Allowing Google to bypass CAPTCHA verification - sensible or not?

Posted by edanfalls on Stack Overflow See other posts from Stack Overflow or by edanfalls
Published on 2010-04-12T11:10:47Z Indexed on 2010/04/12 11:13 UTC
Read the original article Hit count: 325

Filed under:
|
|
|

My web site has a database lookup; filling out a CAPTCHA gives you 5 minutes of lookup time. There is also some custom code to detect any automated scripts. I do this as I don't want someone data mining my site.

The problem is that Google does not see the lookup results when it crawls my site. If someone is searching for a string that is present in the result of a lookup, I would like them to find this page by Googling it.

The obvious solution to me is to use the PHP variable $_SERVER['HTTP_USER_AGENT'] to bypass the CAPTCHA and custom security code for the Google bots. My question is whether this is sensible or not.

People could then use Google's cache to view the lookup results without having to fill out the CAPTCHA, but would Google's own script detection methods prevent them from data mining these pages?

Or would there be some way for people to make $_SERVER['HTTP_USER_AGENT'] appear as Google to bypass the security measures?

Thanks in advance.

© Stack Overflow or respective owner

Related posts about php

Related posts about google