You need to sign in to do that
Don't have an account?
LB_DD
Prevent bots from submitting forms without Captcha, is possible?
Hello,
I have a public Visualforce page with a Form.
This page is part of a Managed Package.
I submit the package to security review and get this reply:
«Brute Force Vulnerability
Guest site don't have logging in or email validation. Use a CAPTCHA in the process to prevent a brute force attack on the system.»
I don't want to use the Captcha, isn't a good solution to the app, need a solution on the server side.
Anyone have the same problem and found a solution to this?
Any ideia to resolve this problem?
Salesforce have the Web-to-Lead form and don't control the brute force submmiting!
Thanks and regards.
LB
The easiest solution is to use CAPTCHA or something similar. If you solve this problem server side without CAPTCHA, then you've solved a NP-Hard problem.
- Anup
It contains some ideas that might be helpful to you.
Anup