1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Prevent Form Spamming

Discussion in 'C#' started by Corey Bryant, Dec 16, 2010.

  1. #1
    I know there are a number of different options available - and I am hoping to get a list of more.

    It seems that whatever is out there, there are others who have a way to bypass them. Of course, there is CAPTCHA - which I do not like. I sometimes find myself hitting the little refresh icon a few times just trying to read the letters and forgot about listening to the words, I fail at that.

    I came across Iron Clad Captcha the other day. It looks a bit like overkill but they claim it cannot be hacked. It seems to be a little easier.

    I have seen a couple of others, and I think it is BotDetect CAPTCHA. This one is about the same, sometimes difficult to read.
    SEMrush
    I have seen a few that ask about math calculations and thought they might be something to review / use instead. Do they seem to work some?

    Has anyone worked with any others?
     
    Corey Bryant, Dec 16, 2010 IP
    SEMrush
  2. AstarothSolutions

    AstarothSolutions Peon

    Messages:
    2,681
    Likes Received:
    77
    Best Answers:
    0
    Trophy Points:
    0
    #2
    Would be curious as to how they believe it cannot be hacked, especially with the method of captcha scraping. I'd be highly concerned about the amount of effort your asking people to do to get through the system, too many would just leave and not use the form in my opinion.

    There are ultimately hundreds of methods of preventing spamming which have varying levels of success at blockign spam but also varying levels of putting off true users too.

    Others you've missed include:

    Timing - set a timer for the form return based on how much info someone has to enter, if the form comes back in 1 second with 50 fields completed then reject as it is most likely a bot

    Hidden fields - add a hidden field like "confirm email", bot assumes this is a field to be completed so does so, humans cant see it, reject any forms with a value for this field

    Javascript - use javascript to complete an element on the form (could be a hidden field). Most bots don't run javascript so reject any where the field isnt completed or is completed incorrectly

    Simple Question - similar to the Maths question but can be something else like "what colour is grass"


    Almost every single method will result in some users either abandoning the form or failing validation so you really have to balance the cost of dealing with spam against the cost of loss business
     
    AstarothSolutions, Dec 17, 2010 IP
    longcall911 likes this.
  3. AcevedoAaron

    AcevedoAaron Peon

    Messages:
    49
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    yes its CAPTCHA but you also try roboot.txt if you can configure then its worked good i am not an professional but as much i know am am just share.thank you for your interest
     
    AcevedoAaron, Dec 17, 2010 IP
  4. myfire

    myfire Peon

    Messages:
    21
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #4
    math captcha seems like easy and useful for me.
     
    myfire, Dec 24, 2010 IP
  5. palme

    palme Active Member

    Messages:
    320
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    58
    #5
    i agree with you and special. the last one is something i use, i.e "make an open question with forexample what, where, how, ...", bots can not answer analytical.thanks for the post
     
    palme, Dec 30, 2010 IP
  6. Corey Bryant

    Corey Bryant Texan at Heart

    Messages:
    1,127
    Likes Received:
    51
    Best Answers:
    0
    Trophy Points:
    0
    #6
    I actually did consider the hidden field - assuming that it is a bot and not actually a person entering information.

    The code I had one my site was not working properly and with a little help - I got that working which seems to be working a lot better.

    I also added the referral as well - so that the users have to get to the contact page from a page in my website. Using these two functions, spam from the contact form has stopped.
     
    Corey Bryant, Jan 6, 2011 IP
  7. longcall911

    longcall911 Peon

    Messages:
    1,672
    Likes Received:
    87
    Best Answers:
    0
    Trophy Points:
    0
    #7
    Lots of good ones here. A simple one that I find works well is "Please enter the number two-hundred-thirty-seven in the security box below." Every once in a while a bot figures it out, but even that could be fixed by randomly displaying any of a few.
     
    longcall911, Jan 17, 2011 IP
  8. nuare

    nuare Member

    Messages:
    49
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    28
    #8
    anything can be automated, but use analytical questions, it is hard for bots to think
     
    nuare, Jan 20, 2011 IP
  9. Corey Bryant

    Corey Bryant Texan at Heart

    Messages:
    1,127
    Likes Received:
    51
    Best Answers:
    0
    Trophy Points:
    0
    #9
    I got the CAPTCHA working actually - and that has cut down the spam significantly. I am thinking though of adding the hidden field a bit later. Thanks for all the input.
     
    Corey Bryant, Jan 20, 2011 IP