Do you have a problem with spam bots completely overriding whatever checks you’ve currently got?

I had a simple solution to this problem, and it slowed spam bots to a crawl. The only ones coming through after that were human spammers. This is for a site that had at least 2,000 registrations a day.

In our registration form, simply have a new textbox:

Remove the text: <input type="text" name="remove_text" value="<?php echo $seed; ?>">

In our PHP we have:

<?php
$seed = sha1(rand(456, 25000) . 'blaaaahblaah' . (6*6)); // you can use anything
?>

Then we check to see if the remove_text POST value is indeed empty, if it is… continue with the registration.

Of course, this isn’t a sure fire way, but it is different. Most people will use something readily made (e.g. Captcha) however, whatever is popular will have people trying to crack it.

You can use the same idea to create “Questions”. So if your user is about to sign up, you can go: “What color is the sky?” and if they answer “Blue” then finish the registration!

If you have any tips that you’d like to share with us regarding this, post a comment.

Tags: no more spam, no spam, PHP, spam bots