Thread

Dhayanandhan

Software Developer

Feb 3, 2016

Is there any way to avoid captcha validation completely and still secure Forms from spams?

Could you share the strategies you have followed to avoid captcha completely (Even avoiding showing random pics etc) and still be secure.

Can you suggest me some other solutions that does not involve any action from the user.

#html5 #javascript #programming

Responses(3)

Jan Vladimir Mostert

Idea Incubator

Feb 3, 2016

Include some fields which are hidden by CSS, but that has names such as email, first-name etc. If a human fill in the form, they won't fill in those hidden fields, if a bot fills in the form, they will probably fill in those fields in which case you can ignore those submissions.

Alternatively, you can track mouse cursor movement, if there's no mouse cursor or onclick triggered when the form is submitted, then it's probably also a bot.

Daniel Greene

Maker of things

Feb 4, 2016

This is awesome. :D Are you using this method in any live projects?

Majority of sites I work on simply include an email address these days (most of my work is in the corporate space) - nobody enjoys sending an email via these contact forms; content (names, emails, photos, etc) of these contact us pages are then loaded via JavaScript, so the majority of bots will never be able to see the email address unless they can also execute JavaScript, most can't. So no, not using it anywhere at the moment, not using contact forms at all.

Ben Adrian Sarmiento

Engineering Manager @ Foodpanda (Delivery Hero)

Feb 4, 2016

CSRF protection may or may not save you from spam attacks but should be present anyway.

Uriel Hernández

Web developer

Feb 6, 2016

This article may help: https://davidwalsh.name/wordpress-comment-spam

Search Hashnode

Is there any way to avoid captcha validation completely and still secure Forms from spams?

Responses(3)

Recent threads