I was looking at introducing a Spam filter to one of my clients contact forms, I was thinking of the Akismet one, but it says it’s not supported at the moment, or it’s unsure.

Anyone recommend a good one to use?

@Nick my experience is that spam-prevention often results in a bad user experience: hassle for the user. I am not a big fan of CAPTCHA’s for exactly that reason.

Because of this I often use a very simple approach: do not place email addresses in the source of your site but ‘obfuscate’ them through some simple javascript or something like The fallback (when JS is not available) is often simple enough for users to understand (e.g. most people know what to do when they encounter “name [at] mydomain dot com”).

This simple measure alone will stop most naive email harvesters from getting your email address (obviously there are a lot of smarter bots these days, but these often target specific high-profile sites I believe).

Regarding forms I often use a similar simple, naive, approach: I simply add a ‘honeypot’ field and hide it with CSS (field should be empty but eager bots often fill all fields).

Another option is to add a field with a very simple ‘human’ question (e.g. “one plus one equals”): you would fill in the correct answer with JS and hide the field + label with JS. This way, when JS is disabled, the user simply has to answer a simple question.

My experience is that such an approach stops most of the spam and remains accessible and easy to use for the users. Plus: it’s really simple (cheap) to implement.

yeah, the 1+1 idea is good. It’s basically a contact form.

I’ll do that then. thanks mate.

Nick, check out the TextCaptcha. It has all the benefits of a normal captcha without the horrible accessibility or unreadable text. It’s all logic-based so as long as your users can count or answer very simple questions, you’re good to go.

Thanks Doug.

When I got problemns with spam, I made a simple solution: a drag n drop captcha jQuery plugin.

It’s very simple, no server-side. It’s just drag an image and drop over another, then you will be able to send the form.

Like this:

The plugin:

Hope it helps (:

@dougoftheabaci is a great service but only in English I’m afraid. I actually mailed with Rob re: multilanguage and he (at the time) said he was probably not going to make the service multilingual. This prevents me (Dutchie) from using it.

@joa: these alternative CAPTCHA’s are a neat invention but rely on Javascript, which could be a problem (I tested and noticed your form submitted successfully with JS disabled, which seems great but I wonder how it deals with spambots submitting the form). Also: these CAPTCHA’s could be less accessible to users (e.g. keyboard navigation, etc.).

The simplest solutions are often the best imho…

The simplest solutions are often the best imho…


I also use simple solutions similar to what David mentioned (server-side hash-field validation).

I hate CAPTCHAs and other complicated workarounds involving JavaScript.

@David: I do believe that’s the perfect opportunity for you to do it?

I have a friend who does accessibility consulting who I asked what he thought about text captchas and his conclusion was they were actually really good in terms of accessibility for most users except those with cognitive disabilities.

Which tends not to be the market my sites are made for.

@dougoftheabaci You’re right and yes: I’m thinking about creating a similar Dutch service at the moment ( is mine :P ) I’m more of a front-ender but it does not seem too complicated, especially since explains the process in detail.

Create an account or sign in to comment.

Symphony • Open Source XSLT CMS

Server Requirements

  • PHP 5.3-5.6 or 7.0-7.3
  • PHP's LibXML module, with the XSLT extension enabled (--with-xsl)
  • MySQL 5.5 or above
  • An Apache or Litespeed webserver
  • Apache's mod_rewrite module or equivalent

Compatible Hosts

Sign in

Login details