Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
The forgotten spam epidemic
#1
When most people talk about spam, they're referring to junk mail, the casino and viagra ads that pour into your inbox on a daily basis. But email is only one tool in the spammer's armoury. He will also make heavy use of spambots that crawl over the web looking for forums, guestbooks, blog comment pages and more. And if your site isn't protected, he will post whatever he can there, irritating your regular visitors and making you look very unprofessional. So what can you do?

If your guestbook is a simple, free script, then it probably won't have any built-in spam protection. But this needn't be a problem, as there are many capable alternatives that you can use instead. Nobot Guestbook (tabish.freeshell.org/nobot), for instance, takes the classic Matt's Guestbook script and adds a custom captcha. Visitors have to enter a code number contained in an image before their guestbook entry is accepted — something easy for people, yet extremely difficult for spambots.

More substantial applications, such as forums, usually have similar built-in systems of their own, although these may not always be easy to find. In vBulletin, for instance, you need to click vBulletin Options > Image Settings, and take a close look at the Image Verification settings. As long as the library is set to something other than None, visitors will have to identify a string of characters in an image in order to register as members.

Not everyone likes the conventional captcha approach, though, and it's not difficult to see why. Some overdo the complexity, with random fonts for the characters, different angles, colours and font sizes, as well as overlaying the image with random shapes. The end result can confuse people just as much as spambots, and overusing this technique could drive visitors away.

What's more, there are some smart ideas around that can defeat many bots without any of the captcha hassles. If you're protecting a form, for instance, then try creating an invisible field; an editable box that you've made invisible to the user. Human visitors
will leave this empty, but bots just look at the page source and will usually complete it. Check the field before posting your form, and if it's completed, reject the entry.

Spammers learn quickly, of course, so tricks like this won't work forever. But then there's plenty more you can do, too.
Support
Webnetics UK Ltd.
Reply


Messages In This Thread
The forgotten spam epidemic - by webnetics - 03-12-07, 06:36 PM

Forum Jump:


Users browsing this thread: 3 Guest(s)