Preventing Spam Contact Form Submissions
- November 02, 2022
- Bradley Taylor
Every webmaster or business website owner has received their share of spam via their website’s contact form. Thanks to tools like Google’s captcha system, contact form users have to solve a simple picture puzzle before they can submit the contact form. This cuts back on spam greatly. But the bots are getting better and smarter. Google recaptcha users are routinely receiving spam submits now.
There are other plug-ins for WordPress which can help. Askimet is one of the most popular for cutting back on spam comments. It does a decent job but just like with Google captcha, bots are starting to figure it out.
There are other, more complex puzzle solving plug-ins which make it harder for spam bots to send you junk. The problem is that they also make it harder for real people to contact you too. With hCaptcha, you have to solve two different sets of puzzles before the form will go through. You can see an example of hCaptcha at our client here: Melbourne FL Pest Control
Putting Email Addresses on Websites
Some business owners insist on putting their actual email address on their website. It is true that this does make it super easy for customers to contact you but it also means that you will be spammed and that is a 100% guarantee.
There are actually bots which surf the web specifically with the goal of harvesting email addresses. You will be put on every spam mailing list there is.
One way around this is the spell out the email address and replace @ with (at). The person copying and pasting it will understand to replace the two when transcribing it.
Example: olympusbrad (at) gmail.com
Bots are not smart enough to figure out this hack. Yet.
We install Askimet and Google captcha on all of our clients sites. If they request a more powerful spam prevention solution we usually go to hcaptcha. It takes about 45 mins to an hour to get it all set up and tested for the client.
The last option to prevent spam is to create an image with your email address on it. You can place a note that the user needs to physically type the email address into their email program to contact you. Its the most rudimentary approach but it works.
Here is an example: