I've heard that a popular way to cut down on registration SPAM is to hide a field on the form and then check to make sure it's empty before allowing a registration attempt. I'm trying to figure out how to do that. I want to make sure that I validate on the server-side because I suspect that many spam inputs aren't bothering to go through my registration form but are submitting directly to the server.
I'm just what I believe to be the standard user registration module with extra custom fields defined.
I think that the general idea is to write a "form_alter" "hook" in php and add it somewhere (on a theme page?). The hook would contain the validation rule for the form element and I'm assuming the rule would be run server-side. My validation would be something like "make sure my hidden field is empty" or something similar.
Am I on the right track here? I'm trying to learn Drupal coding, but it's a long haul and I'd like to solve this problem sooner than later.