April 12, 2012

A simple way of preventing contact form spam

By Mike Lewis

If you have a contact form on your website, you'll know how important it is to prevent it being hijacked by spammers. The usual method is to include a Captcha test, but many users find that annoying.

Tek Tips member Foamcow has come up with an interesting solution. You simply add an extra input box to your form, and label it "Leave this box blank". In the server-side code to which the form is posted, you check the contents of the box. If it's no longer empty, treat the message as spam.

The theory is that a bot will fill in every item on the form, whereas a human will follow your instructions and not type anything in the field in question.

A slightly different approach would be to initially fill the box with some text, then ask the visitor to clear it. But Foamcow's method has the advantage of not requiring any action on the visitor's part, which seems preferable to me.

I haven't had an opportunity of trying this idea yet. If you try it yourself, let us know how well it works.

No comments:

Post a Comment