I am facing spam issue from last 1 year. My website representing to software industry and developed in core PHP with HTML5.
I have tried below steps to resolve the issues. One solution I have not tried that is Captcha because I don’t watch any captcha in website where customer face some hesitation to fill the forms. We are also using Infusionsoft API to submit the forms.
Below steps I have executed:
Step #1: Hidden fields in forms
Declared one additional form fields and hide them with CSS. On form submission, block the form submission, if any of those hidden fields have values populated. In addition, changing the hidden field names periodically. Why recommended: A spam robot will probably fill out each field it encounters. Works well, unless the spam robot is able to understand CSS and script.
Step #2: IP restriction
We are saving the IP address & timestamp of each rejected submission in database. If we receive a form submission using wrong fieldnames, don’t display the form at all – we just show a note that this IP address will remain blocked for the next few minutes. Blocking the users IP for continuous hits. This will be configurable based on [number of hits].
Step #3: Ghost Referrer Spam
Ghost Spam can only be stopped within Google Analytics with filters. I have tried all the steps suggested here Valid Hostname Filter Step #4: Crawler Referrer Spam Implemented rules in .htaccess file or with filters. Another technique we have used is a Deflector, which redirects the traffic back to where it came from.
I am also thinking to implement DNS level where we can isolate traffic from certain countries. If traffic arrives from a country that we do not want then the user is asked to do a second level authentication essentially preventing spam.
What do you think about this?
Please provide your expert answer, if we have any other idea?