I drew a picture, which is easier to understand. The website has a strong demand for verification (even the user resentment caused by it can be ignored), the main reason is security considerations.
Refer to TB for strengthening, and design the following verification Process,please discuss how to optimize security!
As for the code, I can write it myself, so there is no need.
I drew a picture, which is easier to understand. The website has a strong demand for verification (even the user resentment caused by it can be ignored), the main reason is security considerations.
Refer to TB for strengthening, and design the following verification Process,please discuss how to optimize security!
As for the code, I can write it myself, so there is no need.
1 The verification code is mainly to prevent brute force cracking. It is best for the server to add a limit on the number of errors
2 In addition to the ajax front-end verification of whether the verification code is correct, it must also be verified on the server side
3 "Generate relevant md5 according to different click sequences" from From your description, you feel that you are recording the location that needs to be clicked. For example, 134563 corresponds to "The Flowers of the Ancestors". Then what you are passing is the md5 value of 134563. This simple md5 value is very easy to be cracked by brute force. of. If you do this, it is recommended to use complex md5
4. This is just the "tip of the iceberg" of website security, or it doesn't count at all. First, filter sql injection and xss. These are not very important
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
