Five Things to Stop Receiving Spam from Your Website
Tired of your inbox being filled up with spam emails? It’s not just you. Junk email accounted for 45.1% of global e-mail traffic as of March 2021. Although this feels high, it is still on the decline, down from 55% in 2018 and a staggering 69% in 2012.
In this post, we reveal five things you can do to reduce the amount of spam in your inbox by making changes to your website.
How to Stop Spam
#1 Use Google reCAPTCHA
Google reCAPTCHA is a captcha service that can help assist you in preventing forms from being filled out by spambots.
There are two versions of reCAPTCHA. Version 2 requires a user to tick a box:
Much of the time, a site visitor merely ticks the box for it to be accepted.
Occasionally, the Google reCAPTCHA won’t accept the tick and will challenge you to make sure you’re human. Often, this will be clicking on squares of an image:
Version 3 meanwhile, is hidden from site visitors and works in the background. You’ll know if it’s working and installed properly when you see the “protected by reCAPTCHA” label on the page:
If you’re using regular HTML and CSS, Google provides a site key and secret key that are then implemented into your website.
For WordPress sites, form plugins will ask for the site key and secret key, which you can copy and paste from the admin console. For example, Contact Form 7 provides instructions on how to implement in version 2 and version 3.
As a side note, they can also be placed on login pages to help deter hackers from using automated scripts in an attempt to gain unauthorised access to your website.
#2 Change Direct Email Addresses
Captcha can help stop spammers, but they don’t stop bots from scraping your website for information like email addresses. It’s easy for them when emails are written in a format like [email protected].
As an alternative, consider removing your email addresses from the website and utilise a contact form in its place to cut back on the spam.
#3 Make Your Domain Information Private
When you purchase a domain, information is added to the domain registry, including email addresses.
Nowadays, it’s much easier to request your domain and hosting provider to make your information private. You’ll usually be offered this when you purchase the domain, or you can ask your hosting provider but may incur a small charge to make the change.
More Tricky Options
There are more advanced options you can use to cut back on spam, but you should be comfortable with writing code for websites. If you’re not sure and are struggling with spam issues, please contact XHost for free, a no-obligation quote.
#4 Add a Honeypot Field to Your Form
Most bots are simple and aren’t particularly smart. They’ll often fill in every field and this can be the key in stopping them.
If you have a WordPress site and are using Contact Form 7, the plugin “Honeypot for Contact Form 7” makes it easy to deploy.
For those on static HTML, CSS and JS websites, have a look at this simple but elegant solution from Felippe Regazio.
#5 Configure Your .htaccess File
You can add a series of rewrite conditions to your .htaccess file that sits at the root of your website directory. It tells your web server software like Nginx or Apache how to handle a wide range of things on your website.
One of those things can be blocking spammers so they can’t see your site and therefore any forms.
Check out this answer on Stack Overflow as an example of what can be done.
Important Note: Always make sure you know what changes you are making and never blindly copy and paste code. Also make sure you backup your .htaccess file before editing or it could break it for your human visitors.
Summary: Five Things to Stop Receiving Spam from Your Website
- Use Google ReCAPTCHA to verify real humans are submitting forms
- Remove your email address from your website or make it a link with text like “email us”
- Have your domain registry information made private
- Add honeypot fields in your forms to find and stop the bots
- Add commands to you .htaccess file