最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客

Stop SPAM from custom form

programmeradmin1浏览0评论

This form is receiving a lot of spams and I would like some advice on what I can do to prevent it.

I should not use any plugins nor any Captcha.

 function innerpages_form($atts, $content = null)
{
    session_start();
    // Attributes
    extract(
        shortcode_atts(
            array(
                'title' => '',
            ),
            $atts
        )
    );
    // Code
    //global $wp_session;

    return ' <div class="sell-fast-form">


    <form action="/sell-now/" method="post" id="myForm">

    <h2 style="color:#f15a29">Need To Sell Your House Fast?</h2><br>

      <h2>Property Address</h2>
                <input type="text" class="Property_Address" name="Property_Address" id="addr" placeholder="Property Address" value="" required >

                <h2>Phone</h2>
                <input type="text" class="Phone" name="Phone" placeholder="Phone" id="Phone" pattern="^[(]{0,1}[0-9]{3}[)]{0,1}[-\s\.]{0,1}[0-9]{3}[-\s\.]{0,1}[0-9]{4}$" required title="xxx-xxx-xxxx" >
                <h2>Email</h2>
                <input type="Email"  class="Email" name="Email"  placeholder="Email" id="Email" value="" required >
                <input style="display:none;" type="text" name="robots" value="" />
                <input type="submit" class="click_here" onsubmit="return myFunction();" value="&nbsp; &nbsp; &nbsp; &nbsp; GET MY FAIR CASH OFFER &nbsp; &gt;&gt;&gt;"/>





  <script>
        function myFunction() {
            document.getElementById("myForm").submit();
            return false;
        }
        </script>
</form>

        </div>

      ';
}
add_shortcode('innerpages_form', 'innerpages_form');

This form is receiving a lot of spams and I would like some advice on what I can do to prevent it.

I should not use any plugins nor any Captcha.

 function innerpages_form($atts, $content = null)
{
    session_start();
    // Attributes
    extract(
        shortcode_atts(
            array(
                'title' => '',
            ),
            $atts
        )
    );
    // Code
    //global $wp_session;

    return ' <div class="sell-fast-form">


    <form action="/sell-now/" method="post" id="myForm">

    <h2 style="color:#f15a29">Need To Sell Your House Fast?</h2><br>

      <h2>Property Address</h2>
                <input type="text" class="Property_Address" name="Property_Address" id="addr" placeholder="Property Address" value="" required >

                <h2>Phone</h2>
                <input type="text" class="Phone" name="Phone" placeholder="Phone" id="Phone" pattern="^[(]{0,1}[0-9]{3}[)]{0,1}[-\s\.]{0,1}[0-9]{3}[-\s\.]{0,1}[0-9]{4}$" required title="xxx-xxx-xxxx" >
                <h2>Email</h2>
                <input type="Email"  class="Email" name="Email"  placeholder="Email" id="Email" value="" required >
                <input style="display:none;" type="text" name="robots" value="" />
                <input type="submit" class="click_here" onsubmit="return myFunction();" value="&nbsp; &nbsp; &nbsp; &nbsp; GET MY FAIR CASH OFFER &nbsp; &gt;&gt;&gt;"/>





  <script>
        function myFunction() {
            document.getElementById("myForm").submit();
            return false;
        }
        </script>
</form>

        </div>

      ';
}
add_shortcode('innerpages_form', 'innerpages_form');
Share Improve this question asked Aug 13, 2019 at 2:10 stemonstemon 1551 silver badge8 bronze badges
Add a comment  | 

1 Answer 1

Reset to default 1

I've been studying (and blocking) automated form spam for years. Most advice relates to hidden fields, CSS tricks, 'stupid' questions ("what is 1+3"), and others.

And the reason that those tricks (and others) don't work with automated spam bots is that they don't 'see' your form, they just post to it. They scrape the form, grab the form fields, and use automated techniques (like CURL) to post to the form. (I wrote a post about how they do it here:

So, you have to hide things. I've developed a process (free) that obfusticates the submit form, using JS delays (among others), and can implement reCAPTCHA (which is a good start, but not complete). The result is a 'contact' form (which can be modified to add other fields) that has not been successfully attacked by spam-bots. (In fact, I challenge anyone to spam-bot the form on that site, and none have after years of using the technique - which I have improved over the years.)

All of the code is free, and available at my FormSpammerTrap site. I send it to anyone that wants it, and don't use (or keep) the emails of those that request it. I think it is quite successful at blocking automated spam. All the details are on the site.

I welcome automated attacks. Always have. Never get any.

与本文相关的文章

发布评论

评论列表(0)

  1. 暂无评论