hello... good day to all.... :)

i've installed antispam captcha mod... so far its working well...
i'd like to put it also in search engine, how do i do that?.... and how can i adjust the image, to control the distortion... sometimes its hard to read it....
thanks in advance...

<

why would you want an anti-spam control on the search page, it is not possible to spam anything from the search page<

If you want to make the letters more readable you need to open captcha.asp and make alterations there.
sub Lines draws random lines across the image
sub Circles draws random circles across the image
sub drawcode() draws the letters using different colours and random x & y offsets
sub Grid (colour) draws a grid across the image

These subs are called in different orders randomly to produce different effects i.e.
You could add another case at the end that would just draw the code without any obfuscation (lines, circles or grids across the image) and always call it


You're better off to use Gatekeeper in my opinion.
Edit: I agree with HuwR about the search page. A better option might be to restrict searching to members only<

thanks guys.... i'll work on the captcha.... :)

i saw in some forum in the search area it has captcha... i thought it would be great if i have it also.... :)

btw, what does a gatekeeper do?... how does it work?...
thanks for the time.... :)
<

just because someone else has something does not necesarily mean it is a good or even useful thing to have. Tools are useful when used for the purpose they were designed for, having an antispam tool on a page that can not be spammed is just going to annoy the hell out of your members.
Gatekeeper is an antispam MOD that works in the same way as a CAPTCHA but without the visual difficulties associated with an image based CAPTCHA<

DOS attacks on forums usually hit the search page hard since it generates a lot of resource usage. I would do it in a heartbeat if I had that problem, but not just for the sake of doing it.<

thanks huwr.... :)

point taken.... :)

wich is better, gatekeeper or captcha?....

im sorry for the dumb question, im a newbie... despite of my learning disability i'm trying my best to learn.... :)

thanks for ur time... appreciate it very much.... :)

<

Gatekeeper is better in my opinion as it can be read by Screen Readers i.e. visually impaired people can use them.<

bobby... :)

how does a dos attack function?.... how do i prevent dos attack?.... in my previous post, i encountered a bot, and it stayed in the search page, if i remember it correctly, about 380 mins.... and since i saw the captcha in other forum search page, with my poor knowledge in programming i thought that was the purpose of it...
and now i know what is what, thanks to huwr... :)
anymore advices or suggestions?....
thanks for ur time.... :)
<

Well you really need to have some enemies before it's likely to happen to you.
It's automated attacks designed to slow or bring down your server. Forums are hit on the search page usually because it's the most server intensive spot. Captcha would thwart a robot. But as I said, if you don't have that problem all your likely to do is inconvenience your users.
I hang out on some forums that expose internet bad guys that get attempted DOS attacks on thier forums frequently, so they have Captcha on just about everything.... and it works.<

how do i prevent dos attack?....

prevent non members from accessing the search page, better to prevent them completely than piss off your users, or if you want search exposed then only use a CAPTCHA for NON members<

so they have Captcha on just about everything.... and it works.

I would say it is 'effective' rather than 'it works', since it does not actually work, because CAPTCHA's are NOT userbility friendly, they prevent ligitimate people from accessing as well as bots.<

prevent non members from accessing the search page

....which I would never do.
To each his own.<

the prevention of 1 legitimate person from accessing your forum is too many, there are other ways of preventing bots from DOSing your search page without preventing normal users from accessing it as well.
by using a Captcha YOU ARE preventing non members from accessing your search.<

Sure, less than 1% maybe.<

thanks guys for the input.... :)

podge, nice video tutorial... :)

thank u for the time, really, really appreciate it.... :)
god bless.... :)
<

You are going to be pretty surprised to find out that your 1% is actually a lot higher

Today, 20% of state-of-the-art Captchas are not solved correctly on the first try (and often, there’s no second try). At the same time, bots have evolved to the point that commercially available software can successfully defeat the most difficult Captcha 10-20% of the time.

Beyond the obvious security failures, Captcha has other problems. Visually impaired users find it impossible to use, running afoul of the Disabilities Act (which guarantees equal access to all people, no matter their disabilities). Audio versions of Captcha have emerged for the visually-impaired, but not all sites use the available audio version and problems remain among other segments of the disabled computer-using market. User dissatisfaction is high with Captcha as well and Captcha complaints abound on the web. The most vocal complaints come from users of time-sensitive websites, such as a ticket venders for sporting events or concerts. The time it takes a user to solve the puzzle can mean they lose out on successfully buying a ticket. Captcha isn’t only annoying to users, it’s wasteful. Placing barrier to interaction is costing the economy a lot of money, since by its very nature it slows down transactions. A human operator must take the time to solve the puzzle and enter the solution. 15-20 seconds of each user’s time may not sound like a lot, but it quickly adds up. One of the creators of Captcha (a professor at Carnegie Mellon University) estimated recently to Time magazine that 200 million Captchas are solved daily. Even at only 15 seconds each, that is over 800,000 user-hours consumed each and every day solving Captchas<

Originally posted by bobby131313 Sure, less than 1% maybe.

It's actually more like 10%, possibly more.
<

I still fail to see the point. Since 10% may not be able to do it, block them all instead?<

HuwR's point was that if 1 person cannot solve a CAPTCHA you shouldn't be using it.<

Maybe I'm just dense.
So I'm getting DOS attacks on my search page...
1. I can disable the search page to all non-members.
2. I can add some type of human verification which only 10% of the entire group I've blocked above may not be able to negotiate.
Which do I pick?<

While Gatekeeper could be best effective, I don't think it is any less annoying or user-friendly at all. People should not be doing maths and brain exercises just to post something... While we can be all of combating spam, annoyed users either by Gatekeeper method is far worse than annoyed admins.
So I'm in favor of Captcha if a spam protection is a must than Gatekeeper. I find Gatekeeper annoying so are my users of every "capactiy" from low to high IQ to understand what they are looking or why questions asked.
As for visually impaired, there are very good public spam solutions with listening solutions.<

Originally posted by bobby131313
Maybe I'm just dense.
So I'm getting DOS attacks on my search page...
1. I can disable the search page to all non-members.
2. I can add some type of human verification which only 10% of the entire group I've blocked above may not be able to negotiate.
Which do I pick?

3. Or you can do a session check and not let non-cookie clients.

4. With above solution, you can also limit time-intervals of next search.<

I'll buy that.<

I would implement a counter and limit the number of searches in a certain period of time, that will prevent DOS attacks, if they go over your limit redirect them to google <

I don't think it is any less annoying or user-friendly at all. People should not be doing maths and brain exercises just to post something... While we can be all of combating spam, annoyed users either by Gatekeeper method is far worse than annoyed admins.

It all depends on the question you pick. It can be anything simple as long as its unique e.g.
Type the word Hello in this box -> Hello
What colour in an Orange? Orange
How do you spell dog? Dog
What is 2 + 2 ? 4

phoenixtaz13, you should include search.asp in your robots.txt


And there's no reason to believe its a DOS attack. It could be a legit web crawler. Did you get the i.p. address from active_users.asp?<

podge,

i'll apply the robot.txt... its a google bot... yup, got the ip, forgot where i wrote it...
many, many thanks.... <

Um ... didn't you add a robots.txt file already?
<

what i meant was, the time i experienced the bot/crawler, i havent installed the robot.txt...
thanks... :)

<