Skip to main content

I see a lot of spammy or bot type leads come through our campaigns. Some of them have the same names, cities or other fields. I would try to block from IP, but I think the bots dynamically generate the IP address so its hard to track. Having the ability to have a blocking area where I could enter in the fake names, cities, etc that are in my forms, would prevent them from being submitted.

Hi Brian, sorry you’re finding this frustrating. We definitely have some ideas around bot and spam filtering, and I’ll be sure to update this thread when we have something for you. We can likely automate most of this filtering, which will hopefully make manual filtering like this unnecessary.


Any options for just simple IP blocking? If we hosted this directly we’d simply block the IP or range of IPs that we’re getting bot submissions from.


Hey Sean, I’m sorry, but unfortunately we don’t have a way to block specific IPs just for certain customers. Will be sure to update this thread as soon as we have some improvements in this area.


Carl - any ETA on an official anti-bot feature or solution? Any ‘unofficial’ workaround we can implement now?


We are getting spam leads submitted and it’s always from the same IP address. Because we are using the subdomain feature we can’t seem to edit these IP’s in the .htaccess file so can you give us a way to add some IP’s to a file so that they simply don’t get access to our lead page? Is it really that much work to add this feature?


I’m having a very similar problem. Getting dozens of spam leads coming through daily.


Some type of captcha or human authentication in order to submit would be perfect.


IP filtering is good but only prevents the form submission from counting in statistics. We still have to deal with the spam lead coming into the integrated system, and source IPs seem to be randomized.


Hi Jeff, I know yourself and others have been waiting a long time for some bot and spam filtering tools. While I can’t promise a specific date, the hiring we’re doing right now is moving a solution quite a bit closer. Also, in some cases we’re able to help by doing certain types of filtering. If you get in touch with us at support@unbounce.com and let us know which page you’re seeing this on, we’ll see what we can do.


A big +1 for IP Address restriction.


Same issue here, my conversion rate spiked 20% (horray!) but it was all bots that somehow found my URL (nooo!). Wordpress has a plugin solution that prevents spam and bot comments that is pretty simple and ingenious. It simply requires a 1 second window between page open and submission, rendering most bots “too fast to be human”. How about we add something like this? Or what if we had a feature that allows us to Discard leads like the challenger pages we build? I have had two clients complain about skewed data and there is just no answer to give them right now.


Carl, ny progress on this?


This is a big deal guys. Can you create a blacklist feature where we can block the IP’s you’re capturing?


Because of our service, our clients are limited to the US only. It would also be great to have the ability to block country’s by IP.


Im having the same problem, how do we solve this?


Same here… Check the message they leave - 7 messages in 24 hours!!!


==============

nome high quality michael kors sloan quilted small black shoulder bags

email high quality michael kors sloan quilted small black shoulder bags

telefone high quality michael kors sloan quilted small black shoulder bags

seu_site high quality michael kors sloan quilted small black shoulder bags


ip_address 198.204.227.50


Any news on this topic? I’m having the same problem and every week I get more spam


Does Unbounce even care about this?


Hi Scott - We definitely do. We’re now actively working on a first phase solution for form spam (we’re currently investigating to make sure the potential solutions we have don’t cause a load problem, which would slow down server load times, which is the last thing we want to do). It won’t look like what Brian suggested above, but the blocking will likely be automated, so you won’t have monitor it yourself. We’ll definitely update here when we’re closer to rolling something out.


Unbounce. You need to solve this. IP filtering as others are suggesting isnt going to help and CAPTCHA solutions that require input are bad as well. You need to bake a hidden text field into every form that doesnt have to be touched by anyone. When you process the form submission simply check to ensure that field is blank. Bots fill out the form because it is in the HTML, people dont because it is hidden. Reject anything that has a value in that field and you will solve a lot of issues. Also, please make these things mobile friendly, about to go back to Weebly.


Unbounce team we really need a solution ASAP, I’m getting more than 10 SPAMS PER DAY on one of my landing pages, this is annoying!! And I don’t see any actions from your side, just comments that this will be fixed someday


Hi Joe and Alberto,


We’re still doing additional load testing. I know I mentioned that a month ago, but one thing we want to be absolutely certain of is that rolling out a spam solution won’t slow down the actual app at all, so we’re erring on the side of caution when it comes to the load testing.


With that said, you can expect something in the next 2-6 weeks (depending on how this last planned round of testing scenarios goes). It will be automatic IP filtering, but unlike what’s mentioned above, it will filter the IP from stats and also block that IP from adding additional entries in your leads. We’ll be rolling it out with relatively loose criteria at first (so we don’t block any legitimate entries by mistake) and then tweaking the solution every couple of weeks to improve it going forward.


Joe: the hidden field option unfortunately won’t work in exactly the way you’ve described. In the same way bots can enter invalid values as email addresses or leave out required fields all together, they could still submit a form, even if they filled out a value on that hidden field, as they’re circumventing the actual form validation itself.


Perhaps allow us to simply add our Askimet keys?


Hey Eric - we just spoke over email, but I wanted to answer here as well in case anyone was wondering the same.


Akismet would be a tricky solution for a few reasons. For one, they’ve developed plug-ins for quite a few services, but not Unbounce, so either, they would have to do that or we would have to leverage their API to build one, but in either case, we’d still need to negotiate a partnership with them to offer that plug-in on an official basis. The other issue is that Akismet is designed for public comments and forums, while Unbounce pages that contain forms are primarily for lead generation–information that’s most often meant to be kept private, which opens up some larger issues for many users around data collection.


Certainly, Akismet as a solution wouldn’t be impossible, but it wouldn’t necessarily be a quicker fix either.


I just wanted to update this thread to let everyone know that we’ve been doing some heavier testing on our live servers.


One of the methods we’re testing is similar to what Joe mentioned above, but with a little twist to get around the limitation with validation that I mentioned. Rather than attempt to reject or block the spam submission entirely, if we catch a bot that’s filled out our hidden alert form field, we actually accept the submission to make them think they’re getting through and then use some filtering to prevent it from showing up in your conversion/leads details.


We’re turning it off and on over the coming days and monitoring to ensure there’s no performance issues and that we aren’t accidentally filtering any good leads. Once we’re confident that there’s no major issues, you’ll see it rolled out across our page servers, which could happen as early as this week.


Interesting - will this have any effect on the accuracy of visitor counts? Or will those also be removed posthoc?


Glad to hear there are changes on the way though!


Hey Simon - I believe we’ll be filtering the entire form fill and related stats. This won’t catch when a bot that we don’t already filter simply hits the page and doesn’t fill out the form however.


The latter is something we’re investigating as well though.


Reply