FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Spammers can be fun and Help the Learning Process





Possum
Hi

I have this crazy situation with the same spammer. They fill out my contact form with tons of crap and send it to me.

So I took the form down. And its still coming. How do they do that.?

This is very interesting and has really caught my attention.
sonam
Maybe they find out your mail address and then they don't need your form.

Sonam
Possum
Nope .. Its coming in thru a form php script. .

I may have had an ole form I used in the development process so I deleted the entire site and reloaded it. My fingers are crossed. I guess now I will have to put a capture on the form.

These spammers are such low life its fun ending reign.
kacsababa
If the php file is there which was processing the input from the form and it accepts the same data then it will happen again.

The spambot just stored the attributes of the form and after the first successfull spamming it doesn't visited the form once just sent requests to the processing end which was specified in the action attribute of the form html tag and with the input parameters which was available/needed in the form.
Possum
I could hide the form data in an include. Would that work?

How can I make a form that is protected from such an attack.
sonam
Possum wrote:
I could hide the form data in an include. Would that work?

How can I make a form that is protected from such an attack.


I don't think so. If I good understand kacsababa you need to change sender php name. For example:
Code:
<form action="sender.php">


in:
Code:
<form action="sender_two.php">


Sonam
jmraker
One way to limit the amount of spam you get is to use a negative captcha
http://damienkatz.net/2007/01/negative_captch.html
http://nedbatchelder.com/text/stopbots.html

. The field names are hashed out
With gibberish in the field names the bot can't guess what kind of info goes where

. 1 or 2 fields are hidden with CSS and must be blank and their locations are random
Bots tend to fill out every field

. The form is only accepted 6 seconds to 1 day after it's created
Bots can fill out a form faster than a human
Bots can re-submit the same thing over and over

. Good field validation like word count limits
Some bots tend to fill out most fields with either gibberish or the spam contents so adding word count and/or length validation can stop the bots

An example of a form:
http://www.newvisiongraphics.cc/business_apparel_order.php
macky
Possum wrote:
Hi

I have this crazy situation with the same spammer. They fill out my contact form with tons of crap and send it to me.

So I took the form down. And its still coming. How do they do that.?

This is very interesting and has really caught my attention.


I guess this only would be possible if the page is still exists in your domain. however if the problem still persist, then it might
be possibly that the receiver of the contact form might address the sender as allowed to spam you..

I'm not really about my idea but i just share my thoughts.. Yeah your right it is really interesting.. I want to know it too how it works..
ogah
may be your form not used captcha
i agree with jmraker
jmlworld
Just check the HTTP referrer for the form processing part. This can be done via .htaccess or PHP, or both Wink If the referrer for send.php is not coming from form.php then you can redirect them to the homepage, etc...
Related topics
Basic HTML Introduction
Anybody needing help with HTML?
[OFFICIAL] How do you study?
Anyone that can give me help/suggestions for forms?
Any suggest how to play guitar?
Sleep less and learn more
Smart and Ugly or Beatitul and Dumb
the internet and learning
Motorcycle
earn online degree
Good quality snow filming
Complications of Learning Hungarian for English Speakers
Homosexuality - Yes or no?
Learning through podcasting
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.