Are you human?

Captchas protect against spam robots and increase the security of your own website

1. April 2021In WordPressBy Karsten Risseeuw5 Minutes

Security is a big issue for websites. You can think of very different things, such as backups for emergencies, or security measures that should make access more difficult for hackers. This post is about captchas and how we have just improved them for our customers.

What is a captcha?

The word «Captcha» is an acronym and stands for «Completely Automated Public Turing test to tell Computers and Humans Apart ”. In German: “Fully automated Turing test to distinguish between computers and people”.

A captcha is a hurdle that is used to tell people and machines apart. The hurdle can be easily overcome by humans, but is recognized as difficult by bots. This is especially important because there are so many “bots” on the Internet trying to gain access to websites, record spam comments and the like. If you have now installed a captcha, a small test appears that is easy for humans, but difficult to bypass for automated processes.

A captcha makes it difficult, for example, to post spam or brute force attacks on websites.

Where are captchas used?

Captchas can be seen in different places on the website:

  • Log in
  • Registration
  • request password
  • To place an order
  • Complete Order
  • Create a comment
  • etc.

Not all of these options need to be offered. Often you can only find a captcha when logging in and maybe when creating a comment. A captcha should work where there is interaction between users and the website.

What do captchas look like?

There are very different captchas, visible and invisible. For example, older captchas look like this:

Distorted letters are more legible for humans, but a little harder for bots.

There are different types of captchas, for example:

  • Text captchas
  • Math captchas
  • Icon captchas
  • Photo captchas.

The captchas are being developed further and further because hackers do not stand idly by as the path is blocked. The ReCaptcha from Google, for example, is also popular, offering various images to choose from and the user has to click on the palm trees, the cars, the hills, crosswalks, motorcyclists or similar.

Do Captchas Make a Website 100% Safe?

No. There is no such thing as 100% security. However, captchas should be part of any security strategy because it increases the hurdles. Using captchas already locks out a lot of hackers. Think of it as a layer from a multi-layer security concept.

Captchas and WordPress

There are a lot of plugins for WordPress that offer captcha functionality. Some integrate the Google solution, others offer, for example, a small arithmetic problem that has to be solved. Which captchas work well on a website must always be tested.

For example, there are some captchas that have been customized for the WooCommerce online store, while others have no such customization. If there is no support for certain tasks, a captcha can lie across. While this applies to every extension, a captcha is about the direct interaction with the user of the website. Here it should work particularly easily and reliably.

Support may be necessary, for example, for:

  • WordPress login
  • Online shops with registrations, accounts, etc.
  • Newsletter registrations
  • Forum software
  • etc.

New Captcha solution for Kursiv customers

In our service package for WordPress customers, we are now also including a tried and tested captcha solution that has proven itself best. Various solutions have been in use so far, but each solution has its drawbacks. For example, Google ReCaptcha works great, but Google tracks websites. Certain math captchas with calculations didn’t work with an online store. These and other experiences led to the search for a new solution.

A plug-in was found that covers most requirements and is also very easy to use. The captcha works with icons and can be understood intuitively.

This solution is simpler than any previous solution, it is fast, there is no tracking and mostly works perfectly. This plug-in also has a honeypot function. A honeypot is called a diversionary maneuver. It is the wrong lead that bots often fall for.

The new solution was installed and tested on all of the websites we maintain. Kursiv offers one more service to make it easier for you to maintain your website.

Italic WordPress Support