Menu
This is a recurring question on the website, but after spending 20 minutes browsing through old questions I was unable to find a modern day solution.
I've previously employed this JS-based method to protect addresses. Before the JS-method I was using image and flash-based solutions. Below is my old way.
Animated example codepen: http://codepen.io/anon/pen/kIjKe/
HTML:
<span class="reverse eml">moc.niamod@tset</span><br>
CSS:
.reverse {
unicode-bidi: bidi-override;
direction: rtl;
}
.eml {
display: inline;
}
JS:
function reverseEmails() {
if (jQuery(".eml.reverse").length > 0) {
jQuery(".eml.reverse").each(function() {
var that = jQuery(this);
var email = that.text().split("").reverse().join("");
that.removeClass("reverse");
that.html("<a href='mailto:" + email + "'>" + email + "</a>");
});
}
}
None of these methods seem to work nowadays, since Node.js based scrapers are able to generate an image of the page they are scraping, then reading any human-readable data from said image - you can guess the rest.
Is there any method that works nowadays, in which users are still able to easily read / click / copy paste e-mail adresses, but JS-enabled bots could not?
556
By far, the easiest way to hide your email address from crawlers is by removing or replacing some characters. The most common method is to replace '@' character with [at]. It's fairly obvious to just about anyone what the correct address is and bots looking strictly for email addresses will get confused.
Cloudflare Email Address Obfuscation helps in spam prevention by hiding email addresses appearing in your pages from email harvesters and other bots, while remaining visible to your site visitors.
This is personally my favorite method, which I have found to work so far, it's not bullet proof, in theory a bot that can parse CSS3 and will preform a text search can still find it or a spambot that triggered events in order to harvest email addresses would have to feed the page into basically a headless browser, somehow determine what might be JS-obfuscated email content these scenarios are enormous amount of work for possibly no benefit and no spammer would ever consider doing it, the fact is I have had no spam to date and it works great for humans, both to read or click on:
<style>
.email:after{ content:'@mydomain.com'; }
</style>
Contact me at:<div class="email">myemail</div>
<script>
$('.email').click(function(){
window.location.href='mailto:'+$(this).html()+'@mydomain.com';
});
</script>
The thing is that the email is not a link so bots never trigger the click event as they don't even know it will do anything.
190
Put the email address on a separate page which is only reachable by solving a CAPTCHA.
Granted, then the security is only as good as the security of the CAPTCHA.
Using your own obfuscations may be a serious alternative if you only have a limited number of addresses you want to protect. Some ideas I have used in the past;
The real beef here is not the stellar brilliance of these solutions, but the different approaches which I hope can inspire you to think in new directions. In the end, you will always be safer if you come up with your own unique solution; anything resembling a "new de facto standard" will be the lowest-hanging fruit that the scrapers will spend time trying to pluck.
Incidentally, I tried to think about usability for people with disabilities, so I actually deployed the audio version as a fallback for people who have issues with interacting with the other two, which are based on visual layout.
By the by, very few people want to send me email these days anyway (or maybe they do, but end up being rejected as spam?) which is frankly a relief. Those who do typically use the whois registration info for my domain name (which uses an anonymized address provided by the whois registrar) or are good guessers.
35
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
