Discover and share the best of the web!
Learn more about Digg by taking the tour.
Reduce WordPress Spam By Creating Fake Comment Forms For Spam Bots
onetipaday.com — Trick spam bots by giving them a host of fake forms to go through before your final one. Users will see only the single form.
ajaydsouza- 503 diggs
- digg it
- gangavalli, on 10/12/2007, -0/+3I'm going to try this right now on one of my new blogs which is getting spammed since yesterday.
- Berkana, on 10/12/2007, -0/+19The unfortunate thing about having this trick publicized on Digg is that tricks like this only work if they stay low profile, out of the attention of spammers. Once the spammers hear about it, it's only a matter of time before they come out with some way to circumvent the trick.
- kcpwnsgman, on 10/12/2007, -0/+3yeah, well, time for a new trick
- myscoop, on 10/12/2007, -0/+1lol such a simple but clever change. Should be good until the spammers notice which could be a while
- Mejogid, on 10/12/2007, -0/+13Not if it makes the front page...
- Halifax1, on 10/12/2007, -0/+12And it just did.
- JeremyBanks, on 10/12/2007, -0/+11This doesn't just screw up bots, it also screws up css-less browsers.
- subxero37, on 10/12/2007, -0/+3I use Lynx often, which, logically, being a text browser, doesn't support CSS of any kind. However, when do people actually utilize a lot of interactive sites in a CSS-less browser? I don't visit YouTube or Digg in Internet Explorer 2.0, so the CSS problem doesn't come into play so much.
- finite, on 10/12/2007, -1/+7But... Blind people! What about them?!
Dugg because it initially struck me as humorous, but upon 1.5 seconds of thought: this is actually a horrible idea, for several [obvious] reasons.
Every few weeks there is someone else who thinks their security-through-obscurity is so brilliant that they need to tell everyone about it... - twit987, on 10/12/2007, -0/+1won't this tax your server?
- spin, on 10/12/2007, -0/+3Ive been using this method for quiet some time now in the sites i develop. If your wordpress theme sucks and users turn off styles to make your site readable. (i do this for a lot of sites that put form before function), then the user will see these form elements and be confused. To get around this you need to label the spam bait forms as being spam bait. Otherwise the user will be confused.
So aside from text browsers and people annoyed by your website's theme, this is a great anti-spam technique. Just make sure you let such users know what form they need to fill out.- Rammsteined, on 10/12/2007, -1/+0Lets not forget search engines, they're blind.
- voidvector, on 10/12/2007, -2/+0Having wrote a perl bot myself, I found this really easy to foil. The bot can read the hidden tags or it can simply spam all the forms it find.
If the technique doesn't become widespread, it has a chance since bot writers probably won't bother accommodate for it. - brendandonhue, on 10/12/2007, -0/+5Blind users with screenreaders will hear every single one of those fake forms, and a bot can submit hudreds of forms per second anyway.
- Berkana, on 10/12/2007, -2/+5True. That is an unfortunate side effect. However, if blind users are going to be an extremely rare minority of users on your site (for example, if your site is Flickr, or Worth100, where your content is all visual anyhow) the trade-off of potentially annoying blind users might just be worth it if you can block spam while not annoying all the rest of your users.
The fact that bots can submit hundreds of forms per second anyway seems irrelevant if all of the submissions get blocked by failing this test.
- Berkana, on 10/12/2007, -2/+5True. That is an unfortunate side effect. However, if blind users are going to be an extremely rare minority of users on your site (for example, if your site is Flickr, or Worth100, where your content is all visual anyhow) the trade-off of potentially annoying blind users might just be worth it if you can block spam while not annoying all the rest of your users.
- Wolfboy, on 10/12/2007, -0/+7Isn't that pretty much the same as this?
http://digg.com/programming/Negative_Captcha- Berkana, on 10/12/2007, -0/+6It is indeed.
- spookyttws, on 10/12/2007, -4/+1You really how not to get WordPress spammed? Stop using that retarded service!
- kylej608, on 10/12/2007, -0/+0good tip, but i think i saw it somewhere b4 is it on here twice?
- rob1n1, on 10/12/2007, -0/+2I foresee many noobs going "WTF???" at all the 404 errors in their server logs...
- Rammsteined, on 10/12/2007, -0/+4Just use Akismet, no accessibility issues, no extra markup, no altering to include new tricks, and nearly perfect filtering of spam.
This "trick" is garbage and should be treated as such.- MagicBobert, on 10/12/2007, -0/+1While reading this article I was wondering the same the whole time. There's a really easy solution for no spam... use Akismet!
It's caught almost 15,000 spam comments on my blog and never missed a single one. It's also never accidentally caught a legitimate comment.
- MagicBobert, on 10/12/2007, -0/+1While reading this article I was wondering the same the whole time. There's a really easy solution for no spam... use Akismet!
- chronodev, on 10/12/2007, -0/+4I am not sure why someone would do this. Spambots have feelings too it will break their heart to learn theyve been filling in fake forms. Plus remember that most spambots do not do this out of choice- they were coerced into doing those actions. And once their boss finds out they have been filling in fake forms instead of real ones he will get rid of them, and when will they go then?
Just some things anyone with a conscience shoud consider before using these tactics. - shamess, on 10/12/2007, -0/+1Google bot will think you're cloaking and you'll probably get your site black listed.
- Daniel0, on 10/12/2007, -0/+2What about people with screen readers?
The Digg Toolbar for Firefox lets you Digg, submit content, and keep track of Digg even when you're not on the Digg site. Download the official 
© Digg Inc. 2008 —
Content posted by