Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 4 years ago.
Improve this question
Is there any close or best open source solutions as Google's Invisible reCAPTCHA V2? And also as Google's regular reCAPTCHA V2(checkbox one)?
SecurImage or phpcaptcha is open source alternative to Google reCaptcha v2. But I don't think there's any alternative to the Invisible reCaptcha yet. You can refer to This for some good alternatives for reCaptcha v2 (though most of them are not open source).
I have yet to find any pre-assembled free code implementations, but my favourite suggestions so far for replacing reCaptcha is the honeypot technique. The concept is that webmasters add fields to their forms that are invisible to human users, but visible to bots. When bots fill in these invisible fields, they reveal that they're not human, and the forms can be safely discarded. More details here:
http://ezinearticles.com/?Captchas-Considered-Harmful---Why-Captchas-Are-Bad-And-How-You-Can-Do-Better&id=1104207
... and some discussion of implementation here:
https://www.thryv.com/blog/honeypot-technique/
I like this because of the way it shifts the burden of proof. Instead of requiring users to perform annoying extra tasks to prove they are human, they are presumed to be human, unless they reveal themselves to be bots. Also, 'are you a human' captchas, are known to make it difficult (if not impossible) for some special needs users to access websites, so this is another good reason to find a replacement for them.
There are definitely much better solutions than reCAPTCHA out there now. I like solutions that focus on user experience. Another great option I don’t see listed here is Human Presence. Human Presence uniquely analyzes user behavior invisibly in the background on your site and determines whether the user is human or bot using proprietary machine learning algorithms to measure the user's actual behavior across dozens of different data points...keyboard strokes, mouse movements, micro gestures, etc.
The best part is that real users on a website are never punished with turing tests like CAPTCHAs or math problems. The Human Presence API can be configured to check the session and make sure the user is human before processing forms, comments, wishlists, shopping carts, or even page loads so that only bots are blocked but legitimate users continue on about their business as without any knowledge of the technology.
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 months ago.
Improve this question
Yahoo web mail (mail.yahoo.com) is stripping out these inline styles, but keeping things like color and padding.
text-decoration
font-size
border-radius
text-align
font-family
Any idea why these are purposely being removed?
Example:
<span style="font-size:30px;">Hello</span>
becomes:
<span style>Hello</span>
What can be done?
This is the difficult part because options are few. Even with free market choices well established corporate entities have little to no business reasons to improve their products unless competition comes along. You could always attempt to file a bug report (like, where if even any where though...) and as usual wait decades for a(n intelligent) response (*cough* Mozilla *cough*). You could attempt to work around the issue (replace width with min-width in example). I've noticed that font-size: 120%; works just fine so consider what unit values you're using for testing.
You can make a different though, even if it's relatively small. I was wronged by a motherboard manufacturer in the mid-2000s and since then they've lost tens of thousands of dollars of sales because of me directly and who knows how much more based on the video I posted back then and that is just in the past ten years. The issue with Yahoo is different, at best all you can do is write a blog entry and link to other people talking about the issue to raise awareness. You could go so far as to disallow registrations from users with Yahoo accounts or greatly discourage users from using Yahoo accounts though that could lead to a loss of members so I wouldn't do something like that unless you've got something people really want. The state of HTML email in general is exceptionally sad at this point though most (at least technical users) typically have multiple email addresses.
You could always use <style type="text/css"></style> even though scoped CSS is not widely supported in 2017 except for Gecko/Firefox though it did seem to fix some of the issues for me that you mentioned you were having.
Lastly you can always provide a "view this email on our website" option; I see it all the time because HTML email is still a disaster (2017). I've even seen nonsense with developers sending email with html element (uh, it's not an entire page, it will be embedded, but you know, whatever...).
So try utilizing different unit values and even the contexts themselves. Inline-styling is the way to go and if that fails provide a website version of the email (with security considerations for email with sensitive data).
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 8 years ago.
Improve this question
I'm in the process of making an app and wondered if it is bad practice to parse a website's HTML page (in terms of efficiency) when their API does not provide me with the specific information I need for an element in my app. (Of course all due credit/sources will be provided visibly in my app, etc, etc)
For instance: if for some reason the Google Places API does not provide me with a venue's business hours, so as a workaround I go to that venue's Google Places page and parse the HTML for that business' hours to place in my app.
Just some thoughts that I hope would make things clearer.
If an API doesn't provide the data you need, first, a good idea would be to contact the API developers and request the functionality you need. Also, before taking the web-scraping/html-parsing approach you have to study the legal side of it, make sure the web-site is not against web-scraping - study Terms of Use.
Also, take into account the possible complexity of the html-parsing code. You would depend on the actual HTML markup that can be changed at any point. The solution you would implement can be really fragile because of it.
Besides, some things can be very difficult to get without a real browser. For example, something can be calculated via a javascript code being executed in the browser, or via a set of complicated AJAX calls. In this case, you would need to utilize a real browser, which is, first, a dependency, and, second, the thing that would slow things down dramatically.
Besides, some sites have anti-web-crawling solutions in action, like banning the IP address after multiple consequent requests, or requiring a certain header to be sent with each request etc.
You can also take another defensive step: contact the webmaster and discuss the problem.
Follow-up: Web scraping etiquette.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I want to create a website where people can create events related to education, entertainment, sports, regional, cultural etc. Every user will have its own page which will be publicly available. Now I want to make sure that these events are searchable by all the search engines such as Google, Bing etc, as soon as the event is created. How can I achieve this?
There is nothing special you need to do to make your website crawlable, as long as your text is in html, and not generated by javascript exclusively and can be found on an url search engines will find it.
With that said if you want to speed up the indexing process you can programmatically ping google for every new content entry you make.
eg ping google:
http://www.google.com/webmasters/sitemaps/ping?sitemap=URLOFSITEMAP.xml
to ping bing:
http://www.bing.com/webmaster/ping.aspx?siteMap=http://www.yourdomain.com/sitemap.xml
Most search engines have an option for pinging similar to this. Keep in mind that yahoo and bing use the same technology, so you only need to ping bing.
You also need to populate your XML sitemap everytime you create new content and then automatically ping it using the url above. This will make sure that all your content is indexed as fast as possible.
Important SEO Techniques to follow:
#1 – Optimize your title tags
#2 – Create compelling meta descriptions. Make sure that words used in meta tag descriptions should be reused in a page content.
#3 – Utilize keyword-rich headings
#4 – Add ALT tags to your images.
#5 – Create a sitemap
#6 – Build internal links between pages
#7 – Update your site regularly
#8 - Provide Accessibility for all users.
high-powered link building campaigns
always require that good old optimized content
Optimize your head section within HTML, Use a unique and relevant title and meta description on every page
title description for a tags
Alt text for IMG tags
use proper H1, H2,...H6 tags
Use keywords in your URLs and file names,
Use your keywords as anchor text when linking internally.
Social network marketing can also help, Use press releases wisely.
Start a blog and participate with other related blogs.
Do keyword research at the start of the project.(good free tool is Google’s AdWords Keyword Tool, which doesn’t show exact numbers. so you may use paid versions of Keyword Discovery or WordTracker)
SEO isn’t a one-time event. Search engine algorithms change regularly, so the tactics that worked last year may not work this year. SEO requires a long-term outlook and commitment.
For more help refer:
really nice article:
12 steps for better SEO
21 Tips for SEO
Jump start with below links:
https://support.google.com/webmasters/answer/35291?hl=en
http://www.bing.com/toolbox/seo-analyzer
gud luck :)
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
Has anyone, with a large sampling, done research on how many users actually print webpages? I'm looking for some percentage values. .01%, 1%, etc actually print webpages.
It seems like a waste of time, to create design oriented print pages, if the stats extremely low.
It is very easy to create some print styles for your stylesheet to make printing easier on people.
As an example: http://www.alistapart.com/articles/goingtoprint/
In the same way that not everyone who visits your site will be disabled, the best practice is still to create sites that work for people with accessibility problems.
I don't have a link to a study for you but I'm very confident that it depends heavily on the type of content. I.e. the percentage of people who print a youtube video page is for sure much lower than those who print a recipe from a online cookbook.
So it's probably best to run your own study on the particular website where you need it. You can either make a little poll for the users of your site or track how often pages actually get printed.
This is not a metric that is usually tracked.
Since one needs to differentiate the regular page from the printable page, this requires a custom implementation on the printable version page that sends a particular tracking code/cookie.
It is not that hard to implement, one can even have printable pages tracked in google analytics or any analytic engine, but as I said it does require preparation and most people don't track this metric in particular.
It is possible through JavaScript to track the actual printing event with IE browsers. Considering users most likely won't switch to IE just to do the printing, it would give some sort of accurate indication of what % of the IE users, print the page.
For more information about the onbeforeprint and onafterprint events have a look at:
http://msdn.microsoft.com/en-us/library/ms536672(v=vs.85).aspx
Btw, I am not saying that collecting this data solely from IE users would give an accurate indication of the overall % of printed pages across all browsers, because IE is far more commonly used in office environments rather than home environments.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 2 years ago.
Improve this question
A member of my company in greater ranking than myself refuses to use recaptcha.net on his website to thwart spam off of a public form. He thinks it would be difficult for anyone coming to our site to enter their information since the Turing Tests are "so darn hard to read".
Is there an alternative to using this method? That doesn't contain these sorts of difficult to read images?
(Okay stupid question...if it were up to me we'd use recaptcha because everyone else on earth does...but I just figured I'd check anyway.)
Also, is using a hidden field that is set by Javascript and later checked on the server really a good way to thawart spam?
I myself don't really buy that it is...since there are all sorts of Javascript engines that don't run in a browser yet can run Javascript (Rhino etc...), that could easily be used to thawart a JS/Serverside anti-spam method.
CAPTCHA will reduce your spam but it won't eliminate it. People are paid to decipher those glyphs. Some sites use the glyph that was presented to them for their own site so some hapless visitor will decipher it.
Just so you're aware that it's not a perfect solution.
Based on the principle of don't solve a problem until it's a problem: is spam a significant problem on your website? There is something to be said for not annoying your customers/visitors. Even here I sometimes need to make a few edits and I get the irritating "I'm a Human Being" test on typically the last edit I need to make. It's annoying.
People have proposed all sorts of other methods for dealing with this problem. One I read about used picutres of cats and dogs that you had to classify because apparently there's a database of 30+ million of these in the US for abandoned animals or somesuch. This or anything that gets in widespread use will be defeated.
The biggest problem with spam on sites is if you use software that's in widespread use (eg phpBB). Your best bet for those is to make enough modifications to defeat out-of-the-box scripting. You may get targeted anyway but spamming is a high-volume low-success game. There's no real reason to target your site until it accounts for a significant amount of traffic.
The other thing worth mentioning is techniques that can be used to defeat scripted spam:
Use Javascript to write critical content rather than including it as static HTML. That's a lot harder to deal with (but not impossible);
Rename and/or reorder key fields like username and password. For example, generate username and password form fields and store them as session variables so they only work for that user. That then requires the user to have visited the page with the login form (rather than scripting a form response that can be POSTed directly);
Obfuscate the form submission. Things like unobtrusive Javascript that you can do in jQuery and similar frameworks make this pretty easy;
Include a CAPTCHA image and field box and then don't display them (display: none in CSS). You'll confuse parsers.
The best way for not so popular sites is to insert a hidden field and check it. If it's filled then it's spam because those bots just fill in any field they find.
You might want to look into Akistmet and/or Mollom.
Add a non-standard required input field. For example, require a check-box that says "check me" to be checked. That will defeat any automated scripts that aren't tailored to your site. Just keep in mind it won't defeat anyone specifically targeting your site.
A simple way is to display an image reading "orange", and asking users to type that.
Yes, recaptcha will cut spam but it will also cut conversions! You should consider using XVerify which does real time data verification. What makes those registrations spam is bogus data, with XVerify it will make sure the information you put in is real data by verifing the email address, phone number, and physical address of users. If the information is fake the user cannot click continue! SIMPLE!
I used to think CAPTCHAs were good and used reCAPTCHA on public forms. I noticed that spam submissions were gone but I also noticed that real submissions were cut drastically as well.
Now I don't believe in CAPTCHAs. They work but I feel they can do more harm than good. After having to enter in hard to read CAPTCHAs on other sites I understand why I don't get as many real submissions. Any input that a user must act on that is not related to their main goal is a deterrent.
I usually use several methods to prevent spam and it depends on what type of content I'm expecting in forms. I created server methods that scan comments and mark them as spam based on content. It works ok, but I'm no spam expert so it doesn't work great. I wish someone would make a web service that did this.
I think the links from Evan are pretty interesting!
Another method that I have heard about, which basically extends the javascript idea, is getting the client's browser to perform a configurable JavaScript calculation.
It has been implemented in the NoBot sample as part of the Microsoft AJAX Control Toolkit
http://www.asp.net/AJAX/AjaxControlToolkit/Samples/NoBot/NoBot.aspx for some more details of how it works.
I found an alternative called Are You A Human. Not that programmers should go on gut feelings, but from the start it seemed insecure. Since it's a fun game you play, I decided to try it. It didn't work for me. It's possible the host isn't set up for it. That's the last thing for me to check.
If anyone else has tried ayah, I'd like to know how it worked.
I've used Confident Captcha before and it was really easy to get set up and running. Also I haven't had any spam get through on the forum I manage.
It isn't a text based Captcha but instead uses images similar to picaptcha. I've tried 'Are you a human' before and it's definitely an interesting concept.
Found one called NuCaptcha which displays moving letters...
8 years later...
I have been looking for alternatives to Google's reCaptcha, which doesn't ruin the UX, tracks user, etc. and found this gem: Coinhive Captcha.
It works by mining Monero coins (hash count is adjustable) in the background and provides a server-side API to verify it. It should be noted, that - depending on the selected hash count to solve - it may be slow, specially on mobile devices.