Home

Projects
Password Generator
Virtual Brain Online
ION Fire Mode Switch
Work Order TS
EvE Prod Calc
CAPTCHAv2
User-Agnet/IP
md5/sha1
Mirko's Admin Kit

Virtual Brain Online Logo

Bookmark: Root \ \ How can CAPTCHAv2 be used as a bot trap

How can CAPTCHAv2 be used as a bot trap


Last Updated: 2010-04-18

Bot traps attempt to make bots follow a link regular users don't see or won't follow.

CAPTCHAv2 can be used as a bot trap by using it's write to .htaccess and whitelisting feature. While other bot traps use easily faked user agent, CAPTCHAv2 blocks by IP and runs validation on the IP, see How does it work.

I will cover the hidden link way of setting a bot trap.
First I am going to create the directory market_report_2009/
Next I will deny this directory to all bots honoring robots.txt by adding 

User-agent: *
Disallow: /market_report_2009/
at the end of the file.

Almost done, now I will create the index.php file inside market_report_2009 with the following
<?PHP
//Bot Trap
$inc_dir = '../captchav2/'; //Path to class files
require_once $inc_dir.'class_sql.php';
require_once $inc_dir.'class_captcha.php';
$captcha = New captcha( $inc_dir , 'eng');
$captcha->blocklist_cache($captcha->user_ip, 0, 'bot_trap' );
$captcha->add_to_htaccess();
?>
You can add more information to the bottom of the file so that a user who followed the trap by accident knows what is going on.

Last step is to hide the bot links, I have created a 1x1pixel transparent gif to use as a bot trap link. I added a link right under the <body> and above the </body> tags. I did this because some bots will read a page from the bottom up while others read it top to bottom.
So it looks something like this
<html>
<head>
......
</head>
<body>
<a href="/market_report_2009/index.php"><img src="/grfx/1pix.gif"  alt="" border="0" align="left" /></a>

...... page content .....

<a href="/market_report_2009/index.php"><img src="/grfx/1pix.gif"  alt="" border="0" align="left" /></a>
</body>
</html>
The above will add a tiny 1x1 pixel link to the top and bottom left corners of the page. It will catch poorly written bots who don't honor robots.txt.

You can test the trap yourself by going to http://www.yourserver.com/market_report_2009/
The first page load will add you to the .htaccess file, the second load will redirect you to the abuse.php file which will give you the ability to unblock your own IP. Keep in mind that the test will fail if your own IP is whitelisted in the database.....


 

User Comments:

No Comments yet .....

 

Add Your Comment:

Note: All posts require administrator approval. Please allow 24 hours for message approval.

Name:
E-Mail:
Title
Plain text only, less then 65 000 characters.

Please answer the question above and type the answer into the text box below.