Skip to content

Instantly share code, notes, and snippets.

@lmBored

lmBored/task2.md

Created February 18, 2026 14:30
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save lmBored/721ea29f265df0c13e62c736bbe604a4 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save lmBored/721ea29f265df0c13e62c736bbe604a4 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
task2.md

Last Updated: February 18, 2026

Topic: Security Features

CAPTCHA

CAPTCHA is a security mechanism designed to distinguish between human users and bots. While effective at stopping bad actors, CAPTCHA rules can interrupt the user experience and reduce user retention.

To balance security with conversion rate, our service does not present a CAPTCHA on every interaction. Instead, we use conditional trigger logic - a CAPTCHA is displayed only when a request matches specific automated risk rules or when explicitly enabled by an administrator.

Trigger Logic

The system evaluates every incoming request against a set of rules. If a request matches any of the following criteria, the user must solve a CAPTCHA to proceed.

![Placeholder: Horizontal flowchart visualizing the decision tree from Request -> Rule Check -> Pass/CAPTCHA]

Trigger Condition Purpose
High Frequency > 500 requests from the same IP within 20 minutes. Prevents brute-force attacks or scraping.
Blacklisted Origin The IP address exists in the global blacklist. Blocks known spams, botnets, and attacks.
Traffic Anomaly Current hour volume is > 2x the average of the last 14 days (for that specific hour). Detect DDoS attacks or unusual spikes.
Payload Repetition The same request body (payload) is sent > 5 times in 30 seconds. Prevents bots spamming and overloads the server.
Manual Override (see below) The "Force CAPTCHA" setting is enabled in the Admin Panel. Target a suspected attack or big feature launches.

Note: For the Traffic Anomaly rule, the system compares the current traffic against the "Current Hour Bucket". For example, if the average traffic between 2:00 PM and 3:00 PM is 1,000 requests, a CAPTCHA will trigger if traffic exceeds 2,000 requests during that hour today.

Admin Configuration (Manual Override)

Administrators can view the status of CAPTCHA triggers and force CAPTCHA verification on specific endpoints. This is primarily used in specific scenarios such as during a suspected attack that might evade automated rules or during high-risk feature launches.

How to enable Force CAPTCHA

  1. Navigate to the Admin Panel.
  2. Go to Security > CAPTCHA.
  3. Enter the target endpoint.
  4. Toggle Enable Manual CAPTCHA.

![Placeholder: Screenshot of the Admin Panel showing the CAPTCHA toggle switch]

Note: Manually enabling CAPTCHA affects all users interacting with that endpoint. This may affect UX/reduce user retention and should only be used when necessary.

Troubleshooting & FAQ

Q: A legitimate user is complaining about seeing CAPTCHAs constantly. Why? A: Check the user's IP address in the User Activity Logs. It shows their IP and what rule(s) got triggered. Common cause: Users on shared networks (e.g., offices, universities) often trigger the High Frequency rule collectively.

Q: We are hosting a promotion event. Will the traffic spike trigger Rule #3? A: It is possible. If you expect to double normal traffic, please contact the DevOps team (at devops@placeholder.com) 24 hours in advance to adjust the thresholds or add an exception for the duration of the event.

Q: How do I know which rule triggered a specific CAPTCHA? A: You can view the specific trigger reason in the User Activity Logs. Look for the X-Captcha-Reason header in the log entry.

See Also

  • [Placeholder Link: How to Manage the IP Blacklist]
  • [Placeholder Link: Reading Request Logs]
  • [Placeholder Link: Incident Response for DDoS]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment