Tricks to protect forms from SPAM

Anti spam , safeguard from spammer

Anti spam , safeguard from spammer


Everyone aware with the name of spam and spammer.

Spammers are annoyingly everywhere !

You get spam comments on blog daily. And luckily most of them are caught by spam filters. If you didn’t have a way to protect your Web forms from spam you wouldn’t put them up. As the volume of spam coming  is so large that you could easily spend all day cleaning your website.

Because of all this spam, in order to use forms on the Web, you have to do something to protect yourself from the spammers. There are several options:

  • Don’t use forms
  • Use automated filters and manual filters
  • Use CAPTCHAs
  • Use CSS or JavaScript to fool spam bots


Let’s examine each option one by one

Don’t Use Forms

Form protector

” This is the simplest way to protect against form spam. “

As the Hindi phrase goes ” na rahega baans, na bajegi bansuri “  ( Means : without the bamboo there can be no flute).

But if you need to interact with your readers you need to have some type of contact information on the page.

Putting an email address on the page is a bad idea, but if you’re not going to use HTML forms, then your only other option is a phone number. And many people won’t pick up the phone if they are online. Online Chat option is  also a good option. 

But if your business can support it, this is the best way to prevent spam – don’t let it even start.

Use Automated and Manual Filters

automated and manual filter

Automated filters – Are done by computers

Manual filters – Are done by you or another person

Automated filters work fine. They catch the majority of spam that comes through things like blog comments. But spammers are constantly trying to outwit them. So your spam filters need to be constantly updated and things will still get through.

Manual filters work even better, because you are making the decision yourself as to what will go live on your site.

This is how most of forms are handled on website.

You put them through an automated filter to get rid of the majority of the spammers and then weed out the rest by hand. If you get a lot of form entries, this can take a long time, but is the most effective way of preventing spammers from getting through.

 Remember however that this won’t stop them from attacking, the attacks just won’t show on your Web pages.



A CAPTCHA is a visual image (usually of a series of characters) that are written in a strange font and are difficult to read. They are supposed to be impossible for a computer to read, but a human can read them. Then your readers read the text, fill in the correct letters, and their form is submitted.

CAPTCHAs don’t work well for a couple reasons, not least of which is that

  • They have been beaten and spammers will waste no time capitalizing on that.
  • CAPTCHAs are bad is because they block legitimate users from using your form.
  • Many people find them very difficult to use.
  • if you’ve ever been blocked by a CAPTCHA that you’re sure you’re typing in correctly, you know how frustrating that can be.

If the CAPTCHA is on a blog comment, that’s one thing, but if it’s on a support form that might result in more unhappy customers who become ex-customers. Which is bad.

Use CSS and JavaScript to Fool Spam Bots

fool spam bot

One another way to protect forms is to use CSS and JavaScript to fool spam bots.

Many of the spam bots don’t read JavaScript, or they don’t read it well, so you can encrypt an entire form in JavaScript and block the spam bots from seeing it. Your readers will only have a problem if they don’t have JavaScript turned on.

One way that I like to fool spammers is to add CSS to forms to hide certain fields. When the spam bot comes in and reads the HTML, their bot sees that form field and fills it in. Then when you get the results any entries that have that field are automatically deleted. To do this use the display:none; property on the field. Web browsers will leave that form field completely off the page, but spam bots will see it in the HTML and fill it in.


What should we do ?

Spammers are always updating how their robots work, so for best results you should use a combination of methods to protect your forms.

And don’t get too frustrated when spam gets through. Just delete it and move on.