-
Notifications
You must be signed in to change notification settings - Fork 139
NoBot
NoBot is a control that prevents CAPTCHA-like bot/spam without user interactions. This approach is easier to bypass than the implementation that requires actual human intervention, but NoBot has the benefit of being completely invisible. NoBot is probably most relevant for low-traffic sites where blog/comment spam is a problem and 100% effectiveness is not required.
NoBot employs a few different anti-bot techniques:
* Forcing the client's browser to perform a configurable JavaScript calculation and verifying the result as part of a postback. For example, the calculation may be simple numeric or may involve the DOM for added assurance that a browser is involved
* Enforcing a configurable delay between a request sent to a form and the time it can be posted back. For example, a human is unlikely to complete a form in less than two seconds
* Enforcing a configurable limit to the number of acceptable requests for each IP address per unit of time. For example, a human is unlikely to submit the same form more than five times in a minute. NoBot can be tested by violating any of the above mentioned techniques: posting back quickly, posting back many times, or disabling JavaScript in the browser.
| Name | Description |
|---|---|
| CutoffMaximumInstances | Optional maximum number of postbacks to allow by a single IP address within the cutoff window |
| CutoffWindowSeconds | Optional number of seconds specifying the length of the cutoff window that tracks previous postbacks from each IP address |
| ResponseMinimumDelaySeconds | Optional minimum number of seconds before which a response (postback) is considered valid |
| Name | Description |
|---|---|
| EmptyUserAddressCache() | Clears the user address cache |
| GetCopyOfUserAddressCache() | Returns a copy of the user address cache |
| IsValid() | Returns whether or not the user is valid |
| IsValid(state) | Returns whether or not the user is valid |
| Name | Description |
|---|---|
| GenerateChallengeAndResponse | An optional EventHandler providing a custom implementation of the challenge/response code |
Clears the user address cache
Returns a copy of the user address cache
Returns whether or not the user is valid
Params:
-
state
- Type: NoBotState
- Description: NoBot state
Returns whether or not the user is valid
This content was moved from https://ajaxcontroltoolkit.codeplex.com/documentation to this Documentation wiki. This is now the authoritative location of the AJAX Control Toolkit documentation.
- Step-by-Step Installation Guide
- Upgrading from v7.x and below
- Uninstalling the AJAX Control Toolkit
- Troubleshooting Installer Issues
- Updating the Project from CI Builds
- How to Use Bundling and CDN
- Creating a Custom Localization
- Creating a Custom Control
- Design Standards
Controls:
- Accordion
- AjaxFileUpload
- AreaChart
- AsyncFileUpload
- BarChart
- BubbleChart
- ComboBox
- Editor (deprecated)
- Gravatar
- LineChart
- NoBot
- PieChart
- Rating
- ReorderList
- Seadragon
- TabContainer
- TabPanel
Extenders:
- AlwaysVisibleControl
- Animation
- AutoComplete
- BalloonPopup
- Calendar
- CascadingDropDown
- CollapsiblePanel
- ColorPicker
- ConfirmButton
- DragPanel
- DropDown
- DropShadow
- DynamicPopulate
- FilteredTextBox
- HoverMenu
- HtmlEditor
- ListSearch
- MaskedEdit
- MaskedEditValidator
- ModalPopup
- MultiHandleSlider
- MutuallyExclusiveCheckBox
- NumericUpDown
- PagingBulletedList
- PasswordStrength
- PopupControl
- ResizableControl
- RoundedCorners
- Slider
- SlideShow
- TextBoxWatermark
- ToggleButton
- UpdatePanelAnimation
- ValidatorCallout