Spam Protection & Security for Website Forms
Does anyone remember when simply having your phone number and email on your website contact page was a typical practice? Well, after the invention of “web-bots” that crawl websites to collect emails to build giant email lists, Contact Forms became the standard technique to prevent this activity. They were the original way to prevent spam. However, and as usual, the mischievous minded (I’m being generous here) spammers created more sophisticated programs to automate sending their spam through contact forms, which is why it’s critical to use form software that has security and anti-spam features built-in, and is frequently updated.
While eliminating spam may be a top priority, the security of your website environment should also be a top concern. Contact and other interactive forms on your website are commonly overlooked for security and can be vulnerable to attacks.
For the most part, Spam is annoying to deal with, but it can also become a serious issue left unchecked. Monster Tamer uses form software that gives you 3 ways to protect your site from spammers:
- Honeypot Technique – This technique uses a hidden field that only web bots see, but human prospects do not. When the bots come to the form, the fill out ALL fields, which essentially reveals that they are NOT human and therefore will be blocked.
- Akismet Plugin Integration – This plugin is a default plugin with WordPress installation and is used to filter out known spammers.
- CAPTCHA Field – We can also install a CAPTCHA field that requires users to “prove” that they are human by offering text or images problems that only humans can look at and solve. This technology makes it very difficult for web bots, but easy for humans. Once the problem is solved, the “submit” button is enabled.
While spam prevention is the number one feature of our form software, it also provides some critical security features as well. There are hidden features that are embedded in the software preventing attackers from accessing your website database directly through “SQL Injection,” which can be used to change tables, get information, and delete data.
Another feature is file upload security. A common use for file upload is an employment application form, where resumes or other supporting files can be uploaded. Our form software allows us to limit file size uploads and also to restrict file types. For example, we could require the file upload to be Adobe PDF file only, thus preventing other file types from being accepted. However, the software has built-in capabilities that always prevent certain file types from being upload (ex. executable file types).
For more information about Website Form Spam Prevention and Security, please contact us through our secure contact form!