Spam Protection
Another Form Security option available to you is the ability to minimize the amount of spam that you might receive. Instead of slowing your users down with the complexity of a challenge-response tool such as a CAPTCHA, you can configure a number of settings which will thwart spam attempts against your form page and yet remain unobtrusive to your users.
- With the form open in Form Designer, from the Settings menu, choose Security Settings.
- Click the Form Spam Protection tab.
- Check the Rules Settings & Scores checkbox. Two tabs display: Spam Rules and Score & Failure Settings. Make your changes using the details below.
- Click Finish to save your changes and return to your form.
Spam Rules
Initially, all six rules are enabled. Uncheck the box in the Enabled column for any spam rules you don't want to enforce. Some rules, have an additional Configure link available. The Score values for each test contribute to a total that is compared to the Failure Limit which is set on the Score & Failure Settings tab.
Setting | Description | Score |
---|---|---|
Mouse Movement Test |
This test ensures that the user moves their mouse. |
1 |
Keyboard Test |
This test ensures that the user types on their keyboard. |
1 |
Time Form Submission Test |
This test measures the duration of the form entry and submission, taken together. Typically, spam bots will submit forms faster than an average user could ever fill out the form elements. If you change this setting, you should consider if you are creating a very short form, and adjust the time accordingly. Click the Configure link to edit the duration (in seconds). |
2 |
Hidden Form Field Test |
This test inserts a hidden form element into your form and verifies that it is empty at the time the form is submitted. Only a spam bot would insert a value into a hidden element. |
3 |
Too Many URLs Test |
This test will add up all of the URLs (web links) found among the form element values at the time the form is submitted. The form will be marked as spam if the number of URLs exceeds the limit. Click the Configure link to set the maximum number of URLs. |
3 |
Exclude Values |
This test compares the words in the form submission to a list of configurable spam indicators, and marks the submission as spam if even one of these words is found. Click the Configure link to edit the list of spam words. Separate each with a comma. |
2 |
Score & Failure Settings
When the form is active, the score for any spam test that gets a match is added to a total score. At the time of form submission, the score total is compared with the Failure Limit and, if it equals or exceeds that limit, the submission will fail or it will be flagged (depending on the value of the Debug Mode setting).
Setting | Description |
---|---|
Failure Limit | Default is 3. If the scores of all tests that match add up to equal or exceed the limit that you set, then the form submission may be stopped (depending on the value of the Debug Mode setting, below). Note: Some of the tests will meet the failure limit alone, such as the Hidden Form Field and Too Many URLs tests. These values are set high because they are clear indications of spam bot intrusion. |
Failure Email To | Optional. Enter the email address to which failure reports will be sent. |
Failure Message | Optional. Edit the message that will appear in the form window when the failure limit is met. |
Debug Mode |
If checked, all form submissions will continue and warning emails will be sent to the address in the Failure Email To field. Use this method to test that your settings will not block potentially legitimate form submissions. We highly recommend that you use the debug mode after first configuring these settings. This will ensure that if the settings are too strict, that no legitimate submissions are lost and that you have the opportunity to modify the settings. |
0 Comments