Captcha for this site wow..

M

majerus1223

1 µW
Joined
May 20, 2025
Messages
4
Location
na
Just created my account, however prior to that tried to reset it thinking I had one already. Well those captchas for this site are insane.

Honestly, what am I misunderstanding about this?

type the first and third letters from this sentence in UPPER CASE

type the first and third word letter from this sentence in UPPER CASE


I really just didnt understand them. The only way I got past was the 3rd letter and the number question.
 
Sorry buddy, we get a ton of spammers and have to filter people out by using a hard captcha.
Glad you got it, welcome!
 
@neptronix, we've had some similar trouble with the AEVA forums. We're seeing huge surges in traffic overwhelming the server, and because it's shared, they shut us down with a bit of a hair trigger thinking it's an attack.

More likely, it's a swarm of AI bots feeding on all the delicious knowledge shared on two decades worth of internet forums. Endless-Sphere must be a certified honeypot for those things.
 
jonescg said:
@neptronix, we've had some similar trouble with the AEVA forums. We're seeing huge surges in traffic overwhelming the server, and because it's shared, they shut us down with a bit of a hair trigger thinking it's an attack.

More likely, it's a swarm of AI bots feeding on all the delicious knowledge shared on two decades worth of internet forums. Endless-Sphere must be a certified honeypot for those things.
Click to expand...

ES is a big problem due to the sheer amount of content it contains. Scrapers and bots go extra nuts here. If the bots aren't controlled, the server bill would go up 10x and i'm devoted to keeping operational costs as low as possible.

I'm lucky that our hosting is basically a linux virtual machine. I can see the patterns in the server and write fail2ban rules that ban >95% of the malicious traffic. You can't do that unless you have control at the OS level.

If you don't have control at the OS level, your best bet is putting cloudflare in front of the site. But the downside to that is that it's users will occasionally need to click a captcha as they re using the site ( not very user friendly )

We're fortunate that non-cloudflare methods can defend this site well and that the friction only happens at signup instead of all the time. :)
 
Also, cloudflare frequently just plain won't let people thru to a site. There have been numerous sites I cannot reach anymore because of it, sometimes for weeks, sometimes months, and some of them have been so long i've forgotten what they were or even that I wanted to go there, until something in a search points me back tehre again and I'm still blocked by cloudflare. :/

(the typical problem is an endless loop of "verifying you are human", where I don't even get a checkbox, captcha or antyhing else, regardless of browser used or what mode it is in, addons or no, etc). This is a widespread problem I've seen lots of reports about around the web.
 
Speaking of captchas, neptronix, have you seen or do you have any thoughts on anubis? Its basically a proof of work captcha which most if not all scrapers in their current iterations are incapable of bypassing. Its probably not necessary here on es as you seem to have everything under control with fail2ban but its a neat project.

At least on the small scale that is my personal site its been more effective than cloudflares in general...at the very least that ancient dual core amd chip doesnt get practically ddosed every other day haha...
 
Interesting. I randomly have to click a cloudflare captcha despite being on an IP address that's got a clean history, on a stock-ass windows computer running chrome.. IE the least threatening and bot-like case.
I get more of them if i use my two Linux Desktops :(

I've seen a few sites broken by it too.
On these sites that are broken, i suspect they've turned up the protection too high to compensate for some weakness in their application that they're not capable of fixing.

Cloudflare is inherently inaccurate because it doesn't know what's happening inside the server, it only knows a little bit about the person who is talking to the server. It's also slower to respond, because again, it's not on the server.
 
thebes said:
Speaking of captchas, neptronix, have you seen or do you have any thoughts on anubis? Its basically a proof of work captcha which most if not all scrapers in their current iterations are incapable of bypassing. Its probably not necessary here on es as you seem to have everything under control with fail2ban but its a neat project.

At least on the small scale that is my personal site its been more effective than cloudflares in general...at the very least that ancient dual core amd chip doesnt get practically ddosed every other day haha...
Click to expand...

Yeah, i envisioned a system like that a few years ago as the next step and i'm happy to see a few solutions already developed, like the one you mentioned.
I like it because it would explode bot CPU usage and stymie their network.

I don't like it because it makes ES less green due to the computational cost being externalized.
So i'll use more conservative/efficient measures until they no longer work!
 
You must log in or register to reply here.

Similar threads

justin_le
Upcoming Major Changes and Updates to the ES Site
Replies
11
Views
2,437
Two4Seven SuprDan
Two4Seven SuprDan
neptronix
    • Like
Endless Sphere knowledgebase system ( zeropress ) and funding drive
2 3 4 5
Replies
104
Views
17,931
neptronix
neptronix
e-beach
    • Like
What to Know About E-Bikes in New York City - New Laws
Replies
5
Views
3,667
Ebike Bob
Ebike Bob
R
    • Like
A critique of mid-drive riding recommendations (and hub drive criticisms)
Replies
22
Views
13,679
ebike4healthandfitness
ebike4healthandfitness
LewTwo
Battery Autopsy
Replies
18
Views
2,772
LewTwo
LewTwo
Back
Top