No, you have an http request. It contains an ip and a header. In the header, you put an authorization token that the client is given when logging in. This can be done, for example, with AWS cognito. But it could also many other methods
Then when the client makes a request, it gives that token and the server says oh yeah, this is user X. User X hasn't made more than 10 requests this second, and not more than 100 in the last minute (or some similar logic). Thus, user X is safely using our site
Now, this doesn't work for anonymous users who aren't logged in. They can't be tracked cuz there's no token and that ip can be faked. This encourages users to log in because they don't have to use captchas that way, but you still don't have to worry about attacks
TL;DR
These websites aren't related to poal
Please send your suggestions to their owners/admins.
That's why I said idk your infra or if you control those services
You do you man. I'm just saying it because it's worth saying - fewer people are going to participate in this site because of how obstructive the captchas are. Since you're recommending them, you seem like a reasonable person to suggest this to
fewer people are going to participate in this site because of how obstructive the captchas are.
lol What does captchas on 3rd party websites have to do with poal?
Since you're recommending them,
lol recommending != mandatory
(post is archived)