Stranger’s Blog

CAPTCHA an acronym for “completely automated public Turing test to tell computers and humans apart “. CAPTCHA technology is used to prevent forums, polls, guestbooks, and blogs are some of the popular places where automated robots can be found submitting forms.

Web forms are always prone to attack by people who want to use it for their own purpose. There are various way to prevent such attract but the most effective and accurate way is using CAPTCHA.

CAPTCHA mainly generate a random created image that is displayed to the user. The image contains a phrase, that is only human readable and after the form submit it verify the human submission by matching the phrase.

This technique doesn’t ensure the 100% security. Some CAPTCHA are breakable for OCR attacks. And there are also others vulnerabilities, such as session re-use and cross-vhost file inclusion on shared servers.

However CAPTCHA can be a great way to limit the amount of successful, unwanted HTTP POST requests in your application. There are many open-source class and code for CAPTCHA. PEAR’S CAPTCHA is one of the best package.

Happy CAPTCHA-ing!!!!!

This entry was posted on Friday, September 1st, 2006 at 2:09 am and is filed under PHP. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.