San Diego Marketing Firm
     
Home arrow News & Articles arrow Articles & Case Studies

Blocking Spam Submissions without a CAPTCHA

May 23rd, 2008
by Greg Banig

If you have a website with a contact form you’re probably aware of the problem of spam submissions.

Spam submissions are automated submissions to a website contact form. These submissions are generated from programs that scour the web and locate contact forms that contain a “comment” field. The spam programs submit the contact form with bogus information and links to the website the are marketing in the comments field.

Their goal is to locate contact forms that post the submitted information into a message board or forum - thus getting links to the site the are marketing live on your website.

Even if your contact form does not post to a message board it’s common to be bombarded with these types of spam submissions.

Several methods for blocking these requests exists, the most common being a CAPTCHA. This article will look at one method that does not use a CAPTCHA - “Completely Automated Public Turing test to tell Computers and Humans Apart”.

If you are unfamiliar with CAPTCHAs they are the form fields that require users to enter a text string or to solve a math problem. Example: “Enter the random phrase at left to submit this form.” CAPTCHAs work on the concept that only a human, not an automated program, could follow the instructions and enter the correct information.

CAPTCHAs work great. My only issues with using CAPTCHAs is that:

1) Their is an ongoing battle with spammers and website developers. As CAPTHCAs get more sophisticated so to do the spammers. Thus, CAPTCHAs will need to be revised and updated as spammers find ways around them.

2) CAPTCHAs require more effort from your users. Entering one more form field does not seem like a major issue, but I prefer to keep things as simple as possible for site visitors.

Blocking Spam Submissions without a CAPTCHA
One easy method I use to block spam submissions is to add some IF / ESLE code to the pages that process form submissions.

Here’s how this works (this example uses ColdFusion, but this can easily be adapted for PHP, ASP, etc.).

My sample contact form has a comments field called “comments”. Adding the following code to the top of the page that process the form information will examine the Comments field and reject any submissions that have common spam content.

< cfif #Form.Comments# CONTAINS "http" OR #Form.Comments# CONTAINS "www" >

(add html code with your submission error message…”Sorry, your submission has an error. Please go back and edit your submission so that the Comments field does not contain a website address.”)

< cfelse >

(add html code with your submission successful message…”Thanks, your information was submitted successfully.”)

< /cfif>

That’s the basic approach. You could add as many or as few phrases to check for and block as you feel are appropriate.

==========================
Article by Greg Banig Design & Marketing, http://www.gregbanigdesign.com.

filed under General, Website Development on Friday, May 23rd, 2008.
You can comment, or trackback.

NONE, NADA, ZIP, ZILCH

Why don't you pony up and be the first to add your comment?

Add your own comment...

My Zimbio
Bloglisting.net - The internets fastest growing blog directory
Internet
Top Blogs 
 Marketing Blogs - BlogCatalog Blog Directory
Blog Directory & Search engine
Blogdup Blog Directory