I was writing my personal website and thought about creation of contact form. Not a big deal....
But I would like to protect me somehow from auto generated requests by malicious scripts.
Captcha is not an option because it would discourage potential senders to contact me.
I tried to look how others handled this problem.
Among many unprotected forms I found pretty interesting example:
I can't explain the purpose of hidden input fields and I guess they have something to do with filtering malicious users from good users.
But. Am I right? How are they used?
Website where I picked this form website
If captcha is not an option you could use a honeypot
.
This works for bots that are not able to interpret/render CSS. Here's how it works: Add an input field and hide it using CSS. Therefore a human would not fill out this field - but a machine probably would. After form-submission you check if the invisible field has been filled out - and if then you've probably identified a bot.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.