Form spammers are one of the most annoying things facing website owners and developers. These are the guys which create automated bots to fill in your forms with spam, in the hope that it will be posted on your website. Thankfully, there are ways around this!

Our blog is constantly under attack from these spammers and so we’re always adapting our website to counteract their work. Today, we implemented a security code feature, also know as a CAPTCHA. You may have seen these on many websites, which require you to type in a code which is displayed in an image.

This CAPTCHA prevents automated spam bots from successfully completing a form, since they are not clever enough to read the security codes (although I’m sure they’ll crack it one day - and then we’ll develop a new system, which they’ll crack, and then we’ll create a… you get the idea.).

The CAPTCHA is not an ideal solution by far and we regret to resorting to these measures. The reality is that you will see a lot more of this over the next few years as spam bots develop and website owners increasingly fight back.

Create your own CAPTCHA!

We will shortly write an article on preventing spammers with a tutorial on how to implement a CAPTCHA facility into your website. In the meantime, here’s a quick fix to stop 75% of spam using the popular server-side programming language; PHP.

Check the Visitor’s Browser
Using PHP we can check the browser of the visitor completing your form. Most spammers do not identify themselves with a browser so we can easily check this using the following code:

<?php

#get the browser name (tag)
$browser = $_SERVER['HTTP_USER_AGENT'];

#if the browser is blank send them away
if ($browser == ''){
die("Your browser tag is empty. You must be a spammer!");
}

?>

Further information

To read more information on CAPTCHA’s visit the following useful links.

• CAPTCHA on Wikipedia
• The CAPTCHA Project

PHP/MySQL Programming