A simple equation solver used as a CAPTCHA
This is a small plugin to present an anonymous user with simple math addition problems in order to submit a new ticket or to make edits in the wiki. Currently there is no customization: it presents two integers in the range of 1 - 10 and asks the user to add them together.
I'm starting to see some particular spambots get through the simple captcha, so I'm releasing version 2.0 that includes a slight modification to the format presented to the user. In addition, this version now correctly works with fcgi and mod_python by saving the captcha information in the trac database. (To use mod_python as an example: apache may start many processes where each has its own embedded python interpreter. The particular apache process than displayed the form may not be the same one that processes the form request, so there must be a persistent way to store the solution to the captcha rather than making it easy for spambots by encoding the solution in the web page itself.)
I'm also keeping a 30 day record of failed attempts in the same database so you can get an idea of what sort of spambots are trying to get through your defenses.
For the future, would be nice if there were multiple types of math problems presented in a way that wouldn't be easy for a bot to recognize.
Thanks to user Srl295, the plugin now supports Trac 0.12. No database upgrade is necessary if migrating from 0.11
If you have any issues, create a new ticket.
Download the zipped source from here.
Install by either copying the MathCaptcha.py file into your /path/to/project/environment/plugins directory, or use
python setup.py install
from within the source directory.
Version 2.0 of the plugin creates a new database needed for processing captchas when run using fcgi or mod_python, so you'll have to run
trac-admin /path/to/project/environment upgrade
before you can use the plugin. Once installed and the environment is upgraded, the plugin must be enabled by adding a line to the components section in trac.ini:
[components] mathcaptcha.* = enabled
Finally, give anonymous users any of the following permissions: TICKET_CREATE, TICKET_MODIFY, WIKI_CREATE, or WIKI_MODIFY. Anonymous users will then be prompted to solve a math problem before being allowed to submit it, while authenticated users will not see the captcha.
Fixed #7155: added patches to support 0.12
Added IP address banning and statistics display * requires a trac-admin PATH upgrade to publish database changes * added href /mathcaptcha-attempts to show failed attempts by spambots * added href /mathcaptcha-successful to show successful captchas * added href /mathcaptcha-clear to clear the captcha database (ordinarily cleared after 30 days) * IPs are banned after 4 unsuccessful attempts * banned IPs don't even get the trac interface, only a plain "system offline" page
Released version 2.0
- added database code for correct persistence across mod_python/fcgi
- borrowed database boilerplate from http://trac-hacks.org/wiki/TicketModeratorPlugin
- refactored validate_mathcaptcha into several methods for ease of future enhancements
Added error log printing when a user enters an incorrect solution