Augie (a creative real estate investor) presented a spam prevention method idea which we’ve been talking about under a previous post this past week: HowTo Eliminate Wordpress Trackback Comment And Pingback Spam. The basic idea is to provide an extra input field which is hidden to a user when viewed normally from the browser. This means if you check your form data when a submission is being processed, you can determine if the field is still empty. If it is filled out, then a bot must have auto filled the field.
Spam Field Details
The naming convention used on a hidden field should be named “email” or “url” to trick the bot. Your real email field will then of course need to be named something else. A small price to pay for less house cleaning.
Another key to all of this is to wrap your trap (haha) in a DIV so that the a bot cant tell that the field is hidden. Marking it with type=”hidden” on the input tag itself is a bit of a giveaway. Assigning an id or class to the div and specifying display:none; would cause the bot a lot of extra work which most probably aren’t programmed for. You could also use a built in id or class directly on the div to specify it as a hidden field.
Hidden Input Field Code
Here is an example of what your code would look like:
CSS code would look like this:#email {display: none}OR if you're doing it by the div:.specialfield {display: none}Your form would look something like this:<form method="post" action="yourformprocessor.php"><div class="specialfield"><input id="email" type="text"></div><input id="realemail" type="text"></form>- Download this code: 1113spamformcode.txt
Using Hidden Fields
It isn’t too much of a stretch to add this to a custom solution or implement it into a Wordpress comments or form plugins because id’s and classes are assigned to input fields by default. If you’re not already using a form plugin check out:
cforms II or Contact Form 7 (my preference).
If I get enough requests I’ll write a post which explains how to implement this into Wordpress comments in a similar manner in which I setup the Enhanced Numbered Equation CAPTCHA.
The More Spam Defense The Better
I don’t have a lot of experience in using spam bots, but this is a promising way to enhance our line of defense against spam. More importantly, its not intrusive on a users browsing experience. Unlike a CPATCHA, it requires a valid visitor to do nothing!
If you have any thoughts or comments, about this spam technique, leave them below.
Entrepreneurs, Subscribe For Instant Updates.
I have set up the hidden field. However, how do it I set it up for the field to be checked and, if there is data there, have the submission rejected?
Thanks!
You’ll need to know a bit of PHP to do it. This post is not a full guide.
hey paddster heres the code youre looking for
hopefully it shows up doesnt get filtered out
my first comment didnt work, but remove the slashes from the php tags and that is what youre looking for