BotDetect CAPTCHA FAQ

Yes. In fact, using CAPTCHA protection is the recommended solution for email form hijacking.

1. Using the BotDetect CAPTCHA on a web-page doesn't block search engine bots from accessing that page.
2. All pages that can only be accessed after successful BotDetect CAPTCHA validation will not be crawlable by any bots.
3. The above assumes there aren't any direct links to the the protected page, bypassing the CAPTCHA validation. Ideally, the protected page will check for direct visits, and redirect all clients that didn't solve the CAPTCHA back to the challenge.

BotDetect CAPTCHA is a server-side control that generates images containing a random textual code, which is distorted in a way to make it unreadable by current AI.

So basically, actual people can read the code from the image, but various automated tools can't.

When you add the BotDetect CAPTCHA image on a form and have the user type in the embedded characters, the server-side control also validates their input, checking do the codes match.

In principle, the answer to the question "is the current client submitting this page a human visitor, or a bot?" should be the same as the CAPTCHA validation result.

You should not use CAPTCHA images to protect your email from harvesting bots. Those bots generally can't deal with images at all, because they must run across many websites/pages and it's inefficient to analyze every picture they find and check does it possibly contain an email address.

Algorithm security is important when you defend against automated-registration bots which attack specific CAPTCHA images on specific web pages. They a-priori do know which images contain text (the CAPTCHA images!) and attack those particular images.

So:

• Obfuscating your email addresses in a CAPTCHA image doesn't make any security difference: any kind of image provides good enough security, as long as it's not obvious that particular image contains an email address.
• Obfuscating your email addresses with CAPTCHA images will significantly complicate life for everyone who wants to contact you.
• We strongly recommend you not to obfuscate email addresses in any CAPTCHA-like way.
• Instead of providing your email address on a web page at all (in plain text, or as an image), you could have an interactive "contact us" form which will not divulge your email address, and will require the user to solve a CAPTCHA challenge before sending you a message.

We have a whole article dealing with this topic: Can CAPTCHA be broken? (and what can we do about it).

BotDetect is a software component – a reusable unit of software which can be incorporated with your website or web application. Typically, you install it on your computer during development, and then upload it to the server with the rest of your website.

It will work within an existing registration page.

Our product is a software component and it is application-independent. So, it is possible to plug it into any kind of website or web application as long as all of the platform requirements are met.

Yes, LANAP is only used in the trial versions of BotDetect CAPTCHA.

No, we will not use your company's name without your explicit consent.

• BotDetect ASP CAPTCHA is written in C++, as a COM component. Sample projects are written in ASP, PHP and Ruby on Rails.
• BotDetect ASP.NET CAPTCHA is written in C#, as an ASP.NET Custom Web Control. Sample projects are written in VB.NET and C#.

No, a free support plan is included in all BotDetect CAPTCHA licenses.

But please note that formally, we only support code written by Lanapsoft employees, and not any source code modifications you might make. To be more specific, we can not oblige ourselves to support any code modifications because the customer developer's skills and project scope are beyond our control.

We will be glad to assist you even with such modifications, if we can, but we can not guarantee this on the same level as we do for the code we implemented and sold to you.

You can modify the purchased BotDetect CAPTCHA source code to make it better suit your particular CAPTCHA implementation requirements. The only limitation is (simply put) that you can not use our source code to develop products similar to ours.

You can place orders at our online store. Payment is performed by the share-it! service.

share-it! holds a VeriSign certificate for secure SSL (Secure Socket Layer) transactions. share-it! also has a licensee of the TRUSTe Privacy Seal Program. Their FraudShield was developed based on experience in handling several million transactions. share-it! Also operates on redundant systems for maximum system availability.

Currently, more than 5000 software authors from over 150 countries use share-it! to sell more than 10,000 shareware products on the Internet.

Buyers are offered a variety of payment options, such as credit card, wire transfer, check, cash, corporate purchase orders, PayPal, as well as invoicing in different currencies. We accept Visa, MasterCard, American Express, JCB, Diners Club, Switch and Solo. Credit card payments are processed within seconds, and you receive your product and licensing information without delay.

Lanapsoft products are only available via ESD (Electronic software delivery).

Please consult the Licensing Information page.