Basically i have a form on my website that sumbits an email. I have a captcha on the form, but still they seem to send messages through it.
Setting the form into a <div> and setting the style to style='display:none', will this stop the spam bots?
Or can you suggest any better ways to protect my site from spam bots.
E.g of what they send:
Name: peplsvcxb
Email: ZlIonkQyfGPDm
Telephone Number: iuyLXiUjjSJxHYaf
Message: REQ5XN <a href=\"http://spam.com/\">ymgvinahvefl</a>, lpejzyspfayj, [link=http://spam.com/]udykuehlwkmo[/link], http://spam.com/
Spam Bots
Moderator: General Moderators
Re: Spam Bots
Hiding the div via CSS won't matter. CSS Is for rendering, I highly doubt the bot actually renders your style sheet to submit your form.REwingUK wrote:Basically i have a form on my website that sumbits an email. I have a captcha on the form, but still they seem to send messages through it.
Setting the form into a <div> and setting the style to style='display:none', will this stop the spam bots?
Or can you suggest any better ways to protect my site from spam bots.
E.g of what they send:
Name: peplsvcxb
Email: ZlIonkQyfGPDm
Telephone Number: iuyLXiUjjSJxHYaf
Message: REQ5XN <a href=\"http://spam.com/\">ymgvinahvefl</a>, lpejzyspfayj, [link=http://spam.com/]udykuehlwkmo[/link], http://spam.com/
Are you using your own custom captcha or a script?
- superdezign
- DevNet Master
- Posts: 4135
- Joined: Sat Jan 20, 2007 11:06 pm
Re: Spam Bots
There's also a sneaky trick that has gained widespread popularity on the internet. The hidden input element.
Bots fill all form elements because they assume everything is required. If they fill your spam-catcher element, you'll know that they are not human. Quick and easy.
Code: Select all
<form>
...
<input type="text" name="spam-catcher" id="spam-catcher" />
</form>Code: Select all
#spam-catcher {
display: none;
}Code: Select all
if (empty($_POST['spam-catcher'])) {
// Send e-mail
}
echo 'E-mail sent!'; // Even if it wasn't due to the spam catcherRe: Spam Bots
That's quite clever 
You've redeemed yourself regarding the "genii" incident
You've redeemed yourself regarding the "genii" incident
- superdezign
- DevNet Master
- Posts: 4135
- Joined: Sat Jan 20, 2007 11:06 pm
Re: Spam Bots
jackpf wrote:You've redeemed yourself regarding the "genii" incident
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: Spam Bots
The hidden form field works for bots that have no particular target. I bet your CAPTCHA is weak. Mordred suggested to use reCAPTCHA, which should eliminate 99% of automated queries you receive. Try using reCAPTCHA and see if there's a difference (should be).