How To Get Rid of Spam on Form Submissions
Recently we had a client who started to rank up very quickly on the major search engines such as Google and Yahoo. We noticed that the amount of spam that was being passed through our web submission forms increased by 1000% and that happens to all major websites Well, over the next couple of months I came up with the best way and really the final way to get rid of all spam from web forms!
Spam is one of the biggest problems on the Internet. Spamming web forms increases when a website increases in ranks since the spam robots are able to find them a lot easier for the keywords that are targeted.
Why Do You Get Spam Web Form Submissions?
The technique that spam robots use is called “Link injection”. It is used to create backlinks from unsuspecting web site owners by simply inserting these links into any web form that they can find. The chances that the web form is a user generated content site is high so users’ comments are immediately placed on the sites and some sites go without moderation. In the mind of the spammer, they will simply submit their links to as many web forms as possible hoping to create some back links to their own sites through this method.
Unfortunately, it works. Otherwise spammers wouldn’t do it. However, it only works for 5% of the sites submitted. On the other hand there are 95% of web administrators who get the spam form submissions which just clogs their form system.
Current Methods Used
1. First Method is the “captcha” code (security code, human code, etc). This is where a user has to enter a sequential set of letters and numbers into a text code and the system verifies the code is correct.
a. This method can hurt your conversion and sometimes confuse a user who might be new to the Internet.
b. Not a lot of people know about this but recognizing captcha by spam robots
technology has been around since 2002. This means in the coming months and years more spam robots will be getting past the “captcha” technology.
One of my websites already got hit with these new spam robots that
get past the captcha security technique.
2. IP banning is another method. The problem with this is that spammers come from all over the Internet, they use Bot networks and proxies. You can only react to a spam with this method. Also if the spam robot is using an ISP with a shared IP address, then you are potentially blocking legitimate users as well.
This is a very easy and quick method of fixing this spam issue. By using this technique, the client’s site went from about 20 spam messages a day to 0 since.
The way this technique works is by exploiting the weakness in 99% of all spam
b. The particular one I used (You can download it here or at the bottom of the page) simply calls an html page and displays the content of the html page where ever the script is called from.
2. Then I place my form into a file save it as “contact.html” or whatever you prefer.
Lets say you have a form on index.html page.
2. Take the actual web form out of the index.html page, and place it into another separate text file and save it.
3. Now use the below script and place it where the form used to be in the index.html page.
a. Replace the “/myform.html” with your form name. (This method assumes that the form is in the root directory, if for example the form is in http://www.example.com/forms/form.html, then replace it with /forms/form.html)
What you have done is taken the form out of the html source code which spam robots view and inserts spam into, and place it into a separate file. Then you are calling a function called “scan” that simply reads the separate file, and displays the content of the file you called.
I got the technique from http://www.dynamicdrive.com/dynamicindex17/ajaxincludes.htm .
Another added benefit is that if you have a form that appears on several pages, you can simply edit one file, and now all the forms will be updated.
For help on getting rid of spam, you can contact us here. (Link to contact us form)