I am pleased to announce the release of CAPTCHA v2.0 Plugin
[*1] for Geeklog. CAPTCHA 2.0 provides an additional level of defense against spam bots. This new release builds upon the original gl-captcha hack and now provides easier installation and easier integration with Geeklog and other plugins. I
Beginning with CAPTCHA v2.0 there has been a joint effort with the Geeklog development team to add support for using this plugin with several core Geeklog features. Starting with Geeklog v1.4.1
, if the CAPTCHA v2.0 plugin is installed, you can now enable CAPTCHA support for the following Geeklog functions:
- New user registration
- Post comment
- Email user
- Email story
- Story submission
This integration does not require any code modifications to the Geeklog distribution, support is there out of the box.
Also, beginning with Forum v2.6
[*2] , support for using the CAPTCHA plugin is also available. Forum v2.6 will support displaying the CAPTCHA block on the topic entry screen.
I would like to express my thanks to Dirk and Blaine for allowing these integrations with Geeklog and the Forum plugin and for their ideas and feedback on implementation.
Enabling support for the core Geeklog features and the Forum integration is controlled in the CAPTCHA config.php file. The following items can be configured:
- Anonymous users only (only display CAPTCHA block if user is not logged in)
- New user registration on / off
- Post comment on / off
- Email user on / off
- Email story on / off
- Story submission on / off
- Forum topic entry on / off
- Graphics driver (GD Libs, ImageMagick, none)
- Graphics Format (jpg or png)
For existing gl-captcha users there are no major feature enhancements to require upgrading unless you wish to take advantage of the Geeklog v1.4.1 or Forum v2.6 integration.
The implementation of the Geeklog custom registration has changed so if you plan on upgrading and still using the custom registration integration, please see the install_doc.html file included in the distribution for details on upgrading.
Support for CAPTCHA v2.0 can be found at http://www.mediagallery.org or the Plugin Support forum at http://www.geeklog.net.CAPTCHA Pros and Cons
Whether or not a CAPTCHA implementation is the correct solution to meet your needs is only a question you can answer. CAPTCHAs do have drawbacks; the main drawback to any CAPTCHA implementation is that is makes it almost impossible for visually impaired individuals to use. In some cases, even those users who are not visually impaired may have a difficult time reading the CAPTCHA string since they are designed to be difficult to read. Also, there may be accessibility laws in your area that you must conform to as well.
CAPTCHAs are not fool proof and they are not a final solution against spam bots. OCR (Optical Character Recognition) has been used to break many CAPTCHA implementations. Also, there have been reports on using cheap 'sweat shop' labor to get around CAPTCHA implementations by having people perform the registrations en mass. See Wikipedia for a more detailed discussion on drawbacks and how CAPTCHA can be circumvented.
CAPTCHA is only one layer of protection against spam bots. You should consider using the other protections available for the latest release of Geeklog, the Bad Behavior plugin
[*3] , Dirk's SLV Spam-X class
[*4] and trackback validation