Forum Discussion

SJeffries's avatar
5 years ago

How can I Record a DejaClick Transaction against a Website with a Captcha?

    As a security measure, a 'Captcha' prevents robots like DejaClick from logging into a website by requiring the user to enter random generated text or clicks to verify that they are a real person. Bypassing a Captcha for a website requires intervention from the team managing the application server. This team must ultimately provide a means for DejaClick to bypass the Captcha.

    The most secure way for the application team to accomplish this is to create rules on the app server or authentication server, that allow only 1 specific user to login without requiring the Captcha verification. In this way, only that user can bypass the Captcha. All other visitors would require use of the Captcha to verify the login attempt.

    Some other means of dealing with a Captcha would include creating rules on the App or Auth server that allow bypassing the Captcha based on User-Agent, Originating IP address, or by adding a Custom Header to the request that is recognized and allows the transaction to play without requiring Captcha verification. These methods, however, can be mimicked so using a specific login is the best method if possible.

No RepliesBe the first to reply