Simple security verification for input form?

I want to add functionality to a band web site where people can enter
their email address to sign up for the mailing list. It seems obvious
that I need to protect against a bot however unlikely that may seem.
Some sort of bot could continually add email addresses to the mailing
list until my SQL database has millions of unwanted records otherwise
I suppose.

The typical solution to this seems to be where you are shown a
picture of letters to a word and you have to enter the word in a form.
Is there a Rails module for this out there that I can use ?

It occured to me I could also invent some sort of simpler security
system where I do something like print a conextual question such as:

who is the president of the USA ?

here are 4 words, cat, dog, run, frog. Which one is a verb and which
of the others is not a mamal ?

However, I may need some way of randomly generating numerous
questions and I suppose if this was a good approach there would be
more of these out here, whereas the letters as images seems more
common.

  1. Captcha Plugin (with images):
    http://www.agilewebdevelopment.com/plugins/captcha

  2. Brain Buster (a logic Captcha with Questions)
    http://www.robsanheim.com/brain-buster

Have fun.

On Feb 15, 4:48 am, “Thorsten L” [email protected] wrote:

  1. Captcha Plugin (with images):
    http://www.agilewebdevelopment.com/plugins/captcha

  2. Brain Buster (a logic Captcha with Questions)
    http://www.robsanheim.com/brain-buster

Have fun.

Do you think these kind of bots are very common ? I was thinking of
setting up something like a max record field for know as an easy
solution until I have time to install one of these Captcha modules
which looks like a bit of work. Basicaly I would just have a field in
my top level record set to 500, 1000 or something and if that many
mailing list records where ever created, it would not allow any more
to be created. Then I would have to go in and delete whatever ones
where there. I’m not sure if this would ever really happen or not with
a bot ? At the moment I am not set up for search engines as my site is
still under construction.

On Feb 16, 5:17 am, “Thorsten L” [email protected] wrote:

Just take a look, it should not be too hard. But if you think deleting
spam manually (which is not that big of a threat for a newasletter
system) will work for you, go for that. you can implement Captcha
anytime later…

I thought of any easy puzzle which should be minimal coding:

2 frogs + 3 cats + 7 frogs = how many frogs ?

the most complex you could get, which I think is still pretty easy
could be:

3 slimy frogs + 2 yellow frogs + 3 yellow cats = how many slimy
frogs ?

or how many yellow things ?

etc

I can’T really say how common such bots would be. Bosts mostly spam
comments etc. with spam, i dont see a real use for a spammer to make
his bots flood a newsletter input field… he won’t get anything out
of it.

However, implementing the Captcha plugin is not a big deal, you only
need to habe ImageMagick and the RMagick gem installed, and basically
add a few helpers to the view, and a vlaidates_as_captcha Validation
to the Model …

Just take a look, it should not be too hard. But if you think deleting
spam manually (which is not that big of a threat for a newasletter
system) will work for you, go for that. you can implement Captcha
anytime later…

On 2/16/07, surfivor [email protected] wrote:

need to habe ImageMagick and the RMagick gem installed, and basically

or how many yellow things ?

etc

This is exactly what BrainBuster does - its a logic captcha. I wrote
it. More details here:

http://robsanheim.com/brain-buster

  • rob

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs