Highlighted

Implementing CAPTCHA

Explorer ,
Jul 11, 2014

Copy link to clipboard

Copied

Hi,

Currently, the application is using Cold Fusion 9. Soon to upgrade to Cold Fusion 10 or 11.

I would like to implement CAPTCHA on the login page.

Is there any information on how to implement CAPTCHA in Cold Fusion?

Thanks,

Mike

Correct answer by Endboss_ZA | Community Beginner

tribule wrote:

We use simple sum captchas now e.g. "what is X+Y". Saves using cfimage tags. We find this much easier.

This is a far better strategy than the Captcha itself.

Alternatively you can use a hidden field and not submit the form if it has any data in it (as bots generally fill in everything, hidden or not)

Views

833

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Implementing CAPTCHA

Explorer ,
Jul 11, 2014

Copy link to clipboard

Copied

Hi,

Currently, the application is using Cold Fusion 9. Soon to upgrade to Cold Fusion 10 or 11.

I would like to implement CAPTCHA on the login page.

Is there any information on how to implement CAPTCHA in Cold Fusion?

Thanks,

Mike

Correct answer by Endboss_ZA | Community Beginner

tribule wrote:

We use simple sum captchas now e.g. "what is X+Y". Saves using cfimage tags. We find this much easier.

This is a far better strategy than the Captcha itself.

Alternatively you can use a hidden field and not submit the form if it has any data in it (as bots generally fill in everything, hidden or not)

Views

834

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Jul 11, 2014 0
Adobe Community Professional ,
Jul 12, 2014

Copy link to clipboard

Copied

You implement Captcha in Coldfusion using the cfimage tag or image functions. For more information, search the web for the words cfimage, captcha.

Here is a simple example to convey the flavour:

<cfimage action="captcha" text="a1%b2c">

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jul 12, 2014 0
Explorer ,
Jul 12, 2014

Copy link to clipboard

Copied

How is the value entered in the text box matches the image shown on the page?

Thanks,

Mike

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jul 12, 2014 0
Adobe Community Professional ,
Jul 12, 2014

Copy link to clipboard

Copied

Raymond Camden's Captcha example answers any questions you may have.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jul 12, 2014 0
Engaged ,
Jul 14, 2014

Copy link to clipboard

Copied

We use simple sum captchas now e.g. "what is X+Y". Saves using cfimage tags. We find this much easier.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jul 14, 2014 0
Community Beginner ,
Jul 17, 2014

Copy link to clipboard

Copied

tribule wrote:

We use simple sum captchas now e.g. "what is X+Y". Saves using cfimage tags. We find this much easier.

This is a far better strategy than the Captcha itself.

Alternatively you can use a hidden field and not submit the form if it has any data in it (as bots generally fill in everything, hidden or not)

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jul 17, 2014 0
tribule LATEST
Engaged ,
Jul 17, 2014

Copy link to clipboard

Copied

I have found that bots overcome hidden fields and don't forget bots can submit to remote pages in isolation, so you should always check for submissions for referrers or IP addresses as  best practice as well. The best sort of summation (x+y) captcha is to create two random number variables  (x and y), add them together and perhaps also add another random value on to to this, also kept in memory, perhaps a application variable known only to the server, encode the whole sum (base 64 would be ok to overcome most bots, but you could hash it with better encryption functions in CF if you wanted). Then when user submits the answer, you decrypt your answer with the application variable key, and then compare them. If they match, the user is most likely human! Image captchas are a pain since they are often so complex they drive users mad.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jul 17, 2014 0