3 CAPTCHA Tips To Block Spam Bots Without Annoying Users

January 28, 2015 Elias Terman

As Andrew Stein, our Chief Scientist, discussed in his post Are We Still Using CAPTCHAs to Stop Form Spam?, we’ve come to a point where the only people who have trouble reading basic CAPTCHAs are your actual users – not the spam bots.

Here’s three ways to use CAPTCHAs to block the bots, minimize form spam, and make your human visitors happy:

1. Only serve a CAPTCHA to a spam bot Eliminates CAPTCHA friction for legitimate users
2. Add a Honeypot to your CAPTCHA Only a bot will fill in the hidden fields, revealing itself as spam
3. Use browser rate limiting to catch outsourced CAPTCHA solvers Even if a human bad actor gets through your defenses, you can block him based on his anomalous behavior

Understanding the relationship between CAPTCHAs and spam bots

The CAPTCHA report below illustrates an ideal scenario when it comes to serving CAPTCHAs to spam bots on a high traffic website.


Distil Total Traffic vs. CAPTCHA Served Report

Despite a huge spike in traffic from a viral post on January 23rd, served CAPTCHAs remained flat at about 180,000 served per day. This is a strong indicator that this site is only serving CAPTCHAs to spam bots.

As we drill down into the solved versus failed CAPTCHA attempts in the report below, we can see that 589 people were served and successfully completed the CAPTCHA and 97 failed.

Distil CAPTCHA Solved vs. Failed Report

Do you use CAPTCHAs on your website to block spam? What’s been your experience? If you’re not a current Distil Networks customer, please sign up for a free trial and take our hardened CAPTCHA technology and CAPTCHA reporting for a spin. 

About the Author

Elias Terman

Elias Terman is VP of Marketing and is responsible for all aspects of the global marketing and communications strategy. Elias started his career as an entrepreneur, and now enjoys helping grow Silicon Valley startups into industry leaders. He built out the marketing and business development organizations at OneLogin leading to explosive growth, helped establish SnapLogic as the leading independent integration company, and led MindFire Studio to the Inc 500.

Follow on Twitter More Content by Elias Terman
Previous Article
Programming in Go (Golang) – Setting up a Mac OS X Development Environment
Programming in Go (Golang) – Setting up a Mac OS X Development Environment

At Distil Networks, we have recently started using Go (Golang) to expand the functionality of our data plat...

Next Article
Click Fraud Cases: 5 Telltale Signs
Click Fraud Cases: 5 Telltale Signs

As marketers, we obsessively monitor our Pay Per Click (PPC) campaigns. Click fraud occurs when a bot imita...