Nothing aggravates me more than website form spam. Contact forms, newsletter forms, virtually any form you have on your website spammer will try to submit with their automatic “we have this service you or your website needs” text. So, let’s stop them in their tracks!


In your form code, right before the submit button, insert this code:

<div style=”position:absolute; left:-5000px;”><input type=”text” name=”What_brought_you_here” value=”” /></div>


This is a form text field inside of a DIV container. The text field is set to have no value and the div container is positioned to take up no space on the screen and be way off to the left (invisible to the user).


Next, add this code to your php handler file (if you use another language besides php, just shoot me an email and let me know what you use and I’ll convert this to your coding language:

if($_POST[‘What_brought_you_here’] != ”){

echo(“no bots please”);



That’s it! When someone (or something) submits your form, if there is content in the field we virtually hid, it will show the error “no bots please” and stop the form from submitting. If the field is blank like we left it, then everything gets sent as normal.

This works because the only form fields a bot does not auto fill are ones that are marked as hidden. Since we are hiding ours virtually, bots still see this as an active field in the form and will try to supply some type of data to it.

For those that want to know, here is a breakdown of the php code:


if($_POST[‘What_brought_you_here’] != ”){ //if post variable sent by the browser, the if statement checks to see if there is any value other than “” (nothing)

echo(“no bots please”); // prints “no bots please” on the screen (or to the console to a bot)

die();     //Kills the script right at this point, stopping the form from being submitted



Leave a Reply