hacker scanning captcha.php

Hello,

Checking my apache logs and i see hundreds of attemps like :

my guess is that they are trying to learn the captcha?

I was thinking i could create a rule in fail2ban to auto ban them. But if a normal visitor is on my site what would be the normal amount of times they would see this?

 

It's the CAPTCHA image, so I'd only expect it to be loaded as much as the user sees the image itself. i.e. once per form with it on, unless they get it wrong, in which cases as many additional times as that happens.

Note the cache_break bit isn't a guess of a CAPTCHA, it's just us making doubly-sure the browser isn't caching the CAPTCHA image.

ok cool, thanks for infos.

well since i am getting hundreds of these in the logs i added it to fail2Ban to ban them after 4 tries.

I also dont have new users or public input/posting allowed so no reason for that to be triggered as my system is for me to share infos.