How to stop spam through a contact form?

I have a couple of contact forms that are getting hit with spam. It started off just once or twice a week but now it's several a day and accelerating.

Can anyone suggest a good way to prevent this? One of the forms is below, if that helps.
Contact form

Thanks!

 

Encrypt your e-mail address.

http://www.moggies.co.uk/antispam.html

http://www.knechtology.com/stop-spam/email_encoder.html

http://w2.syronex.com/jmr/safemailto/

I use the one above but now their site is junked with adsenseless ads

 

Thanks. I'll definitely add those to the email mailto: codes as we get 500+ spam a day through email links. Mailwasher works hard for me.

They won't help with the contact form issue though, will they? I need to keep my forms as they are specific custom request forms. I'd like to make them spam-proof too.

 

I wish I was able to be more help but I am in no way, shape, or form, a programmer.

You might want to try aweber or get response.

500 is crazy....I feel for you.

 

well I never should have plastered our email addresses across our website. It's a static site so will take forever to go through and change all the mailto's but it will have to be done.

The only things I've been able to find online are php scripts to add to my form to prevent autofill of them. The page is html though & I am clueless on php, so really looking for an Idiot's Way to do it.

Thanks for your ideas.

 

My site is html as well and so is my contact form.

The syronex site works well for me the problem is people do not realize there is a turing for it I think and so I lose some possible new clients.....

As for idiots guide.... thats what I thought I gave you lol....

I was impressed with myself for getting the encryption method to work...

You might want to repost in the programming threads as this is more for servers I believe....

 

Thanks. I'll definitely use one of those codes for the email.

I'll try the programming forum for the contact form. I looked at get response etc (I currently use something like that for newsletters) but I don't think that's what I'm looking for for this particular problem. I'll try the programming forum, thanks.

 

add captcha.
http://www.captcha.net/

 

If your site gets small to medium traffic, use a trivia question that you have come up with yourself, ideally not a maths question.

Alternatively add a hidden field to the form that isn't supposed to be filled in. If it is, the submission is spam and should be blocked. Another thing you could do is move your contact form and rename the file so that it doesn't use the word "form" or "contact".

 

Thanks for the suggestions. I've been trying to add Captcha but for some reason, it doesn't validate - that is, I can submit the form even with the wrong answer, & I suspect that's something to do with the way I set up my form.

I added more validation fields to my form - such as, zip code must be 5 numbers, a simple question to answer that has to be a specific number. That works for humans - that is I can't complete the form with incorrect info, but still bots are getting through with completely rubbish answers (like zip code "msdlbdxm") so I guess my form needs re-working from scratch.

 

Add Captcha. You can find it at http://hotscripts.com

 

Along with everything covered above, my suggestion, rather than posting your E-Mail address everything, just put a link to your contact form. Then you only have one problem to take care of!

 

The best method I have come up with to prevent spam in web forms is to do a simple test to see if the browser is executing javascript.

This was as simple as adding this code in the <form> tag:

onSubmit = "document.commentsform.action = document.commentsform.action+'?nospam'"=

Code (markup):

and then checking for

isset($nospam)

PHP:

in the PHP code of the submit page. If $nospam is set then the user is real and the post is not spam.

So far this has been 100% effective.

I keep meaning to write a WordPress plugin around it or at least add it to an existing WordPress plugin.

Good luck.

 

I have the very same problem with one ( the only ) o fmy contact forms. your problem has helped me to finally sit down and find my own solution.

in my case the spammer uses the same "type" of content - usually a bunch of URLs, and each time the spammer has NO referrer URL.

thus I figured out that ALL my true site visitors are clicking on my contact form page using a LINK from my own site to access the contact form page.

thus with below mod_rewrite lines I exclude all those direct access attempts by spammers. IN the current case I made a redirect to an image. but you could as well just give a forbidden by the server.

below works fine for me - may be for you as well ? all you need is to add below lines in the .htaccess file inside the folder where you have your contact form.

as you see I have excluded from that rule access FROM my site as well as from Google. all others get the image instead of the contact form.

the contact form file name is in my case "express.html"

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} express.html$ [NC]
RewriteCond %{HTTP_REFERER} !^http:// (www\.)?your_site .com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http:// (www\.)? google . com/.*$ [NC]
RewriteRule (.*) http:// www .your_site.com/images/replacement.jpg [R,NC,L]
</IfModule>


remove spaces added in above URLs