Can spam bots trigger mouseenter or hover events?

StackOverflow https://stackoverflow.com/questions/18059191

  •  23-06-2022
  •  | 
  •  

Frage


I'm trying to add my email address to my homepage so that spam bots can't see it. Somewhere on stackoverflow I found the solution to write the address reverse:

<span class="reverse">moc.liam@esrever</span>
<style>
.reverse {
    direction: rtl;
    unicode-bidi: bidi-override;
}
</style>

But so that users still can interact with a mailto-link I've got the following code:

<a href="moc.liam@esrever:otliam" class="reverse"><i class="icon-envelope"></i></a>
<script>
    $('body').on('mouseenter', '.reverse', function() {
        $(this).attr('href', $(this).attr('href').split('').reverse().join(''));
    });
    $('body').on('mouseleave', '.reverse', function() {
        $(this).attr('href', $(this).attr('href').split('').reverse().join(''));
    });
</script>

Is this a secure method to hide your email address to spam bots or do they trigger the mouseenter event as well?

War es hilfreich?

Lösung

A "generic" spambot that triggered events in order to harvest email addresses would have to feed the page into basically a headless browser, somehow determine what might be JS-obfuscated email content and then blindly try to emulate the user interaction that deobfuscates the interesting data.

This is an enormous amount of work for possibly no benefit and no spammer would ever consider doing it.

What they would do instead if they were really interested in harvesting your site is figure out how your protection works (hey, it's just written in reverse) and just special-case the spambot to unscramble the data manually.

This type of protection scheme should be more than enough as long as you are too small to be worth targeting, but the downside is that website visitors that do not use JavaScript are going to have a hard time.

Andere Tipps

Spam bots will in general only read the page markup and look for email links or email addresses that match a certain pattern. So your method will probably throw of the majority of them - the ones that will (incorrectly) see moc.liam@esrever as the email address.

However, just as a crawler knows that an email link starts with mailto:, it could also know that a reversed email link ends with :otliam. If the creator of the crawler finds the suggestion to reverse the email address, like you did, they'll just modify the bot to process reversed addresses as well.

The best protection is good email spam detection, or an HTML form that uses a Captcha or similar.

Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
scroll top