]> wrote:
>This is true, but I think you have to consider your audience.
> In my case, most people t
-
> From: Ben Nadel [mailto:[EMAIL PROTECTED]
> Sent: Monday, November 13, 2006 4:02 PM
> To: CF-Talk
> Subject: RE: Capture Alternatives
>
> Jacob,
>
> Very true. What I could do though, is once the browser loads, I could
> use Javascript to set a hidden value... This val
k-ben/
-Original Message-
From: Munson, Jacob [mailto:[EMAIL PROTECTED]
Sent: Monday, November 13, 2006 5:48 PM
To: CF-Talk
Subject: RE: Capture Alternatives
The problem with your solution is that the user has to click the submit
button. A lot of people just hit enter. You could simulate a button
, 2006 3:21 PM
> To: CF-Talk
> Subject: RE: Capture Alternatives
>
> Jacob,
>
> I am pretty sure that this has accessibility issues as it
> relies on CSS
> and the "visibility" of a button. Not sure how accessibility and CSS
> mix.
>
> I will definitely
usion Help?
www.bennadel.com/ask-ben/
-Original Message-
From: Munson, Jacob [mailto:[EMAIL PROTECTED]
Sent: Monday, November 13, 2006 5:15 PM
To: CF-Talk
Subject: RE: Capture Alternatives
Ben,
I'd appreciate a follow up post later this week (on your blog) to see if
this is still wo
Ben,
I'd appreciate a follow up post later this week (on your blog) to see if
this is still working. I built CFFormProtect (hosted at riaforge) with
the goal of making form protection brain dead simple for users. But
just letting them fill out the form without a human verification would
be aweso
: Monday, November 13, 2006 9:22 AM
To: CF-Talk
Subject: Re: Capture Alternatives
Here's how Ben Nadel is doing it:
http://www.bennadel.com/index.cfm?dax=blog:397.view
On 11/13/06, Bobby Hartsfield <[EMAIL PROTECTED]> wrote:
> There was yet another Slashdot article about it yesterd
Here's how Ben Nadel is doing it:
http://www.bennadel.com/index.cfm?dax=blog:397.view
On 11/13/06, Bobby Hartsfield <[EMAIL PROTECTED]> wrote:
> There was yet another Slashdot article about it yesterday and someone
> mentioned this. I haven't tried it but if you are having an issue that could
> qu
There was yet another Slashdot article about it yesterday and someone
mentioned this. I haven't tried it but if you are having an issue that could
quickly put it to the test, I'd give it a shot.
just put an empty, hidden field in your form. When you process the form,
make sure it is still empt
I do a few things and its been working quite well. It involves 3 features.
1) Set up a blacklist and a whitelist for posting.
2) Set some session variables on the form itself to prevent automated
posting from other sites. Check those variables on the processing page. (if
the page is prevented be
53 matches
Mail list logo
