What is a captcha and why was it created?
Captcha (Completely Automated Public Turing Test To Tell Computers and Humans Apart) is an automated Turing test, the main purpose of which is to make sure you are a real person or a robot. Checks can be a text version, as well as checks using images. All examples basically will not become anything difficult for people, but for a bot, it will become an almost impossible task.
What is the need for the existence of a captcha? You need to understand why bad robots visit sites. If you don’t dig too deep, it’s easy to identify the main protective mechanisms that captcha helps with:
- DDOS attack. A scheme that, if implemented, can break the site. The principle is quite simple: a huge number of requests from different sources overload the site because it simply cannot cope and process the information. At the end of the picture, the resource simply freezes and becomes inaccessible to users.
- Spam bots. After you have launched the site, after a while, hundreds of spammers will inevitably begin to show up in the comments. If there is no captcha, then everything will get bogged down in a ton of links to various resources. Search engines don’t like this, and as a result, your site may be blacklisted.
- Interception of goods. Many online stores launch promotions, where for a limited time it is possible to take goods at a discount. This may be a limited collection, a novelty from the manufacturer of innovative technology at a reduced price. During such events, bots appear that buy everything at the lowest price, to resell it later. At the same time, the real buyer will simply not have a chance to buy goods. Such a story can have a very negative impact on the reputation of online stores.
- Parsing, data collection. This is often practiced by large online stores and SEO specialists who study their environment in search or simply want to automatically fill the pages of promoted sites with other people’s content. Parsing usually does not harm the resource, but the load on the site can create quite a solid one, which will lead to freezes. It is almost impossible to protect yourself from this, especially with the help of a captcha, unfortunately.
In 2014, the search engine released an improved version — reCAPTCHA. This version remains popular today. If there is no suspicion of the user, then it will be enough just to click on the checkmark and the captcha will be skipped, otherwise, a rather problematic test will be offered, which will be almost impossible for the bot to cope with. Traffic lights/Boats/Buses and other «puzzle» searches will be waiting for anyone whom the captcha deems objectionable. However, the person will easily cope with the task.
It remains only to discuss the unsuccessful sides of the captcha:
- User inconvenience. Nothing critical, it would seem, is happening, you just need to pass a small test and wait for confirmation. In any case, it takes away our valuable resource — time. Perhaps the user is in a hurry to confirm the purchase with passion, or maybe he just wants to leave an angry comment to the enemy. In any of the options, the captcha will be inconvenient. At such moments, you don’t think much about the security of the site, which is understandable.
- Huge load on site performance. The selection of additional widgets will inevitably lead to a drop in the quality of the site loading speed. Loading the captcha itself also takes some time and requires certain resources. This is not to say that the performance of the site suffers greatly, but it is impossible not to notice the effect.
Even though captcha cannot be a panacea for most problems, its popularity is relevant on many sites. Even if the effectiveness is doubtful, this method of dealing with fake traffic remains simple and free, in the simplest situations, it is also effective.
To fight spam, by the way, is possible in another way.
You can give fields unique names that bot programs are not familiar with, or you can embed additional fields hidden from users using plugins. Spammers have already learned how to bypass the last method, so its activity is questionable.
When it comes to online stores, there is a fairly proven, reliable method. Registering an e-mail for bots is not so difficult, but a phone number for them can be an overwhelming task. This means that the registration of user accounts should also be tied up under these points. Authorization through social networks also helps to weed out fakes during registration, but it is not always more convenient for users.
Captcha and proxy
Naturally, when artificial restrictions arise, resistance to restrictions begins.
In such cases, very often captcha proxies become useful, which are specifically designed to bypass Google or Yandex captcha.
The development of captchas and proxies has been going hand in hand for a long time. In addition to proxies against captchas, there are also automated systems that allow you to solve captchas and be able to automate access to resources. As we have already described above, proxies just allow you to access those data or actions on sites whose owners are trying to restrict for one reason or another. Therefore, we can safely say that the use of a proxy for captcha is very popular. Such solutions are evolving daily along with the development of security features.
An additional option: spam bots can be blocked in the .htaccess file or filtered using specialized services (of course, not for free).