Stop direct (bot) access to my website forms

Hi All

I have built a new website that is for Australians only and pretty much as soon as I went live there was a massive amount of spam signups.

I have added the Google CAPTURE code to the signup form as well which has helped a lot with not allowing bot accounts to sign up however some are still getting through.

Yesterday I added code to the website that checks what country you are in and only lets people in Australia through… I am still getting spam email addresses trying to signup though.

I have added code this morning that gets the IP address and location of these email addresses and they are from outside Australia which makes me think that there is some sort of bot, or bots, that have mapped my website and is directly linking to my forms rather than coming to my website… if they were coming to my website they would be blocked.

Any suggestions on what I can do to stop anyone from outside Australia from access any of the website?

Thanks for any help.

mrmbarnes

The only thing I’d say is don’t rely entirely on the IP address to figure out where someone is. More than once I’ve turned up to the pub (here in North West UK, and not for ages, obvs) for people to say that they’re surprised to see me as FB had announced that I was in New York only an hour or two earlier.

1 Like

“Welcome to Null Island”. :wink:

The standard anti-bot protocols are what you’re probably going to have most success with…captcha, honey pot, tokenized data etc.

Require a postcode at signup, though Ausralia’s postcodes arent exactly difficult to bot…

Two stage signup with an email address verification, and purge the database of anyone not verified within 30 days, that sort of thing.

1 Like

setup recaptcha to stop bots

OP say’s he’s already done that! :slight_smile: