Friendly Captcha (another de-G**gle initiative)

humptydumpty

@ruihildt I just signed up for an account and installed the Wordpress plugin. I'll report back in a few days. Hoping it'll stop those pesky bots from abusing my contact form

girish

@humptydumpty yes please, let us know how it goes. Might replace the captcha this forum uses.

imc67

@humptydumpty I installed it on a brand new Wordpress site for a first test. It looks promising!

Tomorrow I’ll install it on one of the high traffic sites I manage. Will share my experiences here too.

Meanwhile I translated the plug-in into Dutch and they released a new ‘base’ version with 4 languages.

humptydumpty

Day 1 looks promising! I'm used to waking up to at least a handful of spam messages sent from the contact forms. So far, I got none! Will report back tomorrow.

imc67

@humptydumpty same here!

I also switched on the WP-login captcha but users with a password manager couldn't get in, the entry was too fast So I switched that of again (we hadn't a captcha before and do have Wordfence login control).

humptydumpty

Day 2 report: No spam from the contact forms yet. I repeat, ZERO spam messages sent so far!

robi

Looks like POW is not something spammers do until this variant reaches critical mass. Until then, enjoy!

imc67

@humptydumpty we had day 1: 1 spam email and day 2: 0 spam email

humptydumpty

@imc67 still a win in my book!

humptydumpty

Day 3: almost forgot to post today, zero spam all day.

imc67

@humptydumpty it’s getting boring but same here!

girish

@humptydumpty @imc67 does this work on any site or is this specific to WordPress? Can I use it for this forum, for example?

imc67

@girish yes you can, on their homepage halfway you see a code example for any website. For Wordpress there is an easy to use plug-in.

girish

@imc67 Indeed, thanks. It seems there is a 1000 requests/month limit which this forum far exceeds... Let me think about it.

imc67

@girish strange, it seems there is something changed on their website. It’s not only looking different but I swear there was something like “use our api or host it on your own server” that’s why I created this app wish. It would be great to host “the API” as an app for your own endpoint. However I don’t see such solution anymore, or maybe I don’t look at the right place?

girish

@imc67 I think what was opensource was only the libraries and not the server component (I could be wrong). But you are right, there used to a note before - https://web.archive.org/web/20201220025130/https://friendlycaptcha.com/ but it only stated "FriendlyCaptcha is open source allowing you to build out this service yourself."

imc67

@girish right! But is that still possible with the code on GitHub?

humptydumpty

@girish @imc67 Quoting a closed issue on their github...

Hi, after doing a bit of research, I've realized that FriendlyCaptcha isn't entirely open source.

    Alternatively, do it yourself

    FriendlyCaptcha is open source allowing you to build out this service yourself.

https://friendlycaptcha.com/

    Its front-end and algorithms are open source (MIT), the SaaS wrapper around the hosted version is not [yet, I set it as a sponsorship goal], I hope that’s ok.

https://codeberg.org/swiso/website/issues/133

I will appreciate if the website makes it clear that some bits are proprietary.

Source: https://github.com/FriendlyCaptcha/friendly-challenge/issues/10

I think that means someone could use a different wrapper for their source code and make it work for Cloudron and elsewhere, right?