Anyone who has an email address within or on a web site knows all to well what a spam magnet that can be. According to one recent study, spam made up 95% of all email traffic in 2007. Spammers often use automatic email slurping robots (bots for short) to slurp up that address to feed their spam spewing machines. Of course there are good bots, like search engine bots that actually help your site. So, the question becomes how do let those who you want to have access to your email address, like potential customers while defending yourself from the mailbox filling spam?

There are many ways to use coding techniques to “hide” your address from bad bots while allowing legitimate visitors see and use your addresses. While they can be affective, they are sometimes complicated, cpu intensive and sometimes require that potential customer jump through extra hoops to send you a message. So, in a quest for another and hopefully easier solution that reaps similar benefits, I turned to the often ignored yet powerful tiny text file ./htaccess. Acting as a gatekeeper, ./htaccess can allow or deny access to your website based on many variables. Most often, it is used to secure private folders on your server.

After some research, tweaking and trial and error, I have begun testing a small ./htaccess file that seems to have the desired affect. While nothing is foolproof as spammers keep getting more creative, and with a short period of testing, this short yet sweet formula may be the beginning to a less spam filled box:

SetEnvIfNoCase User-Agent “^CherryPicker” bad_bot
SetEnvIfNoCase User-Agent “^Crescent” bad_bot
SetEnvIfNoCase User-Agent “^EmailCollector” bad_bot
SetEnvIfNoCase User-Agent “^EmailSiphon” bad_bot
SetEnvIfNoCase User-Agent “^EmailWolf” bad_bot
SetEnvIfNoCase User-Agent “^ExtractorPro” bad_bot
SetEnvIfNoCase User-Agent “^NICErsPRO” bad_bot
SetEnvIfNoCase User-Agent “^Website\ eXtractor” bad_bot

<Limit GET POST>
Order Allow,Deny
Allow from all
Deny from env=bad_bot
</Limit>

I’d be very interested in what other’s have hidden in their ./htaccess file.