Website Form Spam and Captcha Verification
Click Here to see how I eliminate automated spam on my website forms.
I recently received the following email from one of my web design clients:
“I get 4-5 of these form submissions a week from my website”, writes the client. “Why am I receiving these? Is this something I should be concerned about? Here is a typical sample of the email submission I have been receiving from my website form:
name: ybgsitiei
parent name: ybgsitiei
phone: OZxmqCguQkhdkgZdFY
email: eozrph@wymoxu.com
referred by: JlyXYYFqZqvkenaO
I responded to this client by explaining to them what the emails were, who was sending them and what could be done to eliminate them.
Unwanted email submissions from your website form are usually spam. Spam is unsolicited, invasive advertising that can be compared to a telemarketer calling your home at 6pm on a week night and interrupting your family while eating dinner. If you use email on a regular basis, then you are most likely no stranger to email spam.
For website owners, spam can be received via the forms on their website and any email addresses that are posted on the website. It’s easy to resolve the latter. Just don’t post live email addresses on your website. Webbots called ‘email harvesters’ scan the Internet searching for live email addresses, then save the email addresses they find to a database. The webbot’s programmer then sells the email database to spammers as mail lists. That is why most websites use contact forms in place of posting live email addresses.
But spammers have grown increasingly effective at spamming website forms. Website forms spam can be submitted by humans and by webbots. There is nothing you can do to eliminate human submitted spam, except for removing your website form.
Website forms can be protected from webbots. The first step a website designer can take is restricting webbots from seeing the form page with the robots.txt file. The robots.txt file is a website script located in the root of the website directory that tells search engine spiders and webbots what files and directories they are allowed to access. Disallowing a website’s form pages in the robots.txt file will prevent search engine webbots and other Internet webbots scanning programs from reading the website form pages. Search engines will sometimes crawl website forms, submitting an email to the owner with random letters that look like jibberish. By disallowing the website forms with the robots.txt file, you can eliminate some of your websites form spam.
However, persistent spammers will not be stopped by a robots.txt file. The solution for eliminating automated spam submissions in website forms can be acheived by installing a CAPTCHA solution in the website form.
Click Here to see how I eliminate automated spam on my website forms with CAPTCHA
CAPTCHA, is an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart”. CAPTCHA is a type of challenge-response test used on Internet website forms to ensure that the form submission is not generated by an automated software program, or webbot. The CAPTCHA process asks a user to complete a simple test which the website forms software is able to generate and grade. A common type of CAPTCHA requires that the user type letters or digits from a distorted image that appears on the screen. Because Internet webbots are unable to read a distorted image and solve the CAPTCHA, any user entering a correct solution is presumed to be human. CAPTCHA was developed by staff at Carnegie Mellon University and IBM in 2000.
CAPTCHA has become increasingly more common on Internet website forms, and savvy Internet users have become accustomed to completing the CAPTCHA tests on website forms. CAPTCHA use on website forms will continue to increase until the day that webbot software evolve to the point that they can solve the CAPTCHA solution. Only the most sophisticated spammers will utilize such webbot software, so CAPTCHA should be able to protect your website forms for some time.
Michael Rassel is the Owner of Razworks Web Design, a freelance website design company in Sarasota, FL.
To contact Razworks call 941-685-8851
or email Razworks using the contact form by clicking here.
Visit Razworks Website by Clicking Here >>
