When CAPTCHA does not work anymore...

In an Opens external link in new windowearlier post I explained how I used CAPTCHA to prevent blog comment spam and it worked fine for a while but after some months it became clear that the spammers have found away around it. My site was filled with hundreds of spam comments so I just temporarily disabled the ability to post comments on my site.

You may notice now that it is possible to post comments again but there is no CAPTCHA nor any spam. Here I will explain my new solution for preventing spam and how to do it:

Comment spam protection in less than 10 lines of JavaScript

The actual code, followed by an explanation below:

$(document).ready(function() {
SPAM_BE_GONE = setTimeout(function() {
$('#commentform').attr('action','###ACTION_URL###');
}, 5000);
});

Basically what I have done removed ###ACTION_URL### from the <form> tag in the ve_guestbook template and then used the JavaScript code above to put it back in after 5 seconds when the page is loaded. This makes spam bots enter the site and submit a comment to the wrong url. In order for spam bots to bypass this they would actually have to parse JavaScript and wait 5 seconds, which I doubt will happen.

By the way, in the code above I made use of Opens external link in new windowthe jQuery library but it could have been done without that just as easy. Basically all you are doing is setting a timer and changing an attribute, wether its done in jQuery, protoype, yui or plain JavaScript is up to you.

You can view the source of this page to see what the code looks like after the template has been parsed.

Leave a Reply

remember my information