Results 1 to 3 of 3

Thread: Blocking spam form responses

  1. #1
    Join Date
    Jan 2007
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default Blocking spam form responses

    Hi All:

    I have started getting spam in my form responses. It looks automated, and changing the form name on my site didn't stop it. In trying to stop it, I was thinking of adding a field that had to have a specific answer in order to post.

    For example, if I asked "what year was last year?", then at least someone would have to eyeball the question to get "2006" as the required answer.

    Do you think that would stop these auto-completed responses, and if so, is there a routine to add that to my form? -- or other suggestions?

    Thanks.

  2. #2
    Join Date
    Jul 2006
    Location
    Antwerp, Belgium (Europe)
    Posts
    917
    Thanks
    120
    Thanked 2 Times in 2 Posts

    Default

    Most currently used to avoid spam is captcha.
    You'll find more about this in the php section of this forum.

  3. #3
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,164
    Thanks
    265
    Thanked 690 Times in 678 Posts

    Default

    One thing I have noticed is that bots usually can also change hidden elements of the form--
    <input type="hidden" value="something">

    So... you could try to validate that.

    Bots usually try to guess at what your form does so when they send spam, it has as much junk in there as possible. Therefore, if you have a couple hidden tags that you validate, it may stop them (assuming that they do, as is the case sometimes, change all the values....)

    Or... captcha if you can do that.

    I have thought about a spam blocker for forms like "Why did the chicken cross the road?" but... 2 problems--
    1. Some people might not know that culturally. (As for last year.... it could cause problems with math... like... someone might say 06, another 2006, another 2,006... but... that could work.) It also assumes they pay close enough attention to successfully input the answer.
    2. If it doesn't get sent, the bot may eventually catch on. Using a random thing like that becomes a form of captcha, so that's why it makes sense to try that. Also, bots don't usually do stuff on their own, but rather follow the instructions of a person. So if that person figures it out, easy enough for the bot to just input "2006" (as programmed by the person controlling it) then to go about answering the form like before.
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •