If you have an online form on your website, then you will get spam. That’s the inevitable truth of running a website in 2020.
Any time you publish a form or survey online, it’s likely that you receive some inaccurate or fake information from pranksters, spambots, or people who don’t want to provide their true details.
There is a better way
To this day, Completely Automated Public Turing Tests To Tell Computers and Humans Apart (CAPTCHAs) are still one of the most efficient ways to prevent bots from spamming your website.
Interesting enough, Google acknowledge their CAPTCHA text is so complicated that even humans only solve it 87% of the time.
The challenge remains; bots are getting smarter every day and people are getting frustrated having to solve ridiculous CAPTCHA challenges.
The good news is that there are alternative solutions to CAPTCHA that provides protection and a much better user experience. Here are a few tips and options to help you fight spam:
1. Add SSL to your website
If you’re collecting sensitive data on your website, like login details or credit card information, the #1 thing you need to do ensure your form’s security is to add SSL to your site. Hackers can collect your personal details when you fill out a form and submit without a secured connection. This information can then be used to generate targeted spam messages or a variety of cyber-attacks.
There is an easy way to check if a website has a valid SSL certificate. Just look at the browser address bar, on the left side of the address bar there is a padlock symbol. If the padlock is unlocked it means the website is insecure.
By clicking on the padlock, you would see more information as below.
2. Use a Trusted & High Quality Website Hosting Provider
A good managed WordPress hosting will block brute force attacks and some bots from reaching your website to begin with. This significantly reduces the traffic to your website and increase user experience when the website is not always jammed.
3. Google reCaptcha
Google reCAPTCHA is a free service that protects your website from spam and abuse. reCAPTCHA uses an advanced risk analysis engine and adaptive challenges to keep automated software from engaging in abusive activities on your site. It does this while letting your valid users pass through with ease.
You can demonstrate that you’re human through a click of “I am not a robot button” or with the image labelling as we see today.
If the program flagged your machine as suspicious (mainly because you haven’t visited this website before) then you might have to do an image challenge. Which can be fun! Maybe?
4. The Honeypot Method
Honeypots are extra bits of code used to catch bots without impacting user experience. The most common example of this is the hidden form field. Normal users can’t see or enter data into hidden fields and spam bots often fill out every field on a form programmatically. Therefore, hidden fields with data must come from spam bots. Caught you spambot!
5. Configure Your WordPress Discussion Settings
Before you install any anti-spam plugin, you should configure your discussion settings correctly. They are located in the Settings section of your admin area.
Go to Settings > Discussion and you’ll see all kinds of options WordPress has for cutting down on comment spam. What you see below are some default options that are very helpful, so I recommend sticking with them.
6. Keep Anti-Spam plugins up to date
While you should be regularly updating all your plugins, it’s important to pay special attention to any spam plugins you’re using, e.g. Akismet. They frequently release updates that catch the “latest and greatest” spambots. So, if you’re slow to update, make a note to remind yourself.
Our talented team of web developers and digital marketers will help you get on top of the serious threat of spam bots, while enhancing your user experience at the same time.