How to Prevent Human and Bot Spam Contact Form Submissions

Business owners and SEO’s alike, we’ve all been there.

Whether it’s in our inbox, we see it in analytics, or look in a CMS form plugin, we see that a form was submitted! Someone was browsing online, they found us, and maybe they want to learn more about our services or a product.

You go ahead and read the form submission.

‘Hi, I’m so and so with some company. I provide high quality link building services…’ or the form has a sketchy link, with randomly input information, sometimes including inappropriate material.

DELETE. Talk about a buzzkill! Not only did it get your hopes up, but it wasted your time, and while visiting your website the solicitor or robot also skewed your analytics data. To anyone actively utilizing their website and/or pursuing a growth in presence online, this happens far to often. At webFEAT we’d had enough of this, so we’re working to put an end it. We’re hopeful that by walking you through solutions for human and bot contact form spam prevention, we’ll save you some stress and hassle.

*NOTE: These recommendations apply to PHP, HTML, and really all form framework. If you’re struggling any form issue using these or other programming languages, we can help!

Preventing Bot Spam

The solution for preventing bots from filling out your forms is simple: reCAPTCHA. reCAPTCHA is a free security service from Google that differentiates humans and bots.

You install it on your website with a form, which you may need a developer for, because it requires some code adjustments and to sign up for an API key pair. Along with that, these reCAPTCHA’s can become deprecated over time, requiring an update or reinstall. At webFEAT Complete, our web devs have added reCAPTCHA’s to websites and maintained them time and time again, and we’re happy to set it up for you too if you’d like us to. Contact Us

Once installed, it’s easy for humans to check the box, and answer a simple question. For example, an image with 9 squares may appear of a road, and it will ask you to select the squares with cars.

reCAPTCHA on a Website

Learn more about Google reCAPTCHA

You can also use akismet, which we discuss below.

A final tip: Don’t put “mailto” email links on your website.

Preventing Human/Manual Solicitations

These messages may appear robotic, given their template-like feel. However, the solution here, not as simple. Here are a few steps you can take:

  • Put a note above your form, or just prior to submission to discourage solicitors from filling it out. For example: “Please do not use this form to solicit products or services. Thank you.” or “You acknowledge that this form is not for product/service solicitations”. If this method was taken, it is important to be careful with your wording. You don’t want to discourage legitimate inquiries
  • Use akismet to try and filter spam based off the name, email and URL input to the form. It primarily helps with bots and comments, but may be helpful with low-quality contact form submissions too. We’ve used it before, and it catches comments well, but we still receive a decent amount of sales-related contact forms submissions
  • Actively block IP addresses from spam form completions when they do come through. Many forms show the IP address

I was surprised and disappointed at the lack of resources out there on this topic, but I’m hopeful this post can start a discussion on additional ways to prevent or limit these solicitations, and maybe even spur some tests! I will be running some, and update this post in the future with my findings.

For all the solicitors/sales reps out there filling out hundreds of forms and hoping for the best, please stop. This article by Randy Milanovic explains why, and provides better approaches you can take.

We can help

If you’re having issues with contact form completions, please contact us. We’re experienced with website security, adding reCAPTCHA to websites, and can also help if you’re getting a lot of spam sent to your email inbox. Our network/technical team sets up and manages email accounts, and developed their own filter that can help manage spam. Suspicious items will go into a “quarantine”. You’ll receive a quarantine update each day, and you can release quality items from that quarantine, and set rules for email addresses so the quarantine gets smarter, and better manages spam over time.

As for the manual sales outreach forms, we look forward to further testing of the solutions above, and hearing the measures you’ve taken to reduce contact form solicitations. Let’s get better together!
“”

Sign up to get notified of new posts

By clicking “Sign Up,” you acknowledge and agree to webFEAT Complete’s privacy policy.

Share with your network 👇

LinkedIn
Email
Facebook
X
Print
Scroll to Top