A simple trick to help prevent form spam
If you have a blog or a webpage with a guestbook facility, you will have certainly experienced automated posts known as comment/form spam.
There is a simple thing you can try to prevent spammers from posting to your blog: make it more difficult for them to find how to post to your site using automated means. The HTML code for submitting a form looks as follows:
<form method="post" action="http://www.example.com/bin/comment">...</form>
The action attribute above specifies the web address (URL) of the executable used to process the form results. Simply remove it and add an onsubmit attribute as shown below.
<form method="post"
onsubmit="this.action='http://www.example.com/'+'bin/post-a-comment'">
...</form>
I have made two changes. I now use a trivial JavaScript snippet to build the URL of the executable, and I have renamed it. The reason for using JavaScript is because comment-spamming programs are most unlikely to be sophisticated enough to understand it. Since once spammers have found a comment posting URL they will keep it and reuse it every now and then, I have also renamed the executable to start with a fresh URL.
Update: The code above is shown for demonstration purposes only. if you are thinking of implementing this setting, you should use a more serious procedure. It doesn't involve much more work.
Update: You can now get free comment spam protection with FormSmarts.