Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to implement Stack Overflow's "are you a human" feature?

On this site if you do too many clicks or post comments too fast or something like that you get redirected to the "are you a human" screen. Does anybody know how to do something similar?

like image 412
Omu Avatar asked Mar 04 '10 15:03

Omu


2 Answers

It's almost certainly a heuristic that tries to "guess" that a user is some form of automated process, rather than a person, for example:

  • More than "x" requests to do the same thing in a row
  • More than "x" actions in a "y" period of time

Ordinarily the "x" and "y" values would be formulated to be ones that it would be unlikely for a "real person" to do, like:

  • Editing the same answer 5 times in a row
  • Downvoting 10 questions within 1 minute

Once you've got your set of rules, you can then implement some code that checks them at the start of each request, be it in a method that's called in Page_Load, something in your masterpage, something in the asp.net pipeline, that's the easy bit! ;)

like image 54
Rob Avatar answered Nov 15 '22 18:11

Rob


Here is a very nice Captcha Control for asp.net that first of all you need

http://www.codeproject.com/KB/custom-controls/CaptchaControl.aspx

Then you can use it together with this idea that try to find the dos attacks

http://weblogs.asp.net/omarzabir/archive/2007/10/16/prevent-denial-of-service-dos-attacks-in-your-web-application.aspx

be ware of a bug in this code in line if( context.Request.Browser.Crawler ) return false;, its must return true, or totally remove it for sure.

and make it your compination for the clicks, or submits.

If a user make too many clicks on a period of time, or many submits, then you simple open the capthaControl, and if the clicks are by far too many, then triger the dos attact. This way you have 2 solution in one, Dos attact prevent, with captcha at the same time.

I have made somthing similar my self, but I have change the source code of both, a lot to feet my needs.

One more interesting link for a different code for the dos attack.

http://madskristensen.net/post/Block-DoS-attacks-easily-in-ASPNET.aspx

Hope this help you.

like image 21
Aristos Avatar answered Nov 15 '22 16:11

Aristos