June 1, 2015

Preventing Spam in Web Forms

Lafayette College websites can use the Contact Form 7, a WordPress plugin, to create quick-and-easy web forms. As the name suggests, this plugin is often used to create contact forms that send emails to a designated email address.

As the name suggests, the most common use is contact forms, but the plugin can be used for a variety of quick-hit jobs (e.g. gathering feedback on a particular topic, soliciting print jobs, etc.). It’s particularly handy because it allows you to create an template that governs exactly how the resulting email will look in your inbox.

The challenge is spammer. On occasion spambots discover these forms and can start sending the form recipient all manner of email he or she really doesn’t want to read.

Fortunately you can prevent this by adding some simple anti-spam validation to your form. This validation leverage Akismet, an anti-spam tool that’s always on within the College’s web presence. It’s primary job is to prevent comment spam on WordPress pages and posts, but it works just as well on web forms.

To add spam filtering to your form, place akismet options inside of your tags. For example, add the akismet:author option inside your [text first-name] tag to have akismet validate submissions.

Other options are akismet:author_email and akismet:author_url, which are used on the submitter’s email and url fields Here is what a tag that uses akismet filtering would look like:

[text first-name akismet:author]

Learn more about Contact Form 7 on the College’s help website.