{"id":15911,"date":"2024-02-01T08:09:36","date_gmt":"2024-02-01T13:09:36","guid":{"rendered":"https:\/\/carleton.ca\/webservices\/?p=15911"},"modified":"2024-06-26T09:34:40","modified_gmt":"2024-06-26T13:34:40","slug":"captchaing-the-moment-with-forms","status":"publish","type":"post","link":"https:\/\/carleton.ca\/webservices\/2024\/captchaing-the-moment-with-forms\/","title":{"rendered":"CAPTCHAing the moment with Forms"},"content":{"rendered":"\n<section class=\"w-screen px-6 cu-section cu-section--white ml-offset-center md:px-8 lg:px-14\">\n    <div class=\"space-y-6 cu-max-w-child-5xl  md:space-y-10 cu-prose-first-last\">\n\n            <div class=\"cu-textmedia flex flex-col lg:flex-row mx-auto gap-6 md:gap-10 my-6 md:my-12 first:mt-0 max-w-5xl\">\n        <div class=\"justify-start cu-textmedia-content cu-prose-first-last\" style=\"flex: 0 0 100%;\">\n            <header class=\"font-light prose-xl cu-pageheader md:prose-2xl cu-component-updated cu-prose-first-last\">\n                                    <h1 class=\"cu-prose-first-last font-semibold !mt-2 mb-4 md:mb-6 relative after:absolute after:h-px after:bottom-0 after:bg-cu-red after:left-px text-3xl md:text-4xl lg:text-5xl lg:leading-[3.5rem] pb-5 after:w-10 text-cu-black-700 not-prose\">\n                        CAPTCHAing the moment with Forms\n                    <\/h1>\n                \n                                \n                            <\/header>\n\n                    <\/div>\n\n            <\/div>\n\n    <\/div>\n<\/section>\n\n\n\n<p>Occasionally, we come under attack.<\/p>\n\n\n\n<p>For once, it&#8217;s not for our dress sense. Instead, it&#8217;s a malicious cyber-attack. This occurs a few times every year: a malevolent entity out there (in the form of a bot) finds a form on a 杏吧原创 website and bombards that form with multiple submissions. In the latest attack, in less than twelve hours, 76,000 submissions were made to one event sign-up form. We are a popular university, but we aren&#8217;t <i>that <\/i>popular. These spam attacks by bots are becoming much more frequent and we have to take them seriously.<\/p>\n\n\n\n<h2 id=\"ways-to-fight-spam\" class=\"wp-block-heading\">Ways to fight spam<\/h2>\n\n\n\n<p>Thankfully, there is a very simple and effective solution. We can add a <strong>CAPTCHA<\/strong> field to a form. This is a small checkbox that the person completing the form must click on to prove they are human. If they are human, then they can proceed.<span class=\"Apple-converted-space\">&nbsp;<\/span><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/carleton.ca\/webservices\/wp-content\/uploads\/sites\/3\/Screen-Shot-2021-03-19-at-9.00.01-AM-240x101.png\" alt=\"The captcha field is a checkbox, asking if the user human.\" class=\"wp-image-15960\"\/><\/figure>\n\n\n\n<p>Great news! Unfortunately, it is not quite that simple. We have literally thousands of forms on the 700 websites we help manage and maintain at 杏吧原创. For each website we need to turn on a special application, which is a three-step process for us. Then someone has to go in and add the CAPTCHA field in each and every form.<\/p>\n\n\n\n<p>Yes, thousands of form edits are required. For this, we must mobilize you to add the CAPTCHA field to as many forms as possible.<\/p>\n\n\n\n<h2 id=\"how-to-solve-the-problem\" class=\"wp-block-heading\">How to solve the problem<\/h2>\n\n\n\n<p>There are a few steps to take to address the vulnerability in your forms using CAPTCHA.<\/p>\n\n\n\n<p>Firstly, you can <a href=\"https:\/\/itsjira.carleton.ca\/servicedesk\/customer\/portal\/5\" target=\"_blank\" rel=\"noopener noreferrer\"><b>request we enable CAPTCHA<\/b><\/a>&nbsp;&#8211; there are hundreds of sites and we have to go through a process with each site individually to enable CAPTCHA. Initially therefore we will only enable it on sites where an administrator is keen to get rolling and place CAPTCHA on their forms. To start the ball rolling please <a href=\"https:\/\/itsjira.carleton.ca\/servicedesk\/customer\/portal\/5\" target=\"_blank\" rel=\"noopener noreferrer\"><b>request this from us<\/b><\/a> with a list of all the websites you administer.<\/p>\n\n\n\n<p>Secondly, you might find that there are several forms in the back end of your site. Some sites have 250 forms. Not all these forms are still required. Some are test forms built by you, your colleagues, or by Web Services. Others were used for a specific purpose and their day has come and gone. To save yourselves a lot of time you might wish to <b><a href=\"https:\/\/carleton.ca\/webservices\/2021\/when-to-delete-a-form\/\">run an audit of these forms<\/a> <\/b>now, so that you don\u2019t have to add CAPTCHA to forms that are no longer in use. <b>Please <a href=\"https:\/\/carleton.ca\/webservices\/2021\/when-to-delete-a-form\/\">read our tips<\/a><\/b>&nbsp;on how to safely decide if a form can be deleted<span class=\"Apple-converted-space\"> or switched off.<\/span><\/p>\n\n\n\n<p>Lastly, you can add the CAPTCHA field. That is the easy part:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In the back end of your site, click on <b>Forms <\/b>and then click on whichever form to which you wish to add the CAPTCHA<span class=\"Apple-converted-space\">&nbsp;<\/span><\/li>\n\n\n\n<li>Once you are in the form editing screen, click on the panel on the right hand side marked <b>Advanced<\/b>.<\/li>\n\n\n\n<li>Towards the bottom of the list of fields you should see <b>CAPTCHA<\/b>. Click on that. This will automatically add the field as the last field before the <b>Submit<\/b> button on your site*.<\/li>\n\n\n\n<li><b>Update<\/b> the form.<\/li>\n\n\n\n<li>You can view the front end of your form to check that CAPTCHA is switched on<\/li>\n<\/ol>\n\n\n\n<p>That is it: rinse and repeat on all of your live forms. This will protect your forms from non-humans (until the machines become sentient and start to take over).<\/p>\n\n\n\n<p>\u2014\u2014\u2014<\/p>\n\n\n\n<p>*If you add a CAPTCHA field to the form and it reads the following, then please <a href=\"https:\/\/itsjira.carleton.ca\/servicedesk\/customer\/portal\/5\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>request we switch on CAPTCHA<\/strong><\/a> for your site(s):<span class=\"Apple-converted-space\">&nbsp;<\/span><\/p>\n\n\n\n<p><em>To use the reCAPTCHA field you must do the following:<\/em><\/p>\n\n\n\n<p><em>1 &#8211; Sign up for an API key pair for your site.<\/em><\/p>\n\n\n\n<p><em>2 &#8211; Enter your reCAPTCHA site and secret keys in the reCAPTCHA Settings section of the Settings page<\/em><\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Occasionally, we come under attack. For once, it&#8217;s not for our dress sense. Instead, it&#8217;s a malicious cyber-attack. This occurs a few times every year: a malevolent entity out there (in the form of a bot) finds a form on a 杏吧原创 website and bombards that form with multiple submissions. In the latest attack, in [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":"","_links_to":"","_links_to_target":""},"categories":[276],"tags":[],"class_list":["post-15911","post","type-post","status-publish","format-standard","hentry","category-tips-and-tricks"],"acf":{"cu_post_thumbnail":"news-1"},"_links":{"self":[{"href":"https:\/\/carleton.ca\/webservices\/wp-json\/wp\/v2\/posts\/15911","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/carleton.ca\/webservices\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/carleton.ca\/webservices\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/carleton.ca\/webservices\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/carleton.ca\/webservices\/wp-json\/wp\/v2\/comments?post=15911"}],"version-history":[{"count":1,"href":"https:\/\/carleton.ca\/webservices\/wp-json\/wp\/v2\/posts\/15911\/revisions"}],"predecessor-version":[{"id":20618,"href":"https:\/\/carleton.ca\/webservices\/wp-json\/wp\/v2\/posts\/15911\/revisions\/20618"}],"wp:attachment":[{"href":"https:\/\/carleton.ca\/webservices\/wp-json\/wp\/v2\/media?parent=15911"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/carleton.ca\/webservices\/wp-json\/wp\/v2\/categories?post=15911"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/carleton.ca\/webservices\/wp-json\/wp\/v2\/tags?post=15911"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}