Skip to content Skip to sidebar Skip to footer
Home / Forms / Javascript / Jquery / Php / Spam Prevention

How To Prevent Spam On A Form

Post a Comment
I have a simple form that users use to register their email address for a newsletter. I want to prevent spammers submitting 000's of fake emails. What's the best way to do this? I

Solution 1:

You could use negative captcha. Idea is to have a field in the form that is not visible to humans but bots would enter values in it. On server side you can ignore requests that have a value in the negative captcha field.

Adavatage is that normal users do not see any extra steps like enter captcha words or validate the email. Cons is that the method works as long as people would not customize bots specifically for your site.

Example of a negative captcha. Include this in your form.

<divstyle="position: absolute; left:-2000px;"><inputtype="text"name="email_name"value="" /></div>

On server side do somethig like

if (params[:email_name] != "") //botelse//not a bot

Solution 2:

I found a great technique somewhere on the interwebs. I enhanced it, and it is now available (open source) at www.formspammertrap.com .

It uses some javascript to replace the form action, and requires actual 'clickage' of a live user.

No captchas, hidden fields, etc.; those might work temporarily, but usually doesn't work long-term.

It is free, and it works great on any site I put it on. PHP-based, but will also work in WordPress (not a plugin).

Solution 3:

You could do something like this,

functionvalidEmail($email){
    if (filter_var($email, FILTER_VALIDATE_EMAIL)){
        list($user,$domain) = explode('@',$email);
        return checkdnsrr($domain, 'MX');
    } 
    returnfalse;
}

it may not pick up every fake email, but I always validate their email by sending them a validation email with a link.

EDIT:

As for spam on a form use CSRF, that should prevent most spam (at least in my experience)

Solution 4:

When a user types their email address into the bar, run a script that sends them an email to the address specified that contains a link, when they click the link it will activate that email address for newsletters.

Solution 5:

A common approach is, to add another textfield to the form-section. In your stylesheet (not the style-tag!), you set its css-property to display:none, since most spambots fillout every available input-element, but doesn’t load external .css-files. When your script gets the request, you check this hidden textfield – if it’s blank, you have good chances that this wasn’t spam.

Post a Comment for "How To Prevent Spam On A Form"