Hello!. Not so long ago, I had a problem on my site: the captcha, which used to work for quite a long time and worked properly, stopped doing it. Recently, the number of spam comments has reached 70 per day, agree that this is overkill to put it mildly. It was clear that the old plugin was not working and a new solution had to be found.

Comments are essentially divided into two types: automatic and manual. Manual, as the name implies, are left by living people, usually in small numbers. But here are the automatic comments that are left by robot programs, on a colossal scale, and especially if this is a blog with high traffic.

Why did I choose reCAPTCHA?

After looking for a solution in the open spaces of Runet, my eyes fell on reCAPTCHA from Google. Previously, I already thought about putting this captcha on the blog, but the fact is that earlier the captcha itself was too complicated, and then I abandoned it. In the new version of the captcha, Google took into account all the shortcomings of the previous version and created a captcha, which, in terms of simplicity and convenience, was an order of magnitude ahead of all its competitors.

Here's a look at how Google's recaptcha will look like for 99.9% of your website visitors:

And this is how it will look in case of force majeure (if the algorithm, after conducting a dozen tests for humanity, still doubts):

Registering a site in reCAPTCHA and installing it on your blog

First you need to go to the official reCAPTCHA page (https://www.google.com/recaptcha/admin#list) and add your website there in order to get two keys in return, which you will need in the future for the captcha to work.

Registration is an indication of the captcha name in the system and Domain name of your site where you plan to use this same captcha. Fill in all the fields and click "Register".

After that, you will be taken to the administration panel of the reCAPTCHA service for your site. If you want, you can add it to your browser bookmarks so that you don't have to look for it later. Over time, in the process of work, reCaptcha will start showing you statistics on work, but for now, from this panel we can take the very keys without which "I'm not a robot" will not work.

Below you will see instructions on how to carry out the integration. To be honest, it was not very clear to me, so it was decided to solve this issue using a plugin for integrating reCAPTCHA into WordPress. Searching the Internet, I found a simple and functional plugin– No CAPTCHA reCAPTCHA (https://wordpress.org/plugins/no-captcha-recaptcha/).

Setting up and working the No CAPTCHA reCAPTCHA plugin in WordPress

First we need to install the plugin itself, for this go to the administrative WordPress dashboard, select "Plugins" - "Add New" from the left menu, enter No CAPTCHA reCAPTCHA in the search box and install. Next, do not forget to activate it and go to its settings (at the bottom of the left menu you will find a new item "No CAPTCHA reCAPTCHA").

In addition to all of the above in the plugin settings, you can also set color scheme light or dark, as well as either provide captcha with the ability to guess the user's language itself, or set it forcibly.

After you save your changes to your blog, spam protection immediately appears, and now you are protected from automatic comments that are generated by programs like Chrumer, at fantastic sizes, especially if you have a large project.

I hope this article about reCAPTCHA by Google was helpful to you. If you have any additions or questions, feel free to leave your comments.

Captcha (CAPTCHA), requiring to prove that "I'm not a robot", appears on an increasing number of sites and services, and annoys users. There are several reasons why sites mistake visitors for bots and require the introduction of verification characters. Is it possible to get rid of the repetitive check, what needs to be changed in the browser settings and the Vkontakte page, how to bypass the captcha using VPN services?

What is a captcha?

CAPTCHA is Turing's automated public test. It allows you to identify a bot among site visitors. The mechanism for protecting web services from spam was developed in 2000 by a team at Carnegie Mellon University. The idea of ​​the test is that the proposed task is easily performed by humans, but inaccessible to machines.

Most often, users need to enter characters from the picture. They are depicted with noise, or translucent, so that the machine could not recognize them. Initially, the system worked well, reduced the load on the sites, saved them from fake comments.

Seven years after the creation of the Turing test, a modification appeared - reCAPTCHA. People were asked to recognize words in scanned editions of The New York Times. Spam protection also helped to digitize the publication.

But computers became more powerful and were able to recognize characters. Therefore, other options appeared: search for cats, road signs in pictures, or a check mark next to the phrase “I am not a robot.”

A useful test for site administration began to annoy users. Sometimes you have to enter captcha several times to see some page. Captcha in VKontakte becomes a separate problem.

There are several reasons why the user has to constantly prove that he is not a robot. Even if a person does not spam, but simply leaves comments or communicates on social networks, he may be harassed by typing characters.

Suspicious traffic from the computer. Browser extensions or viruses on a user's device can become part of a bot network. For this, reCAPTCHA blocks his IP address.

Bad Company. Providers allocate one real IP for a group of subscribers. Therefore, if one of them is a bot, it is blocked, and the whole group is blacklisted.

Turn off JavaScript on your smartphone. The reCAPTCHA mechanism is the JavaScript code on the site. Codes are used not only by services, but also by scammers, so JavaScript is disabled in smartphones for security in browsers. This causes reCAPTCHA to malfunction.

How to get rid of captcha

Change settings

Users Google Chrome can get rid of annoying protection by disabling a number of extensions. An ad-blocking extension like AdBlock or the RDS Bar plugin often results in captchas.

Another option for computers is to reconnect to the internet. After rebooting the modem or router, the user can get a new external address and get rid of annoying checks.

iPhone owners can open the "Add-ons" tab in the Safari settings section and enable JavaScript. Android users in Chrome, you need to click on the menu with three dots, go to "Settings", open "Site Settings" and also activate JavaScript. Another option for mobiles is to briefly turn on airplane mode, after which the smartphone will be re-registered on the network and will be able to get a clean IP.

You can get rid of VKontakte captcha in a few minutes. In the page settings, go to the "Security" section, click on "Show activity history". A pop-up window will show the history of visiting the site and the IP from which the login was made.

If there is an address in the list that differs from the user's address, you need to click "End all sessions". And then change the password. In addition, captcha appears less frequently if the page is linked to a phone number.

Special Services

If you are too lazy to enter captcha even occasionally, other users will do it for a fee. On specialized web services, they will take about 40 rubles for solving a thousand pictures. The user will receive a special key that allows him to forget about the annoying test.

Dynamic IP

If witchcraft with the settings did not help, you will have to use VPN services. Large companies provide this service for a fee. But there is also free services with good interface and convenient to operate. For example, the CyberGhost VPN program ( free download >>).

The service works with all popular browsers and is perfectly secure thanks to the OpenVPN protocol with 256-bit AES encryption. You can only run it for free on one device. The user will have access to 37 servers in 12 countries, work without interruption for about three hours, after which he must reconnect and continue working.

HOW TO DISABLE "I AM NOT A ROBOT" IN THE BROWSER WINDOW

Often, many computer users are faced with a situation where, when trying to find some information on the Internet in a browser window, instead of search results, they see a picture offering to confirm that they are not a robot. And for further surfing the Internet, unfortunate users have to type captcha or stare at blurry pictures, in general, waste time to prove that they are not robots, but just people who wanted to go online. In this article, I propose to understand why this happens and how to deal with this problem.

For those who are more accustomed to watching and listening than reading, this article is posted on YouTube at this address.

Why is this happening?

First, let's figure out why this happens. First, this problem is due to the fact that some search engines have taken the responsibility to control the "behavior" of users on the Internet. This is usually done to prevent the use of specialized programs that imitate the actions of ordinary Internet users visiting various sites.

Secondly, such a situation can arise when Internet users excessively use the services of various anonymizers, VPN clients, and also use other tricks to hide information about the Internet user or replace it with another one (real or virtual).

In what browsers does it happen?

This can happen in any browser that uses Google or Yandex search engines. Moreover, in this matter, the search engine "Google" shows great "maliciousness". Figure 1 shows appearance"manifestations of distrust" to the user from the search engine "Google". Figure 2 shows a similar situation with the Yandex search engine.

Figure 2 (see 1 Figure 2) shows an example of a captcha for identifying an Internet user in the Yandex search engine. Figure 3 shows an example of identification in the Google search engine.

To deal with this situation, various users use various ways. Someone stubbornly peers into the proposed text or picture, types this text or clicks on the “correct” images, someone fights this trouble with the help of specialized programs, and someone just spit on this situation and stops trying to find the answer on the Internet to his question.

But the solution to this problem is extremely simple (at least in this moment).

Ways to get around the "I'm not a robot" problem when searching for information on the Internet

First, cut to necessary minimum the use of various anonymizers, VPN clients, etc.

Secondly, as noted above, this problem does not depend on the browser used, but only on the search engine. From this it follows - just go to another search engine. At the moment, the most reliable and not biased in this matter are the search engines "DucDucGo", "Yahoo" and "Bing". There are other search engines that, in a rush to block search spam (manual and machine), have not yet tried to mock Internet users who, for some reason, "too hard" disguise themselves. If you don't want to change settings search engines and browsers on your computer, once selected by you, just set the links to the above search engines in the bookmark bar of your favorite browsers. And when "Google" or "Yandex" require you to prove that you are not a robot, just open any of these links and re-enter your search query in the search bar.

I do not give direct links to the indicated search engines, because they (links) can change from time to time, and keeping track of the changes is quite difficult, especially remembering in which article and in which place this link was used. You can always find these links on the Internet.

Thirdly, if you still have an urgent need to use the Google or Yandex search engines while searching the Internet (for example, you were blocked on some site), then when searching, use not a search phrase, but a specific URL. Google, unlike Yandex, loves this very much.

Well, in conclusion, as I said above and in the article "", you should not excessively, unnecessarily use the services of anonymizers, VPN clients, etc. and too often hiding on the internet. First, it is easy to calculate. Secondly, despite the fact that the distributors of "anonymous surfing" services shout in unison that their services are absolutely safe, this is far from being the case. Who can be sure that by installing on your vpn computer client, don't you put some trojan along with it? Who can be 100% sure that anonymizer servers do not keep a log of your actions through their server? And in general, how did you check the reliability of companies that provide anonymous surfing?

There are other ways to turn off the "I'm not a robot" identification system. I suggested one of them and, in my opinion, the simplest. I do not know how long it will work, because. Recently, most search engines have become too fond of "keeping a finger on the pulse" (more precisely, on the throat) of their users and forcing them to constantly register and give them their confidential information.

Itsenko Alexander Ivanovich

Hello, dear readers of the blog site. Literally a bit of time I want to devote a relatively new captcha from Google (it was announced about a year ago), which replaced the old and confused one. Previously, probably few bloggers in their right mind could put the brainchild of Google on their website or blog - it was very dreary to solve the letter puzzles offered there. All the convenience of commenting was lost.

Actually, at that distant time, I still used a perfectly working . To pass it, you just had to put check the box "I'm not a robot" and all (of all possible). If the checkbox was not checked, then the message fell into the basket in the WordPress admin panel, or when the basket was disabled (as in my case), it was simply not added to the database. An ideal option, in my opinion, because it did not create any particular inconvenience for the commentator.

Then this plugin stopped working, and I used it with success for about six months, but this method also stopped working after updating WordPress to version 4.4. During this time, I tried a couple of plugins that filtered out spam based on the analysis of the addressee and content (Antispam Bee and CleanTalk). The first confused quite a lot (spam is not spam, but non-spam is spam), and the second, contrary to expectations, did not reduce, but increased the load on the server (and it was also paid).

In general, I decided to return to the proven method - installation of the simplest of the existing captchas. DCaptcha no longer works, but the giant Google has seriously simplified its initially monstrous reCAPTCHA and reduced the entire check to the very “I'm not a robot” checkbox. Unfortunately, I'm too dumb to figure out how to tie this thing to the site without a plugin (although I tried it), so I had to use the services of the No CAPTCHA reCAPTCHA plugin. But first things first.

Spam mitigation techniques and why reCAPTCHA?

As you probably know spam can be manual and automatic. You can protect yourself from the first only by including the mandatory moderation of all incoming messages before publishing them on the blog - then for sure no "radish" will break through.

But manual spam is usually a tiny trickle compared to the full-flowing river of autospam. The latter can be generated, for example, by Khrumer in simply fantastic volumes. Personally, it’s not even the fact that several hundred spam comments come to my WordPress admin panel per day that annoys me more, but the fact that they are monstrously long and you get tired of scrolling to the “Delete” button. In general, this problem is real and all the more relevant, the more popular your blog is.

It makes no sense to deal with manual spam (due to the doom of this struggle and because of its insignificant volume), but something needs to be done about autospam. It's like there is two main approaches:

1. Filter already added to WordPress database comments for spam / non-spam and shove them into the appropriate folders. Unfortunately, plugins that work on this principle give out a lot of marriage and just clearing the Spam folder without viewing its contents will not work if you do not want to lose dozens of really valuable comments sent by active readers of your blog.
2. Attach an additional check to the form for adding a comment on who exactly leaves this message - a live person or a bot. The task of identifying this difference is called the Turing test and is solved in the vast majority of cases using the so-called captcha (derived from CAPTCHA, which is an abbreviation for a set of smart words). The main problem with this method of fighting spam is that you strain the commenters by solving the “rebus” (captcha), which can discourage them from even any desire to continue trying to leave a message.

However, captchas, as already mentioned, are quite simple. Google has taken a major step in this direction and now his new reCAPTCHA just an example of simplicity and elegance for the vast majority of users who come to your site (although a small number of them may still be asked to enter characters from the picture if the algorithm has doubts about its humanity).

This is how Google's reCaptcha will look like for 99.9% of your website visitors:

Well, and like this, in the event of a force majeure (if the algorithm, after conducting a dozen tests for humanity, is still confused):

The strength of this protection can be judged by the fact that on services for recognizing captcha (or) they take twice as much money for recaptcha. A very telling figure.

Well, as if the choice is made - it is necessary to implement it.

Registering a site in reCAPTCHA and installing it on your blog

Registration is simply an indication of the name and domain name of your site, where you plan to use this very captcha:

After that, you will be taken to the admin panel of the reCAPTCHA service for your site (it probably makes sense to add it to your browser bookmarks). Over time, statistics on the operation of this captcha will be displayed there, but for now, the most important thing that we can learn from here is just the same keys, without which "I'm not a robot" will not work:

Below are the installation instructions. Everything is clear in the "Client-side integration" area, but simply installing the above code in the indicated places is not enough. Captcha will be displayed, but spam will not be filtered. In the “Server-side integration” area, I don’t understand anything at all. I'm dumb for this.

Therefore, the decision was made use plugin to integrate reCAPTCHA in WordPress, fortunately, there are a lot of options for such plugins (read). True, three of them did not work for me (the captcha did not appear in the comments area). After several unsuccessful attempts, I had to turn to smart people for a solution, where I was noticed and subsequently successfully installed a plug-in with an intricate name (such as non-oil oil) -.

Setting up and working the No CAPTCHA reCAPTCHA plugin in WordPress

Well, actually, go to the WordPress admin panel, select "Plugins" - "Add New" from the left menu, enter No CAPTCHA reCAPTCHA in the search box and install. Don't forget to activate it, and then in the usual way go to its settings (at the bottom of the left menu you will find a new item "No CAPTCHA reCAPTCHA").

Actually, here, of all the settings, the most important is, again, entering the keys obtained just above on the reCAPTCHA website:

After saving these changes, the plugin immediately stands up for your comments from spammers.

And not just comments. In the settings you can protect the WordPress admin login form with this captcha:

Even in the settings, you can replace the light color scheme of the recaptcha with a dark one, as well as either allow the captcha to guess the user's language itself, or set it forcibly.

Actually, everything. I haven't forced a cache reset in WordPress yet (I've only updated articles that Hrumer is traditionally not indifferent to), so reCAPTCHA is not displayed on all pages. So far, no complaints have been noticed in the work.

Good luck to you! See you soon on the blog pages site

You may be interested

How to get rid of spam WordPress comments in 5 minutes (no captcha and no plugins) Where to download WordPress - only from the official site wordpress.org Missing left menu in WordPress admin after update
How to enter the WordPress admin panel, as well as change the administrator login and password given to you when installing the engine How to automatically add an Alt attribute to your WordPress blog's Img tags (where they don't exist) Free themes and templates for WordPress - where to download them How to disable comments in WordPress for individual articles or the entire blog, as well as remove or vice versa include them in the template Emoticons in WordPress - what emoji codes to insert, as well as a plugin Qip Smiles(beautiful emoticons for comments) How to find the ID of a category, post or page in WordPress and how to return the ID column to the WordPress admin Blank page when viewing large posts (articles) in WordPress
How to update WordPress manually and automatically, as well as the Database Backup plugin for backup

Experts have finally improved the captcha, saving the user from having to enter words and perform other incomprehensible actions. From now on, bot recognition technology is able to independently determine whether a person is in front of it or not. figured out how the war with the machines began and who wins in it.

New Hope

Captcha (CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart) is an automated public Turing test aimed at identifying computers among website visitors. This protection mechanism should protect sites from spam, automatic registrations, cheating and other hard-hitting things that bots usually do.

The classic captcha is the need to decipher a heavily distorted text that is difficult to recognize by software algorithms. Google Technology The aptly named No CAPTCHA departs from the standard concept of an automated Turing test and evaluates the user's behavior on the network, and not his ability to guess words.

The user needs to perform the simplest action - tick the statement "I'm not a robot." At this point, a special script evaluates indirect parameters that indicate a possible bot: information about the time spent on the page, IP address, and so on. If No CAPTCHA has doubts that the user is a human, then it will offer to perform a simple task, such as searching for a specific object in pictures or entering a standard captcha.

Compared with classical system, even the current implementation of No CAPTCHA does not particularly burden users. And the advanced technology does not even require ticking. When checking, a small window will open on the screen, in which a checkmark is automatically checked, informing the user that he is still not a robot. If the system is not sure about this, it will run the same verification mechanism as before.

Talking about No CAPTCHA, developers are limited to links to machine learning and advanced risk analysis that adapts to new threats. And they can be understood: without knowing the principle of the system, hackers will not be able to bypass it.

Birth of a legend

The original version of captcha was developed in 2000 by specialists from the American Carnegie Mellon University. The team, led by Luis von Ahn, set out to create a defense that is resistant to recognition and guessing. This means that the captcha must be unsolvable for text recognition systems and other algorithms, and also it cannot be guessed in a small number of attempts (less than 1000). But for a person, it does not present any difficulty.

One of the first and easiest ways to bypass protection is to turn to ordinary user. Spammers simply paid, and ridiculous money - a cent per picture, but in poor countries this is a lot. But in general, the system was effective, and the developers were already puzzled by a completely different problem.

Captcha creators understood that millions of users spend a lot of time solving ciphertext puzzles, and it would be nice to channel these resources into a useful direction. So in 2007, reCAPTCHA appeared, combining, as they say, pleasant with useful. Its key feature is that the system not only protects websites from bots, but also performs the function of decrypting archived documents.

ReCAPTCHA prompts the user to enter not one, but two words, which is quite rare in other systems. The secret is that one word is already known to the system, and it will be checked against it, and the second is taken from a scanned document that cannot be decrypted by the algorithm. Thus, when passing the test, the user helps to decipher the real text from the old document. Of course, no one will pay him for this, and few knew about such a trick.

When archive numbers were decrypted using reCAPTCHA, the authors of this system were noticed by Google. As a result, the “corporation of kindness” bought the service (in 2009) and took up the decoding of old books, and then the recognition of fragments of images from Google Street View. Thanks to the service, approximately 100 million words were digitized per day, which yielded more than two million books a year.

Besides reCAPTCHA, there are many other options. Craftsmen from all over the world create defense systems using logical and mathematical problems, integrate simple games and develop more and more advanced options. But the classic captcha with text remains one of the most balanced systems, although it no longer saves from bots.

Useless defense

One of the main problems of any captcha is its execution. Bots are not a problem for users, but for site administrators. It is incorrect to shift its solution to ordinary people, especially since when entering the next captcha, users experience only irritation.

With the development of algorithms and artificial intelligence, many protection mechanisms have become almost useless. Such a fate befell audio and video captcha, as well as many protection options with logical questions and pictures. In 2014, Google itself demonstrated an algorithm capable of recognizing and hacking even the most complex images reCAPTCHA with a 99.8% chance. By the way, this indicator is even higher than that of a person.

There are many complaints about reCAPTCHA itself. First of all, the need to enter two words increases the time to complete the task. We should not forget that the user helps to decipher the books, thereby doing work for Google, and no one pays him for this work. Therefore, the step of the search giant to change the usual captcha to something smarter and more inconspicuous looks right. The only question that remains is how smart the system will work and whether it will definitely make life easier for ordinary users.