Forum: Captchator Yesterday bots found a hole in my captcha auth

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
A96722bf927bdcfd342c690c0ad26262?d=identicon&s=25 Konstantin Dzreyev (konstantin)
on 2010-03-29 14:34
Yesterday I started getting messages from bots at my site. They set no
captcha answer and my code sent
"http://captchator.com/captcha/check_answer/$yourse... as a
captcha confirmation. And sometimes you answered with "1" instead of
"0".

As workarout I pushed a fix that requires a captcha answer to be not
blank...

But is not there an issue when one asks you for confirmation without any
answer?

Thanks!

Konstantin
3a83969376c805ef5b6042191fdb0ff3?d=identicon&s=25 Andreas S. (andreas)
on 2010-03-29 18:06
Konstantin Dzreyev wrote:
> Yesterday I started getting messages from bots at my site. They set no
> captcha answer and my code sent
> "http://captchator.com/captcha/check_answer/$yourse... as a
> captcha confirmation. And sometimes you answered with "1" instead of
> "0".

Thanks for the report. I made a change to the software yesterday that
caused this problem. It is fixed now. Please let me know if there are
any further problems.
This topic is locked and can not be replied to.