1

I read an idea (Safer Contact Forms Without CAPTCHAs) to use cookie to protect submitting a form by spam bots. This will make sure that the form is actually submitted from form.php to process.php; not directly to process.php by spam bot.

Is it the only task of Captcha to make sure that the form has been submitted from the original form (form.php)?

I mean is it enough? It is the only way a spam bot can work (directly sending to process.php)? Spam bots cannot visit and send form.php as human do? Then, why we make captcha images as complicated as possible to avoid spam bots to read the content of image?

Googlebot
  • 13,096
  • 38
  • 113
  • 210
  • 1
    [Spam bots do complete forms and submit them](http://en.wikipedia.org/wiki/Spambot#Forum_spambots) - im not entirely sure if the cookie method is fool proof ... I have had spam bots read the CAPTCHA and still register ! – Manse Jan 05 '12 at 12:22
  • That's the problem! I am curious to find a way stronger than CAPTCHA to avoid spam actions, if such thing exists. – Googlebot Jan 05 '12 at 12:30
  • Have a look at this question and more specifically the most voted answer, it suggests using honeypot input fields : http://stackoverflow.com/questions/1577918/blocking-comment-spam-without-using-captcha?answertab=votes#tab-top – Manse Jan 05 '12 at 12:36

0 Answers0