This page has been archived. For the latest news on FormAssembly, go to: http://www3.formassembly.com/blog

How-To: Protect your Web Form from Spam with a Captcha

Filed under The Form Assembly, Documentation on September 12, 2006 by cedsav.

What is a captcha?

Captcha ExampleA captcha is a test designed to distinguish between humans and computers. In its most common form, it consists of an image of distorted letters that must be identified. While this test is quite easy to pass for a human, it is extremely difficult to solve programmatically. This makes it a very effective way to prevent automated scripts (a.k.a bots) from performing actions that are only intended for humans. This includes blocking spammers from abusing web forms with their spam bots.

How to add a captcha to your web form

Form Assembly users * can now easily add a captcha to their web form by following these simple steps:

  • Go to your form’s display and processing properties page.
  • Under the ‘Display and Hosting options’ you will find the ‘Spam Filter’ option. Check the box and save your change.
  • If you are hosting the form on your own website, you will need to follow the instructions to install the form again, otherwise you are all set.

captcha setup example
If you are not (yet) using the Form Assembly and still want to use captchas, you should look into Ed Elliot’s Captcha generation class (for PHP). Our captcha functionality is based on this library. It is powerful and very easy to use.

A few things to consider before using captchas

  • It is somewhat of an annoyance for legitimate users.
  • The test might be hard or even impossible to pass for people who are visually impaired. The Form Assembly provides an audio alternative, but this can also be challenging for some.
  • If you need to comply with regulations regarding people with disabilities (such as section 508 for federal agencies in the US), you should not use captchas.

For the reasons mentioned above, it is best to not use captchas unless you are actively targeted by spammers or have another legitimate reason to do so.

If you have any comments or suggestions regarding this feature, please post it below, or in the support forum.

(*) Note: This service is not available on the free plan.

captcha, web forms, spam control

2 Responses to “How-To: Protect your Web Form from Spam with a Captcha”

  1. will Says:
    September 14th, 2006 at 12:33 am

    Instead of captchas, I have found it equally effective and more accessible/user-friendly to present people with a simple problem. For example, you can generate a random addition quiz: “Please add 3 and 5″.

    Or a questions everyone knows: “What color is red?”

    Keeps the spambots out, and keeps it simple for the users, if not amusing.

  2. cedsav Says:
    September 14th, 2006 at 2:55 am

    You’re right, there are some interesting and may be better alternatives.

    One important thing to consider though is that most web users are familiar with the letter recognition test and understand its purpose. So in a sense, it’s safer to use a mainstream solution, even if it’s not the most user-friendly.