CAPTCHA
Captcha's revisited
- Posted by Rob (#1) on October 25, 2007 08:15 CEST
Quiet here, again.. but probably due to too many things going on in life, so that's a good thing.
And right now you'll have to settle for just a quick administrative note: I've changed the CAPTCHA images a bit again and (hopefully) improved the code a little bit. Despite my earlier efforts I continue to get more and more comment spam. For some reason I don't want to force registration upon those who'd like to comment, but if the nonsense continues I see no alternative on the long run.
- PermaLink: Captcha's revisited
- Tags: spam, CAPTCHA
- Post comment
Login name restriction
- Posted by Rob (#1) on August 3, 2006 16:28 CEST
Up until now my site did not put any restrictions on the choice of a login name. All public references were either URL encoded or transformed to proper HTML entities, so it didn't really matter if there were any unusual characters.
However, a lot of spammers attempt to break Kiki's security by sending invalid data, aiming to abuse the registration process as a method of sending e-mail. Sorry lads, your attempts don't work and forgive me for my arrogance, they never will. However, I do end up with annoying zombie accounts in the database due to those silly spamming attempts:
And I don't like to be annoyed. So let it be known that as of now login names are restricted to letters, numbers, periods, dashes and underscores. And I've added the "random image code" Turing-ish CAPTCHA to registration, including an update to the look and feel of it (matching colours and a new font). Look at it's new-found prettiness:
- PermaLink: Login name restriction
- Tags: Kiki, security, user profiles, spam, SQL injection, Turing test, CAPTCHA
- Post comment
