You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have a contact form that is subject to spam. I'm currently using reCAPTCHA to protect it but clearly bots are getting past it.
Is this a good use case for mCaptcha?
The home page says that mCaptcha is a xCaptcha drop-in replacement.
But when I tried to use it by creating a account on the demo platform, I had to provide maximum traffic metrics.
It seems that mCaptcha is more of a rate-limiting/anti-DDOS tool than a reCAPTCHA/hCaptcha replacement?
Can it be used to protect contact forms, registration forms, etc. against bots?
The text was updated successfully, but these errors were encountered:
Basically there's no way to prevent spam completely.
You can just make it so hard that it is simply not feasible for attackers to send spam anymore.
ReCaptcha and HCaptcha can be cheaply solved by human workers. Sad but true.
mCaptcha is more or less a smart anti-ddos tool which however can make it so hard for attackers to verify it in your contact form that it doesn't make sense to attack any further. Compared to traditional anti-ddos stuff not your server is rate limiting anyone, but the puzzles which the clients need to solve will simply get increasingly difficult. If one puzzle takes e.g. 30s at some point the attacker can't send more than one request every 30s and additionally completely uses up their CPU ressources by doing that. You harm their infrastructure basically. Proof-of-Work works well on the popular "friendlyCaptcha" service, so should work for you by using mCaptcha as well I guess.
Just be sure to set some high values so that solving isn't done in 1s.
Sorry for the possibly stupid question...
I have a contact form that is subject to spam. I'm currently using reCAPTCHA to protect it but clearly bots are getting past it.
Is this a good use case for mCaptcha?
The home page says that mCaptcha is a xCaptcha drop-in replacement.
But when I tried to use it by creating a account on the demo platform, I had to provide maximum traffic metrics.
It seems that mCaptcha is more of a rate-limiting/anti-DDOS tool than a reCAPTCHA/hCaptcha replacement?
Can it be used to protect contact forms, registration forms, etc. against bots?
The text was updated successfully, but these errors were encountered: