Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: phranque
I'll have to apply the solution to many sites, which is why I'm hoping to find something simple.
The second easiest thing to do is check for URLs. Normal people don't put dozens of web addresses into a form, spambots generally do.
That's been surprisingly effective. I'm sure that someone will come up with a way around it eventually, but it's working now.
2. Cleanse your data. Accept only character sets [A-Z0-9(and punctuation)]. From there, once you figure out what spammers are trying to do, it's pretty easy to stop them by filtering out their input.
3. Netmeg's hidden field is one approach. Use it. Also set a cookie, on form load, and read the cookie for a matching value on submit.
4. If the above doesn't slow them down or lead you to a way to close the door, some form of challenge/response field will help. You can use a CAPTCHA, but not only are these as hated as pop ups, they are hackable. Some members here use a simple question and answer response: "What is 4 + 7?" "What is the color of blood?"
Deeply discussed here [webmasterworld.com]