skratchworx news
skratrchworx monthly archive

Skratchworx DJ equipment reviews
skratchworx skratchlounge dj forum
skratchworx downloads
skratchworx links
contact skratchworx
skratchworx RSS
SKratchworx twitter

Custom Search

Skratchworx Dj gear reviews DJ gear reviews DJ Mixer Reviews DJ Turntable reviews DJ CD deck reviews Digital DJ Gear reviews DJ Cart needles review DJ Slipmat reviews DJ accessories reviews
Security or Spam?
Security or Spam?
Posted by Gizmo on May 8, 2008 :

I think it's time to address the somewhat thorny issue of the security code used when making comments. We seem to have a love/hate relationship with it - I love it and you all seemingly universally hate the damned thing. Not wishing to piss you off even further, allow me to explain why it's there and also shed some light on just how bad life would be like without it.

As you can imagine, skratchworx is quite popular in the DJ community, thus it gets a lot of traffic and a lot of other sites linking to it. This in turn attracts a serious amount of unwanted visitors, spambots and all manner of assorted crap trying to be posted in comments old and new. Back before the security code, I'd spend an hour a day deleting every variety of spam know to man, with little success in thwarting their attempts.

Since the code has been in place, I've had no more than 10 spam comments posted. So from my point of view, the code is a massive time saving success, as well as keeping the comments free from all kinds of nastiness that spam brings. As a test, I took the security code down for 10 minutes and received 6 spam comments. Factor that up and you have a grand total of close to 900 potential spam comments a day - something I'm not willing to risk. When you put it in those terms, you can understand why it stays.

For now, it's a matter of grinning and bearing it. I'm very much aware that it has to go - and it will be doing so in a foundation deep knockdown and complete rebuild of skratchworx that is scheduled to happen before September. So for now, I ask for your patience.

Some hints: the main issue seems to be the code timing out. You can type in exactly the right code, yet it still errors. If it does error, usually hitting the back button takes you back to your comments, allowing you to input a fresh code.

From a legibility point of view, it's easy to mix up some characters. Upper and lower case are easy to get muddled - a Zero has a dot in the middle - and some characters like 7s get rotated a little too far and can look like Vs. Just take your time and it should work almost all of the time. I tend to have very few errors myself.

NOTE: No further comments are being accepted.
22 comments to this story

On May 9, 2008, Task said this:
Hi, captcha is definitely the way to go for keeping a site clean but i have found that removing similar characters makes peoples life easier. also, make then all upper or lower case.

I know this makes it a little easier for automated spambots with image recognition but if someone has gone to that extend then they'll get in anyway.

just my 2c
Wicked site! keep up the good work

On May 9, 2008, DJ MoRice said this:
I don't mind the captcha if it actually works. I can almost never get a post through on here. I don't know if it's because I'm fairly colorblind or not getting uppercase correct. But, if you get one that isn't as hard to get correct it would make it much easier to post regular comments.

The captcha is the only reason why I don't comment more. It usually takes me 5 or 6 times to get a post through.

On May 9, 2008, l0ckd0wn said this:
I will never ever complain about the code here on sw_smilie.png. Without that code there would be chaos all over the board. Thank you for having it in place guys! From an IT pro, you guys are doing what ya can to keep your boards neat and tidy! Cheers fellas!

On May 9, 2008, Cisco said this:
i guess ill have to just deal with it :D

On May 9, 2008, DJ Shooter McGavin said this:
my only minor complaint about the security code is that it never works for me on firefox. only on IE

On May 9, 2008, DJ NightLife said this:
"my only minor complaint about the security code is that it never works for me on firefox. only on IE"

I found a temporary way to 'fix' it. On firefox, save the image, you'll see that the code of the saved image is different and it is the good one.

I have no problem with that kind of protection. The only complain is on some sites, the algorhythm makes it totally unreadble. A new protection that is being more popular is the 'intelligent' question to ask. Like ... is fire hot or cold ? or ... what is the color of grass. Less trouble this way in my opinion

On May 9, 2008, Deecore said this:
I use firefox and it works every time?

On May 9, 2008, Cisco said this:
I have issues with firefox, for me it had to be instantaneous submit, so i would edit copy paste my posts. but barely issues with IE

On May 9, 2008, sureshot said this:
Well I can understand having the security code after reading your little test....I wouldn't want that spam coming to me either weird.gif So though it may be a little bit annoying I certainly understand the purpose. Also one thing I do is after I write my comment I hightlight it and Ctrl C it so I can copy it back should I error on the code....sometimes it takes me two time's with the security code so I just go back paste my comment and enter the new code and this usually works. Desperate times call for desperate measures :P

On May 9, 2008, The Axledental DJ said this:
I wonder why spam bots do this in the first place!?!
Is someone purposly atracking Skratchworx for a reason?


On May 9, 2008, qfour said this:
The need for means of protecting your site (and your time) from spam is very understandable. There's no reason for you to burn up a lot of your valueable time deleting crap posts instead of writing up hot and bothered editorials on sexy bits of nextlevelness(tm).

To that end, you already have a user repository where all new users are required to identify themselves and you have contact information that should work (registration email address) to hold the person accountable for what they post. Have you considered leveraging the authentication mechanism of the forum so that people can post comments on news stories? You could still have the CAPTCHA for "anonymous" users, but for users already authenticated for the forums, you could just pass along the user id and post the comment straight away.

As far as the actual mechanism of leveraging the authentication information from a different domain, you could use something like OpenSSO:

I'm not sure what the actual architecture of yoru site is, beyond the fact that it makes use of php. I'm certain that there's some way that you could leverage a SAML assertion for passing identity information.

Just my $.02

On May 9, 2008, gusset scratch said this:
i appreciate the need for the security code, but it needs some tweaking and a short instruction.

is it case sensitive?
can you remove the similar characters?

personally (firefox user) i find that middleclicking view image from the right click menu gives me the correct code, but it took me over a year to suss it out.

it's odd that skratchworx' security code is so temperamental... i've no problems with any other sites that use similar devices.

On May 9, 2008, Lurker said this:
If this passes through then it works, this is my first post "ever" here in Scratchworx.

On May 9, 2008, MouseAT said this:
I wouldn't mind the captcha as long as it works. It's easy to read and enter. It's only annoying when you enter the correct code only for the site to reject it. If you could fix that, it'd be fine.

It's already failed twice when I tried to post this.

On May 9, 2008, J said this:
My only problem is that Firefox, when I use it, hates the code, and very rarely lets me post.

On May 10, 2008, Audio Innovate said this:
Oh the spammers are ruthless. They target every bulletin board in the universe. I had to shut down the Audio Innovate forum once before because of them and reinstall a new platform. Punky manually approves people on the forum because I can't count the number of,,, etc. people who try to register.

The one big thing I would tweak is that on Internet Explorer, if you get the security code wrong, your whole message gets wiped out. OUCH!

On May 11, 2008, BCROGAN said this:

On May 11, 2008, Gizmo said this:
BCROGAN - after sw_smilie.png had a dicky fit the other day, it seems that my hosts have changed something that has effected the way the site works. I've had to removed that dropdown for now until I can fix it.

On May 12, 2008, x2k said this:
Gizmo, I'm a bit of a dab hand with the ol' php and I could certainly modify the captcha code so that it only generates uppercase/lowercase codes and extend the time out. If you're interested pm me on one of the message boards.

On May 13, 2008, Matt said this:
Seems like I can NEVER get it to work.

On May 15, 2008, chu said this:
Static captcha is much easier for you and the readers - you just choose an everyday word one time, render it in an easy to read image and check it on the server like usual. It's just as effective against spambots and makes no difference against human spammers. This guy has used the same one for years on a very busy site - (scroll to the bottom)

On May 21, 2008, DJ Pulse said this:
I know on some systems you can eliminate certain characters from being part of the security code (eg. O, 0, I, 1, L, 7)... either way, I don't mind it to keep the spammers / spambots at bay. smile.gif

Keep 'r up Giz.

© 2011 and may not be reproduced in whole or in part without permission.