Rather than employ basic captcha style 'I am not a robot' tests, here are a few more subtle approaches to explore.
When the form is submitted you will know this must have been written by a spambot if the honeypot field has been populated, so the submitted form can be ignored.
Once installed, it works quietly in the background and does not affect the user experience when completing the form.
Spambots are becoming more sophisticated and are able to detect simple honeypot tactics. To keep one step ahead, you must ensure you have the latest honeypot module updates.
To use this service, you need to register with an RBL checker. Some offer a low-level free service where you can upgrade if you need a faster or more in-depth service. The RBL checker will be kept up to date by users reporting suspected spam from IP addresses anywhere in the world.
Every time your form is completed, your server will pass the client IP address to the RBL checker. If the IP address is found, you know that this form submission is very likely to be spam.
Once installed, it works quietly in the background and does not affect the user experience when completing the form.
The speed performance may be affected as the connection to the RBL checker may take several seconds to return with a response.
If no movement is detected, then antibot will deduce this is not a human and the spammer will fail to enter any field data.
Once installed, it works quietly in the background and does not affect the user experience when completing the form.
The modules requires javascript to be enabled. If javascript is disabled, instead of the form, a message will appear telling the user that the form requires javascript in order to use it.
This will prevent spam bots submitting thousands of submissions to your site into a spam email relay.
Once installed, it works quietly in the background and does not affect the user experience when completing the form.
This is not a true anti-spam tactic as it does not provide any protection on the forms.
Google reCaptcha is armed with the state of the art anti-spam technology to protect you from the most advanced spambots.
Despite its claims to be user friendly, analysis shows that up to 18% of users give up when asked to verify they are not a robot using reCaptcha.
The Google reCaptcha is the only anti-spam mechanism that requires human interaction. It is recognised as the most effective captcha-style system, but it has serious drawbacks in terms of putting people off completing the form.
Honeypot, RBL, anitbot and form flood control are all unobtrusive and can be enabled to offer a good level of protection. A pragmatic approach would be to only enable Google reCaptcha if you feel that incoming spam is reaching unacceptable levels.
If you are running marketing campaigns, it may also be worth switching off Google reCaptcha to avoid detering potential enquiries.
