Feb 8, 2017

Protect Your Site

Recently, a Creative Arc client was being bombarded by spammers trying to access their intranet.  Every day, they were finding multiple fake registration requests, requiring them to spend extra time weeding through the real requests. 

Occasionally when this happens, there's an identifiable pattern and one of our developers can increase the security by implementing a "black list" to try to prevent the fake registration requests.  However, to do this we have to learn which requests are valid and which are fake, so it's not an instant solution.  For this particular client, the fake requests seemed to be coming from humans in Ukraine, as opposed to bots, which made the problem more complicated to solve.

In addition to the blacklist, we installed Google's ReCaptcha 2, which Google markets to be "easy on humans, hard on bots."  It's a free service offered by Google, and adds extra steps when submitting a form response to limit responses from bots; additioally, it is mobile friendly for users trying to submit responses on their phones or iPads.

Captcha techcnially stands for Completely Automated Public Turing Test to Tell Computers and Humans Apart.  The pros are that it limits spam, protects your site, helps to eliminate duplicate responses, prevents comment spam in blogs, and protects website registration.  However, it's another step for the live user, and can potentially negatively effect the conversion rate. 

A good alternative to captcha is adding a honeypot to your form.  Bots will fill in all available fields, so if we leave one field intentionally hidden from users and it comes through as completed, you know it was done by a bot.

Are you interested in increasing the security on your registration and/or contact forms?  Call us at 612.605.0822 or e-mail us and we can help!

Want to share this post?