DroidViews

SEO Spam Website Attack Protection: Guide To Follow

Joseph Osbourne | | Featured

Shield with a lock representing spam

It should immediately be said that one of the activities of Adsy (paid backlink service) company is the protection of feedback forms from spam. 

Now a lot of sites are being attacked by spambots. This is especially true for commercial sites where entrepreneurs are waiting on their mail or SRM system for applications from buyers or customers but receive useless SEO spam. Is it possible to reliably protect the official website (paid backlink service) from spam and how to stop spambots? Why are spam attacks able to pass almost any protection?

Looking ahead, let’s say that it is possible. There are a number of reliable ways to check out (paid backlink service) how much your site is susceptible to SEO spam and, given some features (paid backlink service) of SEO spam, successfully win this fight.

As practice shows, there is only one universal way to protect yourself and prevent the process of spamming sites, remove all forms of communication from the site and remove links with your email address.

Spam bots

What is a spam bot? Spam bot works with prepared promotional emails, sending them to E-mail addresses, instant messaging services – IM and other word processing services. A spam bot prevents users from perceiving the original information of the resource, which reduces the satisfaction of its visitors, and ultimately leads to a decrease in their total number on a particular site. Spam bots undermine the confidence of customers about whether links are really trusted and safe links (paid backlink service) are.

Spam bots are constantly improving, adapting to modern methods of dealing with them, and now, it would seem, the once reliable reCaptcha from Google quietly skips spam messages. Although spam has undermined the credibility of contact forms, anyway, whatever one may say, it is very often impossible to do without normal feedback forms. It is much more convenient for the user to leave a request on the site through such a form than through a link, and it would be ideal not to enter any checks. 

What options should be excluded from anti-spam methods?

  • Math Captcha where you need to add or subtract numbers and write the answer. Bots easily pass such protection. 
  • It is also worth abandoning Google’s reCaptcha, its bots have also learned to bypass it. 
  • We do not use these methods in our practice and do not advise others to use them.  Despite the seemingly reliable protection, this option has its drawbacks. There is a chance to send normal messages to the ban and skip spam because it is not exactly known how long it takes the bot to send a message. It all depends on its settings, it is not a fact that the bot will quickly send its message. 

In general, we also refused this option, since there are more reliable methods.

What options can be used to protect against spam?

It is worth noting here that when protecting a site from spam, you need to approach each site individually. As practice shows, spam bots that attack sites are completely different in their logic and settings. And when choosing protection, you need to take into account the features of the bot that attacks a particular site. What works for one site may not work for another. 

Email address link protection

If we talk about the link to the email, then there is a good option with data encryption. Using the script, we encrypt the characters of the email address and as a result, the bot will not see a normal link in the code and will not be able to send a message to it.

Captcha protection

As for the Captcha, not everything is as bad as it might seem at first glance, but there are reliable and simple options here that stop the flow of spam to your mail. Even the popular WordPress plugin, Contact Form 7, has a great anti-spam option in its arsenal if configured correctly. 

One of these options is Captcha made in the form of “question – answer”. It all depends on your imagination, there are a lot of options. This is a rather old trick, but it is still reliable. We successfully use it on some sites where Captcha is needed.

The main task here is to follow some rules. The main thing that you don’t need to do is to create a hard-to-read Captcha, which depicts incomprehensible characters. I see no reason to create problems for potential customers in the hope that the bot will not be able to recognize the characters that need to be entered. 

It will be much better if you create a task that the bot simply cannot solve. It doesn’t matter at all what is written on the Captcha itself, what matters is what needs to be entered in the verification field and it is on this that you need to build protection. Such protection will not create difficulties for visitors, but spam bots will not be able to pass it.

Invisible protection

If you do not want to complicate the life of a potential customer, or the appearance of the site does not support additional elements, then you will have to look for a hidden option to protect against spam. In our practice, we use different options to protect the site from spam without Captcha, which reliably block messages sent by non-humans. 

The most popular and easiest way is protection based on hidden fields. If you are smart, then this option of protection can be very reliable. Among the many options for such protection, the simplest is to check whether the hidden field is filled in by the bot or not, and if it is filled, then the message is not sent. But this option is not the most reliable, many spam bots successfully pass such protection and there is an opinion that protection using hidden fields is not reliable, but it is not. 

As you know, bots do not fill out the form itself on the site, they send messages directly through POST requests. This is where the defense needs to be built. If, for example, to check whether the button to send a message was pressed or not, then you can create reliable protection. So if the button was not pressed, then the hidden field will remain empty and the message will not be sent. 

If the message is sent using the button, then a secret word will be added to the hidden field, and the protection is configured in such a way that the message will be sent only if there is a certain value in the hidden field. And there are a lot of similar options with a hidden field. If the bot cannot read the script code and fill in the hidden field with a secret word from this script, then it will not pass such protection. 

In our arsenal, there are several such methods, as well as unique ones that we have developed in practice and successfully apply them. So we use methods that do not care what fields the bot fills in, whether it can read the script, our defense will still recognize it and not miss it.

Monitoring messages on the site 

We constantly monitor the work of our protection using a special code. This allows us to get a clear picture of whether spam is coming or not and whether it is being blocked or not. For example, we can monitor which messages are sent to mail, spam or not, even after we have installed protection. 

If the protection is already in place, we will not see spam in the mail, but our script sees everything and notes which messages passed the anti-spam filter and which did not. We install this script temporarily on the site we are dealing with in order to see if there is spam or not and to make sure that the protection works. After successfully protecting the site, we remove this script and leave only the code that reliably protects your mail from spam. 

Summing up, we can say with confidence that you can reliably protect your site from spam if you apply the right methods and approach each site individually.

 

Reader Interactions

Join The Discussion:

We never share our visitor/user details. For more info, Please read our privacy policy before submitting your comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.