Easy Bot Blocking
131 words.
I’m sure this is well-documented already — in fact I’m almost positive I’ve read this somewhere else, and I’m completely positive that I’ve seen web sites using this technique — but here is a quick and easy way to keep simple bots from posting data to your web site: Add a Javascript “onclick” event to your submit button which sets a hidden form field. Verify that the hidden form field is set correctly and viola, you have a simple test for human vs. bot.
It’s easy for a clever bot to circumvent this, but it keeps out the generic script kiddies. Also, obviously, human users will need to have Javascript enabled on their web clients, which may block some legitimate traffic. But this is war, and sometimes there is collateral damage.
Sorry, new comments are disabled on older posts. This helps reduce spam. Active commenting almost always occurs within a day or two of new posts.