• Home
  • Services
    • Websites
    • Mobile Optimized Websites
    • SEO (Search Engine Optimization)
  • Portfolio
  • Blog
  • About
  • Contact
Contact me about your project. Click here!
linkedin
rss
google_plus
email
  • Home
  • Services
    • Websites
    • Mobile Optimized Websites
    • SEO (Search Engine Optimization)
  • Portfolio
  • Blog
  • About
  • Contact

Blog Post

How to out-smart form bot spam without using a CAPTCHA – Part II

22 Apr 2011
Comment are off
Eric

In an earlier post about foiling form bot spam without using a CAPTCHA, I introduced an idea to validate your forms to not allow any HTML tags in any of the fields.  The theory was that spammers’ main motivation for spamming forms was to get links sent.  This method has worked wonderfully for me for quite a while… until yesterday, that is.

I have a client who has been getting blasted with form spam for almost 48 hours straight.  Here’s the odd behavior though… there are no links or any other HTML in any of the form fields?!?!?

So why is the person behind this bot doing this??

Other than to annoy me, I can’t think of any other reason.  So I had to think of a new way to foil this form bot and I came up with this…
Form Bots Are Predictable

I believe that most form bots read the name or id attribute in the input tag as a clue for what info to insert into that form field. So, if you name your input field “email” then the bot knows to insert an email address into that field.

So I’m going to use the bot’s predictability against it by naming my email field something completely different, then validating the field to require a properly formed email address (i.e. [email protected]).

So the bot will likely populate this field with random characters instead of a properly formed email address.  My validation will throw an error when the field doesn’t get an email address, the form bot is STOPPED!

I have a few more tricks up my sleeve, but I’ll save that for part III.

About the Author
Eric Hicks is a Freelance Web Developer in Tampa Bay, FL specializing in PHP/MySQL programming, CodeIgniter, and ExpressionEngine, WordPress, Internet Marketing and SEO. Call (813) 418-6833 if you are interested in hiring Eric for your Internet project.

Social Share

  • google-share

Contact

Eric A. Hicks, MBA
Freelance Web Developer
(813) 418-6833
[email protected]
Note: Email is the BEST way to communicate with me!

10736 Doc Brittle St.
New Port Richey, FL 34655

Contact

Eric A. Hicks, MBA
Freelance Web Developer
(813) 418-6833
[email protected]
Note: Email is the BEST way to communicate with me!

10736 Doc Brittle St.
New Port Richey, FL 34655

Recent Posts

  • Delete all messages in your LinkedIn inbox
  • Custom WordPress shortcode to display current year
  • How to quickly add responsive images to WordPress with width:100% CSS set
  • Google Analytics tutorial for business owners
Copyright © Eric A Hicks, LLC