After recently launching a new website for a client, we were made aware that one of the contact forms we had integrated into the site was being bombarded with lots of spam. Most of these spam messages were being submitted by bots, which are programs that scour the web, searching for forms they can target.

Spam bots are built for various reasons. Some are simply trying to advertise a product or service (which in some cases is illegal) on a mass scale, whilst others are more malicious, with the goal of injecting malicious code into your website.

Having through sift through dozens of spam entries daily is not only annoying, but a waste of time. Thankfully, there are several methods you can implement to drastically reduce the amount of spam that ends up in your inbox.

Use Google reCAPTCHA

It is highly likely that you have come across Google reCAPTCHA; this is the checkbox you have to tick before submitting a form, which asks you to prove you are a human. In some cases, you are presented with an image and asked to click on boxes that contain certain objects, such as traffic lights or vehicles.

Integrating Google reCAPTCHA can be both simple and complex. If the web form software you are using on your website already comes with the functionality built in, all you need to do is enter your API keys to be up and running. On the other hand, if your site makes use of a custom built form, you will need to get your web developer to build the reCAPTCHA functionality in.

Use a Honeypot

The honeypot method works by adding an input field to your form that is invisible to humans but visible to spam bots, which means the latter are likely to enter data into it. Once the form is submitted, it is then a simple case of checking whether the hidden input field has data, and if it does, marking the form submission as spam.

One benefit of this method over reCAPTCHA is that human users are not presented with a spam challenge, which is often seen as a nuisance. However, the honeypot method may not always be as effective.

Use a Spam Detecting Service, Such as Akismet

Akismet is a spam filtering service that was created by Matt Mullenweg, the same person who initially developed WordPress. Akismet uses large quantities of data to determine whether a message is spam or not, and because the service makes use of an API, all kinds of websites and applications can integrate it in, no matter their underlying technology.

However, unlike reCAPTCHA and the honeypot method, you will need to purchase an Akistmet license if your website is a commercial one. That said, it is very affordable and will likely save you money in the long run.

Block Specific IP Addresses From Accessing Your Website

It could be the case that most of the spam being submitted on your website is coming from specific IP addresses. If this is the case, one option would be to deny those IP addresses access to your website.

The drawback of this method is that you would likely have to block many IP’s (which could result in you blocking off genuine visitors to your site), and it would have to be an ongoing process (due to the dynamic nature of spam bots), rather than a one off set and forget procedure.


Though it is highly unlikely that you will be able to prevent all spam submissions on your website, there are several methods you can use to drastically the numbers. Combining two or more methods could prove to be even more effective!


Polaris is an award-winning B2B SEO agency in London specialising B2B, PPC, e-commerce and the healthcare industry.

Other posts

  • ecommerce site
  • web
  • web development
  • web launch
  • website development
  • website launch
  • B2B SEO
  • b2b seo agency
  • ecommerce seo
  • SEO
  • web
  • web development
  • website security
How to secure your WebsiteOctober 29th, 2020