How to Stop Feedback Form & Guestbook Spam

  breadcrumb arrow   Rahul's Essays   breadcrumb arrow   How to Stop Feedback Form & Guestbook Spam

By Rahul Gladwin | October, 2009.

Introduction:

You've made a website and have installed a professional-looking PHP feedback form and/or a guestbook. You're busy submitting your website to search engines, forums, and newsgroups, and are keenly watching incoming traffic. However, within the next few days and weeks, you notice strange messages pouring in through your feedback form and/or being posted on your guestbook. These messages are promoting anything from male enlargement pills to window-washing fluid. My friend, while your website has been successfully indexed by search engines, it has also been noticed by the sinister cousins of search engines: spambots. Apparently, your arsenal of image and text verification has failed. From now onwards, you'll be forced to feebly watch your email and guestbook pestered by spammers for the rest of your life. Or, will you? This article provides three steps, which, if followed consecutively, can reduce or even eliminate spam originating from feedback forms and in guestbooks.

What is a SpamBot?

Spam is performed by automated or semi-automated computer programs called "spambots" hosted on compromised "zombie" computers called botnets. In order to fight spam, you'll have to think like a spambot. Fortunately, spambots work just like search engines - they crawl the internet and are particularly attracted to web pages that list email addresses and phone numbers. Furthermore, spambots demonstrate high affinity for web pages with keywords like "guestbook," "feedback form," "submit message," etc. The functionality of spambots is generally two-fold:

1. The spambot prowls the Internet in search of email addresses, phone numbers, guestbooks, and feedback forms. After this information is successfully collected, it is then stored in a centralized database.

2. The stored information is then, quite possibly, shared with other spambots, and then begins a methodic spamming spree.

Stop Spam in Three Simple Steps:

Here are some tricks I've learned from experience while working with my website. If you're continuously plagued by spam, you may want to follow these steps in this particular order:

1. Change URLs:

First of all, you will have to change the URLs of your guestbook and/or feedback form. For example, if your guestbook is accessed by visiting www.yourdomain.com/gbook.htm, you may wish to change it to www.yourdomain.com/guestbook.htm (or any other filename that you prefer). Your old URL exists in the spammers' database, and if you continue to use the old URL, you'll be plagued by spam no matter how many image or text verifications you install. In fact, when I changed the URL of my guestbook, spambots were still visiting the old URL of my guestbook! I wish I could see the red faces of spammers as they were continually kicked by Error 404s generated by my website.

2. Hide URLs:

Second, you need to "hide" your new guestbook and/or feedback form URL from the outside world. By this I mean, your URL should only be accessible by humans, but not by search engines and spambots. Why, I ask, why would you want to have your guestbook and/or feedback form indexed by search engines in the first place? Sometimes, spambots can't crawl on their own and have to move around by piggyback riding on search engines i.e., performing automated Google searches in order to fish out potential websites that host feedback forms and/or guestbooks. You see, this is the reason why Google displays an image verification after you perform repeated web searches with similar keystrokes. This is to prevent Google from being harassed by spambots; it, therefore becomes imperative that you hide your guestbook and/or feedback form from search engines and spambots.

You can hide your URL using two ways: using the robots.txt file or using the noindex meta tag or both. I display Google Adsense ads on my website, so I couldn't use the noindex meta tag (the Google Adsense bot was also blocked and my feedback form was displaying public service advertisements!). If you wish to use the noindex meta tag, just place the following code within the <head>....</head> region of your guestbook and/or feedback form pages:

<meta name="robots" content="noindex" />

You're done! You may directly proceed to Step 3 down below.

If your webhost allows you to edit your robots.txt file, you may want to add these lines into your robots.txt file:

User-agent: *
Disallow: /feedbackform.htm
Disallow: /guestbook.htm

This basically means, "no crawlers are allowed to access feedbackform.htm and guestbook.htm." This will work flawlessly, however, this command may also block Google Adsense bot (assuming you're displaying Google ads (advertisments)). If you wish to allow Google Adsense accessing your guestbook.htm and feedbackform.htm pages, add these lines to your robots.txt file:

User-agent: Mediapartners-Google
Allow: /feedbackform.htm
Allow: /gbook.htm

This basically means, "only Mediapartners-Google can index feedbackform.htm and guestbook.htm."

3. Display URLs in pure Javascript popup containers:

Third, you will need to display your new guestbook and/or feedback form using pure Javascript popups. When it comes to Javascript, search engines and spambots are as blind as bats, i.e., search engines and spambots cannot follow material within Javascript containers, hence, we can use this to our advantage. You can create Javascript popups using this code:

<a href="#" onkeypress="bar" onclick="MyWindow=window.open('http://www.yourdomain.com/popups/feedbackform.htm','MyWindow','toolbar=no,location=no,directories=no,status=no, menubar=no,scrollbars=yes,resizable=no,width=600,height=300'); return false;">feedback form</a>

Where http://www.yourdomain.com/popups/feedbackform.htm is the location of the popup to be displayed. Though not necessary, it is always considered good web etiquette to put a friendly "requires Javascript" message right next to popup links in order to inform your visitor who might have turned off Javascript in his/her browser and/or turned on a popup blocker, and may be unable to sign your guestbook or contact you through your feedback form.

Furthermore, you'll need to use the noindex meta tag in your popup headers. For book-keeping purposes, I tend to store all my popups in a subdirectory called "popups," and as an extra precaution, I also seal off this directory from search engines and spambots. Again, this can be done using the robots.txt file as follows:

User-agent: *
Disallow: /popups/
Disallow: /feedbackform.htm
Disallow: /guestbook.htm

You can see a working example of a robots.txt file here: ../robots.txt. If you follow these three steps, I'm sure you will be able to dramatically reduce or even eliminate spam originating from feedback forms and guestbooks. Just as a precaution, avoid directly linking your guestbook and/or feedback form from external forums or blogs. If you do get spammed again (highly unlikely) all you have to do is re-change your guestbook and/or feedback form filenames. Here is a real implemented (and spam-free) example of a guestbook and a feedback form.

Additional Readings:

Science Articles

1. The Big Bang: Proof that the Universe is Expanding

Business Articles

1. Corporate Failure: The Enron Case

Personal Experience Articles

1. My Experience during the Iraqi Invasion of Kuwait
2. Why did I become a doctor?

Philosophy Articles

1. The Existence of Matter
2. What is Time?
3. Life in a Drop of Water
4. Why I Support Mercy Killing

Short Stories

1. Voices from Hell: My Experience in Mussoorie, India

Religious Articles

1. One Powerful Prayer written by an Anonymous Author

Internet/Technology Articles

1. How to Stop Feedback Form & Guestbook Spam
2. How To Optimize Your Web Server

Product Reviews:

1. Review of the HMT Janata Hindi Dial wrist watch
2. Review of eBoundhost VPS hosting
3. Review of Delta Roma Imperiale Fountain Pen

Miscellaneous Stuff

1. Body-Mass-Index, Waist-to-Height Ratio, Body Fat, Basal Metabolic Rate Calculator
2. Pictures of old Kuwaiti Dinars
3. My First Computer - Pentium with Windows 95
4. Why is it hard to find Christian husbands?
5. Video of American Robin feeding her chicks
6. Signs you're being married to for Green Card
7. Micron to Grit Conversion Calculator
8. Grit to Micron Conversion Calculator

Random Pages:

The Big Bang: Proof that the Universe is Expanding My First Computer - Pentium with Windows 95
Video of me playing Yanni`s "Nightingale" Notes on Female Reproductive System
Video of Musculoskeletal Examination in a Clinical Setting Notes on Growth Medias and Oxygen Requirements
Notes on Pyruvate Metabolism What is Pulseless Electrical Activity?
Differentiation of the Face Usage of the D-xylose Absorption Test
Notes on Basic Gastrointestinal Physiology Why I Support Mercy Killing
Video of American Robin feeding her chicks What is an ELEK`s Test?
Why did I decide to become a doctor? Medical School Admissions Essay Video: Titanic Piano Theme: The Portrait
Corporate Failure: The Enron Case My Experience during the Iraqi Invasion of Kuwait
USMLE Blood Lab Values Regulation of Heart Rate by Autonomic Nervous System
Images of Antibodies Video of me playing Titanic Piano Theme: The Portrait
Notes on Lymphoid Tissue Differentiation and Anatomy of a Blastocyst
Notes on Cell Components Notes on Nervous Tissue
Voices from Hell: My Experience in Mussoorie, India Video of Cardiology Examination in a Clinical Setting

Please Do Not Reproduce This Page

This page is written by Rahul Gladwin. Please do not duplicate the contents of this page in whole or part, in any form, without prior written permission.