I assume that everybody knows what a Captcha is, maybe can’t relate it to the name, but you have probably written beautiful words while using it.
For instance, captcha is a security level to stores, sites, blogs, etc… to avoid bots and robot’s actions in the internet. They are basically those cloudy images that you see after couple of beers.
Configuring your captcha
I know that you are anxious to difficult you customer’s life implementing captcha in every pages and forms, so we are going to magento’s backend, accessing:
System > Configuration > CUSTOMERS > Customer Configuration [CAPTCHA]
First step is to enable the module changing the “Enable CAPCTHA on Frontend” to “Yes“. So we got the fields below:
Font – That’s the font style used in the image that is going to generate the Captcha. At this moment the only available font is “LinLibertine“.
Forms – Following standard configuration, captcha is enabled only at the customer’s recovery password form. However, you have it available to Login, New Account and Checkout forms.
Displaying Mode – Displaying mode is referring to login’s form. You can choose between always showing it or just after few attempts, in order to avoid massive attacks.
Number of Unsuccessful Attempts to Login – Refers to the number of attempts described above. The number of mistakes before showing the captcha.
CAPTCHA Timeout (minutes) – That image created in the frontend has a short lifetime, exactly to avoid that a bot can decode it.
Number of Symbols – Quantity of characters and its variation, standard configured to display 4 or 5 symbols.
Symbols Used in CAPTCHA – Alphabet letters and numbers that you intent to display in the image. It is important to mention that some characters are really similar and can difficult user’s life. For instance: o, O and 0 (Letter “O” and zero)
Case Sensitive – If you really want to annoy your customers, enable case sensitive.
Result
As soon as you save your changes the result is reflected in the frontend (flushing the cache may be necessary).
This module is available in the 1.7.x and newer versions. Try using it with careful and proper planning.
Other options of validation are also effective to avoid attacks of bots in your forms, for example, Invisible Captcha, also known as “honeypot” (gloogle it).
Success!
