Originally Posted by Danish21
I think .htaccess is the best option for your problem....
It's been answered. However, for people googling for this thread, I remember something Chrishirst said a while ago that I've done ever since:
Always leave an empty field in your form, and make it hidden. Bots that fill out forms will always enter something into every field, so name it something like 'confirm_email', so maybe the bot will recognize it as a required email field, and enter an email. However, on your processing page, deny entry if that field's value isn't null. Only people who modified the HTML (probably looking for security holes) or bots would have entered something in that field, so ignore it.
<input type="hidden" name="confirm_email" />
OR if the bot recognizes the type="hidden":
<input type="text" style="display:none" name="confirm_email" />
if ( $_GET|POST['confirm_email']!=null ) exit();
You can also try 'skill-testing' questions. The question Valve uses on their Steam forums is 'What is Gordon Freeman's last name?'. Obviously 'Freeman', but a bot would have a much harder time figuring that out.
Last edited by Physicsguy; 07-09-2012 at 12:54 PM..