Contact Form Improvement and Guest Book Spam Prevention

It always amuses me that so called SEO 'experts/companies' resort to Spamming people to try to generate work!

Here is a recent example from a website 'contact form':

"Cecelia Maloney
[email protected]
0120120120
We are interested to increase traffic to your website, please get back to us in order to discuss the possibility in further detail."

A quick Google shows these are well known spammers so I have no problem listing their 'details' here.

There is a chance they are not really interested in SEO but just trying to elicit a response to see if the email address is active - either way I recommend you NEVER reply. A number of 'form' spammers just like to try and submit dodgy links - malicious and/or spam.

It seems Gmail email addresses are getting very popular with these spammers - and in my experience they are nearly all coming from Indian ISPs.

Once these spammers have the URL of your contact 'form' or 'guest book' they regularly return directly to the page to offer their services!

Recently I've started to maintain an .htaccess file so that I can manually deny access to these visitors - this stops them from even viewing my website.

This is what they get presented with if they try to return to my site:

Forbidden

You don't have permission to access / on this server.

My .htaccess file denying these spammers access currently looks like this:

order allow,deny

deny from 122.173.

deny from 122.167.

deny from 122.163.

deny from 122.183.

deny from 122.161.

deny from 122.177.

deny from 122.160.

deny from 122.172.

deny from 122.169.

deny from 121.247.167

deny from 94.100.25.52

deny from 117.200.162

deny from 182.68.

deny from 182.68.94

deny from 182.64.239

allow from all

This works well for me - I guess they move on to easier pickings and I only have to add a new IP address every few months.

Please Note:

Obviously, if you need your website to be visible to certain countries (mostly India in my IP examples above) then you would need to be *very careful* using this method as it would be very easy to block legitimate visitors. Especially where I am using IP masks rather than full addresses.

If you are using Freeola's Standard formmail script you simply have to add this line to your form code which will add your visitors IP address to any submitted messages:

<input type="hidden" name="env_report" value="yes">

A quick Google on the address will then show you if it is a problem IP !

Just thought I would pass this on in case others are troubled by similar form spam, or if you have your own tips please let me know :¬)