Spam free forms and contact details
I always have been annoyed by things like: the morning alarm clock, long distance travels, undocumented functions and spam. But from all the above mentioned spam as well may be the most annoying one from it, the rest of them don’t happen that often.
And certainly we realize the mass spreading of spam when we see the statistics for a month of spam. Unfortunately the number of spammers will grow/maintain itself long from now on. Until spammers get paid I can’t see why they would stop. Hell, some people try making money by trademarking the word spam.
Well, enough said about that, the main issue we are facing is how to reduce the spam we get. I’m not talking about email protection, or blog protection; I don’t know how you people consider, but I think Akismet is doing a great job for blogs! I want to talk about those moments when you create a contact/comment page and want to make it spam proof.
Are you human? (CAPTCHA)
It seems to be the solution in many cases. But I’m not talking about making your own CAPTCHA, if you lack the experience. Some did it and it went from ’simple’ to imposible: take a look at RapidShare’s CAPTCHA. Instead I would recommend you to implement reCAPTCHA. Apart from the fact that you can reinitialize a CAPTCHA when you can’t read it, it has playable sound version of it for visualy impaled people. And on top of all this you help digitize old texts. As if that weren’t enough, it protects you from bots that may have surpased the other protection techniques.
The math question = ?
I bet you all have seen it, quite often used in a static equation way. I have also wrote about it on my last home of the blog in the article less spam on blogs. I think that I said enough about it there.
Javascript to the rescue!?
It may seem that the simplest and handier way to protect a form against spam bots may as well be Javascript. We live in a web 2.0 enviroument, full of Javascript effects and only a handful of people have it restricted with NoScript or something of sort. Thus we can safely use javascript as a protection against spam. Why? Because normal bots can’t parse (execute) Javascript code, even crawlers (GoogleBot, YahooBot) parse Javascript code only for obvious links, email addresses, etc.
There are two ways to do a form with Javascript: DOM way and simple dumping way. Simple is better:
<form action="target.php">
<script type="text/javascript">
document.write('<in'+'put type="text" name="human" />');
document.write('<inpu'+'t type="submit" />');
</script>
</form>
The concatenation of the strings is needed so that the bots can’t match it against there usual input regular expressions. I used this type of protection for displaying my email address on the About page, although could have used MailHide also. Didn’t want to bother my readers that much.
Conclusion
Actually it’s totally up to you to choose one of the above. CAPTCHA would be the best, but in some particular cases there is no need to bother your users so much, check my previous example.
