For a very long time now we have relied on CAPTCHA to protect us from spam bots that fill up forums with annoying advertisements to malware, fake products and even porn, in today’s world CAPTCHA just doesn’t cut it anymore and doesn’t little to protect our forms from bots on the internet… until now.
Some clever developers at Hashcash.IO have designed a new system to fight bots and even brute force attacks against our forms by using the last thing we’d expect, maths, sounds impossible right? Well in the past before HTML5 evolved into the thriving language we know it as today with all the goodies such as sockets, web workers etc. we couldn’t rely on built in technologies as they were just too vulnerable to outside attacks from bots.
How do I implement it?
At this point there is three main ways to implement the API.
If you’re not using any of the above you can also implement the API using custom source code found on the Hashcash.IO website, all you need to do is ensure you have a valid form in your source, the correct Hashcash core files implemented and you should be good to go.
With the power of HTML5 we can now leverage much more powerful APIs within the browser and the Hashcash.IO API to create forms that bots will have a nightmare trying to beat, however there are some drawbacks especially if you still need older browser support such as IE8, at this point in time the code developed to protect your site only works in newer versions of modern browsers as listed below.
- Google Chrome 28+
- Mozilla Firefox 22+
- Internet Explorer 10+
- Opera 18+
Where does that leave you?
Well up a stream without a paddle so to speak, if you only care about modern browsers then this solution will work perfectly fine but you may need to continue using older and uglier CAPTCHA techniques until either a polyfill arrives (which I wouldn’t be hopeful about) or older versions of today’s browsers become unsupported and you can move on without the worry.
If you have been a victim of endless spam and can’t rid it of existence then I urge you to give Hashcash.IO a try, currently all you need is 2 API keys for authentication and you’re all ready to go, from my point of view this is a great step in the war against spam bots.