JM's Blog

Web, Society, Technology, and Innovation

« February 2006 | Blog Home | August 2006 »

March 19, 2006

A simple trick to help prevent form spam (2)

This is a more sophisticated setup of this blog comment spam prevention tactic. I've implemented this several weeks ago and it seems to work well.

  1. After changing the URL of your blog's comment executable, encode the new URL here. For this, enter your URL where indicted "Step 1: enter your e-mail address". Copy the code given to you and extract the strings string1 and string2, which look respectively like FPZEVPKWZXDS2M and %27%23%3E%237%23/1%3C7+1S%3F.
  2. Place the following code after the <head> tag of the page, after replacing string1 and string2 by their actual values:
    <script type='text/javascript'><!--
    function blurl(){var v2="string1";var v7=unescape("string2");
    var v5=v2.length;var v1="";for(var v4=0;v4<v5;v4++)
    {v1+=String.fromCharCode(v2.charCodeAt(v4)^v7.charCodeAt(v4));}return v1}
  3. Locate the comment form in the template of your blog, and remove the action attribute specifying the URL of the executable used to process the form results.
  4. Finally, add this.action=blurl() to the onsubmit handler of the form:
    <form method="post" onsubmit="this.action=blurl()"> ... </form>

Updates: There is an updated version of this document, and you can now get free comment spam protection with FormSmarts.

Unprotected email addresses on blogs get spammed

How many of the owners of the 10 millions existing blogs show their email address on their blog, ready for spammers to collect?

A study shows that out of the many ways email addresses are collected online, 97% of spam originates from addresses harvest on websites or blogs. Our own study shows that it takes as little as two days after an email address is published online before it gets spammed.

It's of course legitimate to publish you email address on a personal blog, but there are few reasons why you should not protect it from spam. This page shows you to generate an encoded link and integrate it with your template.

Copyright ©2008 Syronex