• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

How to stop form bots?

I have contact forms on most of the sites I make, occasionally forms are submitted which are empty/contain no data. (bots)

I have put Spry Validations (Dreamweaver) on the fields but this doesn't seem to work when it comes to bots, they can override the validation check and it just gets emailed whether there is data or not.

Now, I know that "Captcha" can be used to filter out bot attempts ...But I don't really want to use captcha on the page. Is there an easier/alternative way? Ideally within the PHP process code? (as I don't really want to amend the web page) I'm looking for an easy solution which will stop these bot attempts from being emailed to me. Any suggestions?


I have included my php code (simple php script which works fine aside from the already stated) -


$mymail = 'info@MyWebsite.com';
$cc = 'Form submitted from MyWebsite.com';
$BoDy = 'A visitor left the following from MyWebsite.com :';
$BoDy .= "\n\n";
$FrOm = 'FROM: MyWebsite.com';
$BoDy .= 'Name: ';
$BoDy .= $_POST['t1'];
$BoDy .= "\n\n";
$BoDy .= 'Email: ';
$BoDy .= $_POST['t2'];
$BoDy .= "\n\n";
$BoDy .= 'Phone: ';
$BoDy .= $_POST['t3'];
$BoDy .= "\n\n";
$BoDy .= 'Comments: ';
$BoDy .= $_POST['t4'];
$BoDy .= "\n\n";
$send = mail("$mymail", "$cc", "$BoDy", "$FrOm");

///Redirect user to your homepage....
echo '<meta http-equiv="refresh" content="0;URL=/thank-you-page.php">';


Paul Murray

Staff member
I've seen blogs/sites that use a simple checkbox that you have to check or uncheck to prove you're not a bot. What about something like it?
Thanks for replying Paul, Ideally I'm looking for something which can be implemented in to the PHP process code as opposed to the visible form on the page. (I'm not sure if this is even possible). The reason I don't want to amend the form is because it would obviously alter the appearance of the page.

Stationery Direct

Staff member
I suspect bots automatically fill in all fields in order for the form to go through, can you not have a hidden field that if filled in it cannot be sent? Just a thought, failing that CAPTCHA is the way to go and stops 99% of spam.
Thanks for replying Boss Hog, If these bot submissions get out of hand then I will have to take the CAPTCHA/hidden field route. I think I was hoping for too much (PHP process code/hidden validation option)