Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Stopping spam using a CAPTCHA

From: Drupal 6 Essential Training

Video: Stopping spam using a CAPTCHA

Spam and site vandalism are a problem for anyone who runs a publicly accessible website. There are a several Drupal Modules that give you ways of combating such problems. We are going to examine one of the more popular, the CAPTCHA module. A CAPTCHA forces posters to prove they are human and not an automated posting box by challenging them with human readable questions. This module as with all modules will change as new versions are released. As a result the interface and features you see here might not match what is on your computer. We have already downloaded and installed this module. If you need help doing so, see the video in this series entitled 'Unpacking and Installing Modules'.

Stopping spam using a CAPTCHA

Spam and site vandalism are a problem for anyone who runs a publicly accessible website. There are a several Drupal Modules that give you ways of combating such problems. We are going to examine one of the more popular, the CAPTCHA module. A CAPTCHA forces posters to prove they are human and not an automated posting box by challenging them with human readable questions. This module as with all modules will change as new versions are released. As a result the interface and features you see here might not match what is on your computer. We have already downloaded and installed this module. If you need help doing so, see the video in this series entitled 'Unpacking and Installing Modules'.

By the way CAPTCHA is a sloppy acronym for Completely Automated Public Touring Test to Tell Computers and Humans Apart and it is spelled CAPTCHA. The first we are going to do is go to Administer and Modules. To turn on CAPTCHA we will click to close the CCK and all of the other groups up here, so that we can get to the bottom of the page quickly and there is our CAPTCHA module. You need to enable the main CAPTCHA modules and then these other ones extended.

I am going to click on both of them. You can also download additional Extenders from the drupal.org website. Once we are done we click on Save Configuration. From here we would administer CAPTCHA, by going to Administer and by doing Command+F or Ctrl+F on PC and to find it easily I will search for 'capt' and there we are CAPTCHA and click on that. We will get back to the General settings in a little while but first we are going to tackle Image CAPTCHA, by clicking on Image CAPTCHA at the top of the screen. You will note this warning at the top, which tell us that a CAPTCHA module works best for the TrueType font file installed. You can get this on your computer. On the Mac that is in Library, Fonts from the top level and on Windows it is in Control Panel and then the Fonts folder.

We have already taken one and put it on our desktop. I am going to go to that, by going to the Finder and hiding everything else and there is our Font file. You put this inside the Captcha folder, which you have installed in to Modules and then inside image_captcha and fonts. So we will just drag that in and then go back to our Administrative interface. Now when we refresh the page you will see that this bitmap will change into something a little bit prettier using a font that we just installed which incidentally was Georgia.

The reason that it is done this way is that the makers of the CAPTCHA module are not permitted to distribute the fonts. You can use the ones that are installed on your computer and it is possible to download free TrueType fonts from throughout the internet, but they cannot distribute them so you need to make this small adjustment. We are going to reload this page. So we have taken care of the font issue. Now let us go through some of the options you have. You can choose what characters are in the code. If for example, you decide you do not want to use any capital letters, you can just knock those out of here. You will notice that some of the letters are missing that is because a capital I looks very much like a lower case l. I prefer to leave the settings in here and they are given.

You can choose how long you want to the code to be. If you want to make it easier for humans then you would make it two or three or four characters, if you want to make it harder obviously more characters. Of course the harder you make it for people, the harder it is also for spammers to use robots to read your CAPTCHA. Scrolling down further we've installed another font, so we are going to select it from Font. And Character Spacing we will leave on normal. You can play around with this once you are down, to see which works best for you. Color settings and Text color, we will leave all of this alone although again, what you will want to do is play with it to see which one works best for you to give you the best balance between difficulty and ease for a person to read.

Finally you can define several types of Distortion that will affect that CAPTCHA. I am going to leave it as it is, it is default just so that we can see what that looks like and then adjust from there. Click on Save Configuration. Now we see an example CAPTCHA. I will not say that is pretty good. For example I can read that, it is + ! t # F. Let us change a few of these settings just to see how it affects things. We will make the Code a little longer. We will make the Font size larger, Character spacing smaller. So we will have larger and more letters, but crushed together. This is going to make it harder for the CAPTCHA to be read by a computer, but also harder for people. Continuing on, we will leave the Background color and font color the same although of course if make them very similar that is going to lower the contrast between the two.

You can also change the amount that the text varies from letter to letter. You might have noticed up above that the letters do vary in color. This one is sort of a green brown and this one is sort of a purplish. You can change the amount of that variation. Finally Distortion, this one is really fun. Let us turn on Double vision just to see what it looks like and Smooth distortion. Leave the Noise level at normal and Save Configuration. There that is an example of slightly more difficult CAPTCHA, but I can still read it and I think this is a pretty good setting. So we are going to go back to Administer now and scroll down to CAPTCHA and let us take a look at the Text CAPTCHA by clicking on Text CAPTCHA at the top. Text CAPTCHA actually has far fewer options. It can generate nonsense words or you can define a list of words and again you can select how long the CAPTCHA should be.

I am just going to leave it in its default configuration, but you do not know what these are going to look like. Do you? At least in the Image CAPTCHA you saw an example. Well do not worry about it because back at the main CAPTCHA page we have an option of seeing examples. Let us click on that now. The main part of CAPTCHA includes a math option, which will ask you a question as you can see up here. Let us see some more examples of this challenge. And you can see there are simple math problems that most people would be able to do. Going back to Examples, we see another example of the Image CAPTCHA. If we want to make sure that they generally are readable and want to have a large enough sample size to tell that, we will click on 10 more examples of this challenge and there we have. That is what it would like. Of course each one will be different when the user sees it.

Going back to our Examples, let us take a look at some of the Text CAPTCHA challenges. These are all what is the nth word in a certain phrase and then you would type in whatever the nonsense word is. The problem with Text CAPTCHA of this sort of course is it may be difficult for people who do not read English because they would not be able to read this what is the third word in the phrase section of the sentence. So now you know about a few of the basic CAPTCHA options, but how does this get applied in your site. To find out go to General settings and you scroll down you have an option to put different types of CAPTCHA in different parts of your site. For example if you want to make sure everybody entering a comment is really a human you might say, oh! I think I want a difficult Image CAPTCHA. Let us say for contact_mail you do not expect vandals to really hit that page as much. Let us try an easier Math ( captcha) and so on. And then of course you would save the options at the bottom.

One option that you can add is to Add CAPTCHA administration links to forms. That lets anybody who has the permission that lets them administer CAPTCHA, change what is being shown in a certain area. That is good if you set these settings down here and then really want to see what they look like on the site and change them on the fly. Down towards the bottom you can change the description of a CAPTCHA by changing the text in here. That is good if for example, you think your users already what a CAPTCHA is and you do not feel this is needed or alternatively if you think they need more explanation or if they are using a different language.

Finally you can force a CAPTCHA every time the person visits the page or only at certain times. You can set it so somebody only have to answer the CAPTCHA challenge once and from then on they will also be able to enter comments and mail and so forth. And finally you can add Log entries whenever somebody has a wrong response. We will click on Save and we are done. We have set up our CAPTCHA. Now before this becomes useful to users in general we have to go back to Administer and as usual go down to Permissions. On the Permission page you will scroll down to the Captcha module and see that you have two settings. We already discussed administer CAPTCHA settings a little bit.

The other one is skip CAPTCHA. Let us say that you have a special level where somebody has already proven themselves how good user they are and you trust that they are not going to abuse your site. You could for example, give them permission to skip the CAPTCHA. I think we are just going to leave this the way it is for now though we will go down to the bottom and click Save permissions. Now let us see how this looks to an ordinary user by switching to our old friend fishyjoe. You might remember that fishyjoe has a penchant for adding abusive comments. Let us see if he can do so now. Click on seeking equity partner. Oh! I think this is stupid, I add a new comment and I say, oh! That is -- now he has to enter the CAPTCHA. If fishyjoe is actually a person he will still be able to get pass this. He will enter his subject. Let us say, "That's stupid! I do not like this subject at all" and enters the CAPTCHA and let us just say that he enters it incorrectly.

Click on Preview and he gets a warning. The answer you entered for the CAPTCHA was not correct. But generally speaking of course users will be able to read this. So this is not good for stopping abusive users. It is however good for stopping abusive robots who will not be able to this as easily. Well just leave this comment behind and go back home. Finally I should mention MOLAM. MOLAM is a system that takes submissions to your site passes them through an external server which then checks it against an algorithm to make sure that it is not spam. It is some what more effective then an anti-spam system on your own computer because it is aggregating information from many spammers on many different sites putting that all together and learning exactly what sort of spam hits Drupal sites. It is incidentally a company that was founded by the fonder of Drupal itself, Dries Buytaert.

CAPTCHA like other schemes to beat online vandalism is only a partial solution. Computers might be able to figure out your CAPTCHA especially if you have configured the module lightly for better human comprehension. So it is not a perfect system, but it will still catch a lot of troublemakers and help keep your site clean.

Show transcript

This video is part of

Image for Drupal 6 Essential Training
Drupal 6 Essential Training

66 video lessons · 31393 viewers

Tom Geller
Author

 
Expand all | Collapse all
  1. 4m 38s
    1. Welcome
      50s
    2. Using the example files
      3m 48s
  2. 28m 55s
    1. Drupal is a CMS
      7m 43s
    2. Choosing Drupal
      5m 32s
    3. Checking Drupal's requirements
      4m 26s
    4. Understanding the inner workings of Drupal
      4m 35s
    5. Meeting the Drupal community
      6m 39s
  3. 11m 28s
    1. Learning key terms in Drupal
      5m 20s
    2. Touring Drupal's interface
      6m 8s
  4. 34m 35s
    1. Installing WAMP and Drupal on Windows
      9m 41s
    2. Installing MAMP
      4m 34s
    3. Setting up the database on a Mac
      2m 2s
    4. Downloading and installing Drupal on a Mac
      6m 37s
    5. Troubleshooting installation problems
      3m 49s
    6. Automating updates with cron
      7m 52s
  5. 25m 37s
    1. Setting up clean URLs
      5m 52s
    2. Backing up your Drupal site
      3m 31s
    3. Restoring your Drupal site from backup
      4m 19s
    4. Wiping your Drupal installation clean
      2m 7s
    5. Updating Drupal
      9m 48s
  6. 15m 37s
    1. Using the Administration menu
      6m 21s
    2. Setting site information
      4m 50s
    3. Setting the theme
      4m 26s
  7. 35m 8s
    1. Understanding security and permissions
      7m 2s
    2. Controlling site access with user management
      3m 39s
    3. Creating users
      7m 58s
    4. Setting user profiles
      9m 40s
    5. Creating contact forms
      6m 49s
  8. 19m 19s
    1. Creating your site's basic info pages
      7m 13s
    2. Understanding page layout
      5m 40s
    3. Creating a flexible layout with blocks
      6m 26s
  9. 15m 35s
    1. Monitoring performance
      4m 52s
    2. Recovering from disasters
      7m 37s
    3. Improving administration skills
      3m 6s
  10. 41m 3s
    1. Understanding nodes
      6m 50s
    2. Creating basic content: Stories and pages
      7m 9s
    3. Enabling other content types
      9m 22s
    4. Adding blogs
      3m 49s
    5. Adding forums
      6m 56s
    6. Adding polls
      6m 57s
  11. 34m 50s
    1. Exploring content categories
      7m 45s
    2. Exchanging content via RSS
      9m 47s
    3. Using input filters
      7m 41s
    4. Managing comments
      9m 37s
  12. 38m 5s
    1. Configuring your theme
      11m 27s
    2. Changing your theme's graphics
      4m 59s
    3. Finding and installing a new theme
      8m 56s
    4. Understanding Cascading Style Sheets (CSS)
      5m 56s
    5. Deciphering CSS files
      6m 47s
  13. 22m 41s
    1. Finding modules
      6m 53s
    2. Unpacking and installing modules
      6m 30s
    3. Configuring modules
      3m 50s
    4. Implementing complex modules
      5m 28s
  14. 32m 12s
    1. Ensuring automated updates with poormanscron
      3m 11s
    2. Defining custom content types with CCK
      12m 54s
    3. Stopping spam using a CAPTCHA
      10m 43s
    4. Using a WYSIWYG text editor
      5m 24s
  15. 22m 18s
    1. Getting around with multilevel menus
      7m 26s
    2. Building custom menus
      5m 42s
    3. Creating easy-to-navigate books
      9m 10s
  16. 20m 19s
    1. Changing page templates with PHP
      8m 15s
    2. Using PHP in content
      5m 20s
    3. Implementing PHP snippets
      6m 44s
  17. 10m 15s
    1. Launching your site
      5m 52s
    2. Joining the Drupal community
      4m 23s
  18. 14s
    1. Goodbye
      14s

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold
Share a link to this course

What are exercise files?

Exercise files are the same files the author uses in the course. Save time by downloading the author's files instead of setting up your own files, and learn by following along with the instructor.

Can I take this course without the exercise files?

Yes! If you decide you would like the exercise files later, you can upgrade to a premium account any time.

Become a member Download sample files See plans and pricing

Please wait... please wait ...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ.

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

Join now "Already a member? Log in

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed Drupal 6 Essential Training.

Return to your organization's learning portal to continue training, or close this page.


OK
Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member?

Become a member to like this course.

Join today and get unlimited access to the entire library of video courses.

Get started

Already a member?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

The classic layout automatically defaults to the latest Flash Player.

To choose a different player, hold the cursor over your name at the top right of any lynda.com page and choose Site preferencesfrom the dropdown menu.

Continue to classic layout Stay on new layout
Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Are you sure you want to delete this note?

No

Your file was successfully uploaded.

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.