« Flying to Richfield | Main | Pittsburgh's Diaspora: Coming Home to the Motherland »
A Simple Solution to Form Spam
A few weeks ago, Britt Blaser sent me a link to a technique for using CSS to fight form spam.
The idea is simple, you add an extra input field to your form and use the CSS visibility property to hide it. The input field won’t be visible to humans, but will appear normal to a spambot crawling the Web filling in forms. On the back end, you look for values in that field. If the form returns a value for that field you assume that a bot filled it in and discard the session. If the field is empty, then likely a human filled in the form.
I’ve implemented this on a form on my site that used to generate 10-12 spam responses a day and haven’t had a single spam message come through since. The solution is easy and doesn’t inconvenience users in the least. Perfect.
Posted by windley on July 19, 2007 12:05 PM
Comment from Michael at July 19, 2007 12:53 PM
Great idea. Every time I fill out one of those Captchas I would think "there has to be a better way." As usual the better way is very simple.
Comment from Dave Ross at July 19, 2007 6:37 PM
That's kind of crappy for accessibility, though, isn't it? Are screen readers smart enough to know when they shouldn't even bother trying to describe an invisible field?
Comment from Chris Wood at July 26, 2007 1:34 PM
Accessibility is easy to address. When you make the form's visibility invisible, do the same with a label that says, "Leave this field empty." But I think that eventually, a BOT will recognized the css property on forms.
Comment from Nick Mudge at August 12, 2007 11:22 PM
Awesome solution.
Leave a comment
I encourage you to leave a comment below. Your email address will not be displayed on Technometria, but allows me to communicate with you directly. Your email address won't be displayed, but will be used to compute a MicroID for your comment.