Concealing your Email Address from Internet Spiders

Question: I saw an ampersand entity for the @ (at) symbol somewhere and now I can't find it again.

Do you know what it is, and if so, would you be so kind as to let me know?

It was one that was the ampersand and then 4 numbers and then the semi-colon. ( &8888; ) I've found huge lists of those type of entities for all other symbols but that one isn't there.

I use a JavaScript for my e-mail links, but don't use CGI so I use a mailto: on my forms and would like to be able to protect myself and my clients from spammers.

I've been searching the net for the last two hours! If you could help I'd be very grateful!

Thanking you in advance.

Best Regards,
Shirley Marshall

Answer: The code that can be used in place of the @ sign is @ (you can add one or two zeros between the # and the 6 if you want).

There seem to be plenty of lists on the internet that tell you the codes for characters that don't appear on the keyboard but never any that list the codes that you can use in place of the standard keys such as you want here. I have put a chart of all of the codes for the keys that are on the keyboard here and to use them in an html page take the decimal code for the character that you want and add &# in front and ; behind.


Additional info: As email spiders can search for @ symbols in looking for email addresses, it is reasonable to expect that some might also be set to search for @ and would therefore find email addresses that only use this simple substitution in the attempt to conceal them.

To further protect your email address, you can use javascript to generate the code in your page that contains your email address rather than hard coding it in the page. The javascript can be coded in such a way that extracting the entire email address becomes much more difficult for the email spider which would have to contain some rather specific code in order to be able to extract a useable email address from your page source (assuming that it was able to recognise that there was an email address there in the first place to be extracted). Instead of coding your email link like this:

 <a href="">

You might conceal it by coding the following (which also conceals the mailto: on the front of the email address to help make it even harder to spot):

 <script type="text/javascript">
document.write('<a href="&#109;&#97;&#105;&#108;&#116;&#111;&#58;fred.' + 'bloggs&#64;');

An email spider would have to be rather sophisticated to even recognise that this second version of the code contains an email address. It then would have the further difficulty of determining what the email address contained in the code really is. Even if the &#64 was recognised and an attempt made to extract the email address it would most likely be interpreted as This may be a valid email address but is not the one that you coded into your page.

If you are looking to conceal your email address links even further check out our page on Obscuring Text which will allow you to quickly and easily convert the entire email address into ampersand codes and not just the mailto: and @ parts. For even greater concealment take a look at Obscuring Javascripts and our HTML Source Encryptor


This article written by Stephen Chapman, Felgall Pty Ltd.

go to top

FaceBook Follow
Twitter Follow