1 |
On Thu, 2021-05-20 at 21:29 +0200, tastytea wrote: |
2 |
> |
3 |
> A good measure against non-targeted spam is a hidden input field with |
4 |
> the name “url”. If the bot put anything in that field, throw it out. |
5 |
|
6 |
And be sure to put a paragraph of (hidden) explanatory text above it so |
7 |
that blind users with screen readers don't attempt to fill it in. |
8 |
|
9 |
Another efficient trick is to change the "Submit" button to "Preview", |
10 |
and have the real submit button visible only on the following page -- |
11 |
while they're looking at the preview. Most bots aren't smart enough to |
12 |
follow the result of the first "click." For bonus annoyance, you can |
13 |
add a "Cancel" button before the "Send" button; most bots just use the |
14 |
first button on the form without regard for what it does. |