Tuesday, July 10, 2007

Protect Against Invaders by SPAM-Proofing Your Website

Benjamin Pfeiffer discusses how to SPAM-proof your website. He explains how to use Javascript and mod_rewrite to stop SPAMbots and Spybots from finding email addresses on your website. He also talks about how to find and set up the .htaccess file and gives examples of robots and how to block them.

Despite recent improvement in tools and programs in the battle against SPAM, most of us cannot escape the menace that plagues most of our inboxes on a regular basis. Each day most of us probably receive more SPAM than actual real email, and with Spammers getting more and more creative in their ways to circumvent traditional anti-SPAM tactics, it's vital webmasters empower themselves with some anti-SPAM tactics for their own websites.

In this article I will discuss a few ways to SPAM-proof your website against malicious SPAM robots that inevitably collect your email to be sold by the thousands to Spammers worldwide, whether it be for using your information inappropriately, or simply for no-good reasons.  These tactics are so effective that within a month of implementing them, you should see a dramatic drop in the amount of SPAM that makes it through to your website email addresses, not to mention a decrease in bandwidth.

How to Stop SPAMbots Dead in Their Tracks

1. Using JavaScript
2. Using Mod_Rewrite

Both of these techniques are effective in blocking SPAMbots and Spybots from finding your email address or other personal information on your website. While JavaScript is an easier solution, using mod_rewrite to block SPAMbots is more technical and requires knowledge of editing your .htaccess file. It's best to try the JavaScript method first, and then venture into using mod_rewrite to further block SPAMbots from hitting your website.

Using JavaScript

To understand how to use JavaScript to block SPAMbots from harvesting your email, let's examine the ways that they find your email in the first place.

1. Mailto: Links - these are common links placed in the HTML code of a website, offering a potential visitor the ability to send an email to the webmaster of the site.  A visitor clicks on the email link and it opens an email client with the To: field already filled in with the address specified in the code.  These links are the prime target of SPAMbots harvesting your email address, and simple use of JavaScript can cut down on email harvesters hitting your inbox with SPAM.  The main objective with using JavaScript is to change the appearance of your email address so that email harvesters do not recognize your email, but still retain complete functionality for legitimate visitors to send you an email.

2. Contact Forms - this is another prime location for SPAMbots to leave their tracks, steal your email address and be gone, ready to report back with fresh email addresses.  These forms are another common feature on websites, and the following is what most often causes SPAMbots to find your email.

<input type="hidden" name="recipient" value="">

No comments: