Super CAPTCHA
Super CAPTCHA was one of the first pieces of software we developed under the General Public License. Since we developed it, it ran across the internet like wild-fire as everyone running WordPress blogs knew they were vulnerable to one thing — Spam. It really isn’t very fun to login to your blog every day and spend two hours sifting through spam, so we developed this piece of software and figured that it would be a show of low morale character to sell the product being there were so many people whom really needed the product. So we published it for the public and today, over 110,000 WEBSITES WORLD-WIDE USE IT.
This simple “plugin” forces those registering or logging into a WordPress website to first have to answer a question based on an image with words written on it. This piece of software is revolutionary because it was the first piece of CAPTCHA on the internet to start the trend of using random armaments to the image to keep the spam bots from “pre-programing” image readers to scan the image for the answer, automatically. This software actually changes, at random, several aspects of the image, from the font type, font color, and right down to the tilt and angles the fonts are rendered at. In fact the software INTENTIONALLY places some fonts half-way off the image so the “human reasoning engine” must prevail in order to correctly answer the question. Sometimes people just don’t get it, and we got it, so, we made it even easier for humans by adding an audio download that verbally reads the question to you!
MORE THAN 1,210,000 RESULTS WHEN SEARCHING FOR THE SUPER CAPTCHA CREDITS BY LINE ON GOOGLE!
“Gee, thats a lot! Now how do I know your code is actually in and being used in those sites?”
In order for someone to use the code, we stipulated that they must provide in the footer of the site credits to the software, you should see “Powered by Super-CAPTCHA” at the bottom of each website with a link back to our web-page.
2 Comments
Comments are closed.
I am currently using WPMU Supre Captcha and it is not preventing spam registrations. It has been installed correctly and configured correctly but I get about 10-20 spam registrations a day. Any suggestions?
Greetings Jon,
I am aware that the system does not block 100% of the unsolicited sign-ups, this is because the 10-20 registerations per day are most likely done without automation. I have several sites in which I’ve studied this behavior extensively and I can conclude that most likely you do have one person trying to create accounts on your site using a system of web proxies.
Super-CAPTCHA was only meant to stop the automated signups, which from the tests I have run, it has done very well. But it is impossible to block signups from people that are intentionally trying to create blogs for link inflation.
I would suggest seasonal moderation, meaning when the spam picks up, turn on moderation, when it dies down, turn it off. The reason we’re suspecting these attacks are indeed human is because no matter what anti-bot method or system that is being used, these particular people are able to bypass it 100% every time without failure which is not bot-like. Furthermore these signups happen within an hour of each other (or 4-5 at the time) which is consistent with a human being actually creating a few sites, then moving on to another site to create sites there as well. Again there is no way to stop these types of sign-ups, however removing the CAPTCHA system could have catastrophic results if your site is targeted by bots. There is a back-end tool that lets you see how many people have failed the captcha test, I’d recommend looking at that and seeing what the accuracy is of the system currently.
As an example, on vraul.com (our test-bed for WP-MU) the system blocks approximately 2,000 (always more than 1,500) per day. However there are 10-20 per day that make it through the system. This is 99% accuracy in blocking spam.
You can furuther secure the system if you would like by forcing the CAPTCHA test on the logins. This will keep the real registrations with automated posting from being able to log-in and post.