Menu
Has anyone been able to successfully prevent spam on their site without placing a burden on your visitor (e.g. CAPTCHA) and without using a centralized spam reporting system (e.g. Akismet)
I've found this & it looks promising, but doesn't contain detailed deployment instructions.
I want to present my web forms without burdening my users with CAPTCHA like technologies, but also actively automate preventing spam.
There doesn't seem to exist a detailed instruction/tutorial on how to implement such a technology.
Disclaimer
Also, I realize there no silver bullet appropriate to preventing spam. But if simply putting in place a non-invasive (invisible to user) prevention system that blocks 95+ % of spam, it would be worth the effort to deploy.
242
It uses advanced techniques, with the latest version being able to filter out suspicious visitors without the need for a manual puzzle being solved. They look through your history of entering ReCAPTCHA in the past on your IP address and offer clues that can determine whether you're a bot or not.
Honeypot, as the name suggests, is a “trap” that is designed to lure bots and computer programs into accidentally revealing their identities. The idea is to provide something that is going to attract the bot, the “honey”, which is invisible or hidden from legitimate human users.
I basically use one trick on my site to prevent Spam and it works great (at least until spambot programmers will read this post ;) ).
Code is like this:
In the script that builds the site which contains the form, I implemented:
$_SESSION['lastSiteId'] = 'something Unique';
$_SESSION['lastSiteRequest'] = time();
The script that contains the logic to write the comments to a database contains this:
if($_SESSION['lastSiteId'] == 'something Unique'
&& $_SESSION['lastSiteRequest'] + 5 < time()){
insertComment();
}else{
echo "Please read the article before posting a comment";
}
Remember this is pseudocode to give you the idea. You have to implement it all alone in the end... ;)
All it does is checking if more than 5 seconds have passed between redering the form and sending a POST Request.
Be warned that spambot engineers are not sleeping. Bets are, that spambots can wait a few seconds before posting unwanted input if the programmer wants it that way. Question would be: How much spam messages can be send if the Spammer have to wait 5 secs between the requests? See, maybe this IS the final solution to Spam prevention.
Combining time tests with javascript tests (if possible and wanted) plus prefilled/unfilled hidden fields tricks, you should be save from spam a few years from now on.
121
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
