Spam is not a pleasant thing. We are inundated with the stuff in our email inboxes and it’s not out of the ordinary to find some spam through your blog’s contact form either. Further still, you’ve probably received boatloads of spam through your blog’s comment system. While Akismet is able to catch most of the bad guys, you can never be too safe and secure.
Rob Malon recently wrote a post that describes yet another way that you can combat comment form spam. More specifically, it is designed to fight the spam left by bots. This method won’t work against the human spammers, but bots make up the majority of your problems anyway.
In a nutshell, Malon describes a method where you insert a hidden form field as part of your comment form. The actual site visitors that you get will not see these fields, because they have been hidden. The forms are, however, visible to bots, because bots take a look at your code and not at the physical appearance of your site.
In this way, the bots will want to fill out these hidden form fields, whereas actual people will not. As you can imagine, all comments that have something in the hidden field are filled out by spam bots.
Full instructions can be found at RobMalon.com.
Tony Chung
November 29, 2008 5:56 pm
Gary, the hidden form field is a great idea. When I first saw this trick implemented on a different site, the field was visible with a label that read: “humans: leave this field blank” What a usability nightmare that must have been.
Instead, I installed the recaptcha plugin by Jorge Peña (aka Blaenk Denum). (Download it here). In a nutshell, recaptcha provides a means to stop spambots and digitize books at the same time.
Spam still shows up in my Akismet trap, however. This usually means the recaptchas were bypassed by a human. A hidden field wouldn’t stop that spam either.
Recaptcha support is enabled in a number of different frameworks. I’m trying to figure out how to get it working for some of my other app ideas.
Cheers,
-Tony