[thelist] Hidden fields don't stop spam
Chris Price
chris.price at choctaw.co.uk
Thu Oct 29 05:22:20 CDT 2009
Thanks Lee that's really helpful.
It was a bit of shock getting a load of spam as soon as I'd put an anti-spam
measure in place.
There are other measures you might want to try in parallel, you need
> to analyse your logs ideally, for instance, if they are not requesting
> your form before submitting it, put a random validated session
> variable (or cookie value) into a hidden field to force them to fetch
> your form first. A more extreme technique is to give your form fields
> random names - although your fields will probably appear in a constant
> order.
>
> If they are requesting your form before submitting it, you might like
> to throttle them, e.g. if you think 10 seconds is too fast to read
> your post, author a comment and submit it, reject any submissions that
> you consider too soon. You can make this user freindly by showing a
> countdown timer by the submit button.
>
> It's also an idea to make your rejection response look exactly like
> the success response if you can.
>
> --
> Lee
> www.webdeavour.co.uk
> --
>
--
Chris Price
0777 629 0227
follow me at http://twitter.com/choctaw
check out http://spoonfulofdreams.co.uk
More information about the thelist
mailing list