Allow removing contact form #2303
Comments
|
Huh, weird that you're getting tons of spam and MIT isn't, I wonder what causes that. Thanks for telling us there's a problem. The website used to have some captcha code but it bitrotted and we deleted it. I also really dislike captchas, they're terrible for accessibility, but we could look into alternatives or add it as a disabled-by-default option. |
|
Yeah, it came out of nowhere. We aren't getting nearly as many now, but we're still getting a couple per day, even with the contact form completely commented out from the page through a template override. Have you seen the new Google Captchas? They're pretty user friendly. I'd be fine with something that is disabled by default and dependent on a tag. |
@willgearty there's more than just user-friendliness for the majority of users here -- traditional captchas are impossible for users with screen readers or other text-centric browsers, for example. That said I think Google does have several options (e.g. audio captcha), so that's probably enough of a mitigation. (There are other issues depending on usage -- for example if you have captchas to see pages then users on Tor or in more privacy-friendly browser modes may see them a lot more -- but for just one page that's not really an issue.) Still something to keep in mind though. One of my coworkers does a lot of work on web accessibility so I can ask if he has recommendations. On the other hand, I wonder if we should just remove the contact form, and tell people to send us an email. Spam filtering is pretty good these days I hear. |
|
I certainly wouldn't complain if we just got rid of it. |
|
Yeah, I agree that getting rid of it might be the best answer here. |
|
Updated to reflect that. (If we do want to do a captcha, aforementioned coworker pointed me to the GSA website which suggests a simple arithmetic problem based captcha as those are text and thus easy to make accessible.) |
|
This came up again... sendgrid alerted us to a ton of email usage, unfortunately only after it counted the usage towards our quota. Potentially relevant/helpful links below, but I agree with everyone that it probably makes the most sense just to remove the form entirely. Suggest removing this form in the next stable release |
willgearty
modified the milestones:
Stable Release 15,
Stable Release 14 Bug Fixes and Minor Features
|
After another brush with email spam, we now want to make the form removable (even with the new addition of reCAPTCHA). The plan is to add a tag that will be disabled by default. When enabled, the form will act as it currently does. When disabled, the page will redirect (somewhere) and any POSTs to the form will be disregarded. |
In order to avoid spam, we should have an option to remove the contact form in favor of emailing the chapter directly. This can be tag-controlled so chapters can choose whether to use it.
Original description:
We're in the 21st century, we should have a captcha in our contact form to prevent spam from non-humans.
And yes, this is coming from experience (somehow we are getting 5 forms submitted every minute by some chinese bot, even after overriding the template).
I'd imagine it would be fairly easy to use an optional tag to implement one (at least through Google, it requires a domain-specific key).
The text was updated successfully, but these errors were encountered: