A Simple Way To Deal With Web Form Spam
I’ve been getting hit with a lot of web form spam lately, but I hate Captcha, so I thought of a simple solution for it. All I did was add an extra field to my form, and I changed the CSS so it’s set as “display: none;“. Then when the form is submitted, the validator checks to see if there’s anything in the extra field. If there is, the submitted fields are stored in a separate table, just for spam, along with information like IP address, User Agent, etc. It’s working pretty well, so far; hopefully the Spam Bots won’t adapt, but if they do, I’ll be ready.
I’m hoping to eventually collect enough information from these Spam Bots, to create a spam filtering system for web forms
June 13th, 2008 at 11:42 pm
This isn’t a new technique; this (http://www.modernblue.com/web-design-blog/fighting-spam-with-css/) dates back to at least June, 2007. I recall reading about it before, possibly as early as 2005.
The problem is that it works great in isolation, but if you deploy it to a high-traffic site (or a lot of small ones, e.g. if it were to become the default behavior in WordPress), the spammers will work around it. But if you’re a small site, the diminishing returns make you an unattractive target.
I’m not saying it’s not valid, just that it doesn’t scale.