Are you facing PHP form spam? Are you looking for solutions to get spam-free PHP forms?  Well, it’s not a mammoth task to protect your PHP contact form from spam attacks. Protecting your own PHP address will also ensure that people who showed interest in your website will not get spam emails. The reputation of your website will not get tainted in that case. Before we get into the details of the preventing process, let us clear the basics about PHP forms and the nature of the spam attacks.

Purpose of PHP address forms

The main purpose of the PHP address form is to allow your visitors to fill in a few details about them so that you get their contact information in the form of a mail. A PHP form is usually placed on any page of the website with a .PHP extension. On the other hand an automated courtesy email will generated and sent to the visitors as your acknowledgement of their enquiry and your promise to act on in as early as possible. A hassle-free and simple format of contact form ensures that the visitors who are interested in your website will send their enquiry. So, websites generally display a simple and user-friendly contact form to attract more traffic.

How spammers attack your PHP form?

Spammers send out mass mails to all the visitors who have filled up your PHP forms and taint your reputation. This is a kind of hacking attempt by the spammers who use a mass mailer to send mails using your PHP contact form. You will be able to identify this if your mails fail to deliver the visitor when you try to reply. Your mail will bounce back in your mailbox stating that the email address could not be recognized. Spammers are making use of the susceptibility in your PHP mail ( ) function which permits them to affix and inject additional mail headers in the text fields of your email. When your simplified PHP form has fields for inserting http, LF and CR characters, the form becomes susceptible for abuse and hacking by the spammers. To prevent spammers from attacking, you can strip out the characters which are not required. You can protect your contact form by following some simple steps or you can download a pre-built PHP form for free. 

How you can protect your PHP form from spam attack?

You can add the codes listed below to your PHP contact form before adding the mail ( ) function:

Do not forget to change the variable name of your contact form. By doing this you will be able to check for the text http in each of the boxes as spammers get through this for attack. 

To conclude

Spammers can either be search robots who scan for susceptible PHP forms online to send mass mails or a single spammer who navigate the web for vulnerable contact forms and copy preset emails from your PHP contact form and mass mails to your visitors using your name. This can taint your reputation among the visitors. You may also download a free PHP form and install it using contactme.zip file and edit it through a text editor to put your own email address where you will receive the mails whenever the contact form is filled.