What (if any) anti-bot techniques are you putting in place? How effective are they?

Question

Bot protection heavily relies on the infrastructure your website/web app uses. For example, the anti-bot solution will look very difficult on NGinx Web server, as opposed to Microsoft IIS. Further, you might find yourself with tied hands if you’re using a kind of SaaS solution (for example, a Shopify store will be able to use only anti-bot protection offered by Shopify itself).

I would list 3 main types of bot protection: 
* Web / App Server plugin
* External solutions (DNS-based, JavaScript-based, or combined)
* In-app solutions

Do you use any of those solutions? How effectively did they prove to be?

vados · Accepted Answer

I use some bot protection on email forms, a simple hidden field is usually enough.

Misha Krunic · Answer

@vados Yes, bot protection on forms is a must, otherwise you would end up with tons of spam.

However, have you ever tested the efficiency of the method you’re using (hidden fields).

I recently started working on a new project https://botmenot.com/ that would allow users to test such methods.

vados · Answer

@price2spy Hidden fields along with ensuring double-subscription (people have to click a link in an email) took my spam problem down to ~1/2 bots (or very unresponsive people) every 2/3 weeks, so I'm happy with it!

What (if any) anti-bot techniques are you putting in place? How effective are they?

Replies