Protecting submission form from bots without using captcha?

by Haship
7 replies
Is there a good way to protect a submission form from bots without using captcha?
#bots #captcha #form #protecting #submission
  • Profile picture of the author BDazzler
    There's a wordpress plugin called anti-captcha. It uses a nonce to validate the form. The concept is pretty simple. If you aren't using wordpress, you can take a look at the code and see how it works.

    Something like this also works:
    Stop spam without captcha - Stack Overflow

    This page is referenced in that link and is worth a look on its own:
    http://www.braemoor.co.uk/software/antispam.shtml
    {{ DiscussionBoard.errors[9678110].message }}
  • What some sites do is generate a random variable on the submission page which is then "submitted" along with the other data. The backend checks if the random variable is correct and if not rejects the form. It's not foolproof but it's a deterrent.
    Signature
    http://premiumwebtechnologies.com

    Affordable, Wordpress plugins & Web Applications
    {{ DiscussionBoard.errors[9678841].message }}
  • Profile picture of the author jasonwebb71
    1234567890
    Signature
    Now I remember why I left here many years ago!
    {{ DiscussionBoard.errors[9705688].message }}
  • Profile picture of the author Vin Venture
    As has been mentioned, a good way of doing this is to include a hidden field that most bots will fill out and submit, then reject submissions with that field. Something else you can do in conjunction with this is to track the submission time, it's very rare to find a bot that adheres to realistic human input time. So if check if your form was submitted in under a second or two and reject these submissions.

    Both of these methods together will likely be as effective as the majority of captchas out there!

    There are some fun captchas though, I'm a personal fan of Motion Captcha.
    {{ DiscussionBoard.errors[9705806].message }}
  • Profile picture of the author DJL
    I include a randomly generated question on my contact form, e.g.,
    "How much is eleven times twelve?"
    Aside from bots, this may also filter out some inordinately stupid humans.
    Signature

    None are more hopelessly enslaved than those who falsely believe they are free.
    --Johann Wolfgang von Goethe, Elective Affinities (1809)

    {{ DiscussionBoard.errors[9931397].message }}
    • Profile picture of the author Joe Ray
      Originally Posted by DJL View Post

      I include a randomly generated question on my contact form, e.g.,
      "How much is eleven times twelve?"
      Aside from bots, this may also filter out some inordinately stupid humans.
      A randomly generated question is basically a captcha. Here is the definition of captcha: "a computer program or system intended to distinguish human from machine input"

      The OP wanted to know how to handle this without a captcha.
      {{ DiscussionBoard.errors[10458132].message }}
  • Profile picture of the author TheCrazyCoder
    To cover such goal I do custom JS code which execute few expressions with screen and mouse - bots doesn't have them. And little of bots can execute JS at all.
    {{ DiscussionBoard.errors[9931659].message }}

Trending Topics