Idea to stop spam bots
Has anyone thought of using .mousemove() (jquery) to detect spam bots?
Because (I'm assuming) spam bots wouldn't need to move the mouse while navigating a website (and therefore wouldn't) and normal users do, couldn't you use this to trigger some extra security to stop them? (Like a harder validation that is to time consuming or annoying to serve up to everyone)
Admittedly, this could cause some problems for mobile users... but maybe you only run it for non-mobile devices.
//set not a spam bot
Well, JS doesn't run for spam bots. At least it doesn't always. So, that means that this method is good in that it's something that real users would do, rather than something that would actually detect spam bots. But the downside is that it's client side, so that they could read the code and do the same thing. If someone is specifically targeting your site, it wouldn't help. It would catch generic bots though. It would catch some real users too, but I guess just harder validation might work out.
mouse-less users aren't limited to mobile, either.
No.... No I didn't.
That was a funny tv show... Especially when the asteroid hit the earth... Oh back in the young'en days :p
Hmmm.... I didn't think of that Daniel.
I assume not... but maybe...
You'd have to create an exception for non-bots. Use JS to add a hidden field to the form with some value, either "not-a-bot" or maybe an MD5 string that will match something stored in a session var on the server.
Thus, if someone HAS this, it's NOT a bot. If they don't, it MIGHT be a bot.
Unless of course, as I said, the bots learn to use the material because it is client side.
Perhaps AJAX... they could still theoretically get it, but it wouldn't be in the raw source code, so it would take a lot more work for them. How's that sound?
I was thinking a php session?
And then right the session using ajax.
Do bots not accept cookies? Some advanced ones might. (And maybe JS too.)
Errrr.... Daniel - -
Originally Posted by djr33
I'd actually say that it's the less advanced bots who accept cookies and the more advanced ones that don't.... maybe.
Not all captchas work like that Daniel. re-captcha doesn't.
I thought there are bots out there that actually analyse the image and try to work out what it says?
That's why all the letters on them are slanted and so on.
It's actually surprisingly easy to make a web-browser.
Using the .net library, all the browsing engines are pre-built so you can start there and add in more functionality.