If you have ever added a contact form to your website you are no doubt, more than aware of the problems spammers can create. Thankfully there are two very easy to implement solutions that will reduce (and hopefully) remove all your contact form spam CAPTCHA and Akismet.
CAPTCHA
CAPTCHA stands for Completely Automated Turing Test To Tell Computers and Humans Apart – which is fancy geek talk to say CAPTCHA is a way to test that the person filling out your form is actually a person and not a spammer or robot. The usual way this is done is by showing the user a picture of a word or two (usually obscured) and asking the user to correctly decode it before be able to submit the form.
Using CAPTCHA to protect your contact form
One of the simplest ways to implement CAPTCHA on your contact form is to use http://recaptcha.net (as service that provides the added bonus of helping to digitize books at the same time). Implementation is very easy and usually only involves signing up and copying the sample code.
Problems with CAPTCHA
The biggest issue with CAPTCHA as a method of protecting your contact form is that spammers are slowly working out how to read the CAPTCHA images and submit spam despite your protection.
Users also have trouble using CAPTCHA and testing has shown as many as 26% of people with abort a form send because it has a CAPTCHA requirement. I don’t know about you but I can’t afford to lose that much potential business.
Using a Spam Filter to protect your contact form
Anyone that has used WordPress for any length of time is more that aware of how capable Akismet is at detecting and blocking spam from their blog comment forms. What most people don’t realise is that you can harness the same power that wordpress does to protect your own contact form from spam.
Using Akismet to protect your contact form from SPAM
- The first thing you need to use Akismet to protect your form is a WordPress.com account. Once you have that login and go to your profile page and record your API Key.
- Download the latest PHP5 libraries from http://akismet.com/development/
- Replace your mail send code with something similar to the following:
<?php
require_once("includes/Akismet.class.php");
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
$url = ""; //my contact form doesn't require a URL modify if your's does
if (isset($email) && !empty($email)) {
$apikey = 'AKISMET_API_KEY';
$blogurl = 'http://domain.com/';
$akismet = new Akismet($blogurl ,$apikey);
$akismet->setCommentAuthor($name);
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentAuthorURL($url);
$akismet->setCommentContent($message);
$akismet->setPermalink('http://andrewbleakley.com/');
if($akismet->isCommentSpam()) {
$myFile = "spam.txt";
$fh = fopen($myFile, 'a') or die("can't open spam file");
$stringData = sprintf("Name: %s\r\nEmail: %s \r\nMessage: %s\r\n------------------------------------\r\n",$name,$email,$want,$message);
fwrite($fh, $stringData);
fclose($fh);
} else {
$header = "From: " . $name . " <" . $email . ">\r\n";
$to = "mail@domain.com";
$subject = "domain.com website contact";
$body = "I want: " . $want . "\r\n" . $message;
mail($to,$subject, $body, $header);
}
}
?>
The code snippet above will send your contact form details to Akismet to be tested for SPAM. If it succeeds it will continue mailing you the contact, if it fails the Akismet Is SPAM test it will store the contact in a file named spam.txt in the same folder as your contact form.
The original code snippet just ignored SPAM messages but I am not that quick to disregard possible work so I save them and make a habit of scanning the spam.txt file from time to time.
I hope you get something out of this code, if you want help implementing it at your end, feel free to hire me for an hour or so and I will tailor it suit your circumstance.
Related posts:
