|
| |
|
|
jeepless
Posts: 213
Joined: 12/20/2003
From: Smack in the middle of USA
Status: offline
 |
RE: My Guestbook is being spammed - 4/14/2005 14:51:58
I wondered about the same thing as to whether the 2nd guestbook needed to be linked to the main page. I would think the spam bots would find it either way. But just in case it makes a difference, I added this hidden link on the main page that goes to the 2nd guestbook:
<p><a href="gbtemp/index.htm"> </a></p>
These are the links to my client's guestbooks:
Real Guestbook
Fake Guestbook
It will be interesting to see what happens....
Richard
|
|
|
|
JohnLearner
Posts: 251
Joined: 2/13/2002
From: Brussels Region, Belgium
Status: offline
|
RE: My Guestbook is being spammed - 4/15/2005 5:15:57
Right. I've added just one link to each G'book to try and 'tempt' the bots. We'll see...
John.
| |
|
|
|
JohnLearner
Posts: 251
Joined: 2/13/2002
From: Brussels Region, Belgium
Status: offline
|
RE: My Guestbook is being spammed - 5/10/2005 9:16:37
Well, we didn't have to wait too long, did we, Richard? The first 'attack' has just come: http://www.handscombes.com/gb.htm - it's also attacked another FP Guestbook of mine at http://www.songland.com/gb.htm at exactly the same time.
Where do we go from here...??
John.
| |
|
|
|
jeepless
Posts: 213
Joined: 12/20/2003
From: Smack in the middle of USA
Status: offline
|
RE: My Guestbook is being spammed - 5/11/2005 23:07:07
John... I don't think you have your guestbook form set correctly to prevent HTML links and that's probably why it's still being spammed. I just did a test post to your gb.htm page and it displayed as a valid link. When I viewed the source code, your form is still set to post in an HTML format and that allows working links to be posted.
Look at the <form> tag in your source code, and in the --webbot-- code following it you have:
<!--webbot bot="SaveResults" U-File="guestlog.htm" S-Format="HTML/DL"...
To prevent HTML links, what you want the webbot code to be is:
<!--webbot bot="SaveResults" u-file="guestlog.htm" s-format="HTML/PRE"...
To set the format so NO HTML LINKS can be posted, do this:
1. Open your guestbook page in FP (the form itself);
2. Right-click inside the form area on that page and select "Form Properties";
3. Click on the "Options" button at the bottom of the window that opens;
4. In the "File Format" drop-down menu, select Formatted text within HTML.
Following the above steps will change the --webbot-- code in your form so that it says s-format="HTML/PRE", and that will keep them from posting valid links. This may not stop their garbage from hitting your page, but at least the links won't work and they won't gain any value with the SE's. With time I think they should leave your pages alone.
Let me know if you need more help with this. My guestbooks haven't seen any spam so far using this method, so hopefully it will work for you also.
Richard
| |
|
|
|
JohnLearner
Posts: 251
Joined: 2/13/2002
From: Brussels Region, Belgium
Status: offline
|
RE: My Guestbook is being spammed - 5/12/2005 6:27:33
Hi again, Richard, and thanks for your reply.
Basically, this is what you were discussing in your post of 4/12/2005 17:58:54. I've done what you said and done a test myself, like you. I can see your point - the bots will go away because they can't post clickable URLs (hyperlinks).
One thing I don't understand: Having changed the setting, why do the posts now appear in tiny text and a different font? It looks bad. Can I correct that? (I've changed the font in the Form Field itself - when the visitor types in - but the resulting post still looks bad).
John.
| |
|
|
|
jeepless
Posts: 213
Joined: 12/20/2003
From: Smack in the middle of USA
Status: offline
|
RE: My Guestbook is being spammed - 5/12/2005 10:20:17
John... I checked your guestbook form and it's now set correctly to disallow HTML links. That should eventually discourage the spam posts.
To fix the tiny font, what I did was added some CSS styling to the guestbook page. Try adding something like the following at the bottom of your <head> section:
<style type="text/css">
<!--
pre { font-size: 14px; font-family: Arial,Helvetica,Verdana,sans-serif; }
// -->
</style>
You may want to adjust the font-size to something you like, but that should fix the tiny font you're seeing.
Richard
| |
|
|
|
jeepless
Posts: 213
Joined: 12/20/2003
From: Smack in the middle of USA
Status: offline
|
RE: My Guestbook is being spammed - 5/12/2005 21:29:57
John... wow, your guestbook sure is getting hammered! I don't know why they have finally left my guestbooks alone but I'm keeping my fingers crossed.
I can think of a few other things you can do to slow the spamming down, and possibly eliminate it at some point, but you're right in that it's probably just not worth it if you have an alternative with Bravenet. I may be headed for a similar solution if the spambots come back and start hitting mine again.
Well heck, we gave it our best shot. Best of luck to you and I hope Bravenet can do what glorious Microsoft hasn't!!!
Richard
| |
|
|
|
darrin
Posts: 2
Joined: 5/12/2005
Status: offline
|
RE: My Guestbook is being spammed - 5/12/2005 22:52:16
Ok.. I am another guestbook spam victim!! I finally had to go on the file manager on the website and set the guestbook and guestlog to read-only. Now no one can post. Something has to be done about this. I have spent all day searching for answers. Surely theres some mickey mouse script out there for simple Frontpage guestbook site to use that could stop this!! This is my site.. www.coupedevilleband.com You can go to the guestbook but you cant post anything. I was working on it today and as soon as I set it back from read only .. I was hit again!
| |
|
|
|
jeepless
Posts: 213
Joined: 12/20/2003
From: Smack in the middle of USA
Status: offline
|
RE: My Guestbook is being spammed - 5/13/2005 8:53:16
Darrin.... I've spent hours searching the web for solutions to this problem but kept coming up short. I can't find anything that truly cures the problem. I think it's something that Microsoft will eventually have to fix in their --webbot-- component since it appears these spambots hit the FP webbot itself and don't go through the guestbook form (so form validation won't stop them).
The only guaranteed solution I came across was to have any new guestbook posts saved to a separate file on the server instead of automatically being added to the guestlog.htm page. Then if you approve what was posted, you cut and paste the new message into the guestlog.htm page so visitors can then see it. You delete the spam from this "holding" file as you're updating the guestlog page. It's sort of a "moderated guestbook" approach. The downside is the time spent to keep the guestlog updated, but at least your visitors won't see the spam and the spambots won't benefit from posting their garbage. If your guestbook is not very active this might be a good approach to take as it won't involve much of your time.
My host offers another solution which uses the HTTP_REFERRER variable, but so far I haven't had to go that route. They have a CGI script that checks the HTTP_REFERRER variable to verify that the post was made through the actual form... if not the post is abandoned. It's not a 100% fix, but it gets close. If the spambots find my guestbooks again I may have to resort to using their script, but it gets messy just trying to set it up.
| |
|
|
|
JohnLearner
Posts: 251
Joined: 2/13/2002
From: Brussels Region, Belgium
Status: offline
|
RE: My Guestbook is being spammed - 5/13/2005 9:37:30
Richard,
I had 34 attacks between early evening yesterday & 6.00 a.m. today and 17 on my SongLand Guestbook - another one has just happened! I've paid $19.90 for a full year with the Bravenet one at http://pub3.bravenet.com/guestbook/244109370 - as a company, we can easily afford that. I have used the page at http://www.handscombes.com/gb.htm to link to our other sites as free publicity to any visitors who might drop in there via the Search Engines.
By the way, here's a tip for all newbie Webmasters. I find that it's better not to delete a previously well-known page from your site. The Search Engines will already know it, so why not leave it there as a link to your other pages and as free publicity? Here's an example, which was a Contact Us page: http://www.handscombes.co.uk/contact_us.htm - this way you don't get Page Not Found thingies coming up to frustrate your potential visitors! ;)
As for SongLand, things are less urgent as I already have a (free) Bravenet one there, but I'll eventually replace the FP Guestbook page with a linking/publicity page...
Darrin & Richard,
There may be a solution at http://carbonize.co.uk/Board/viewtopic.php?t=22 - I haven't looked into it. Also, there's Junkeater, recommended by my hosts, but it doesn't work with FrontPage-created Guestbooks.
I'm giving up with FrontPage-created Guestbooks - there are lots of other ways to do them. I think too that it's something that Microsoft will eventually have to fix in their stuff, but that's Bill's problem for now...
I'm glad I've learnt from all this ... what not to do! LOL
John.
Quote of the day: "Spammers are notoriously stupid and have very, very small genitals"!!! 
| |
|
|
|
darrin
Posts: 2
Joined: 5/12/2005
Status: offline
|
RE: My Guestbook is being spammed - 5/13/2005 11:36:00
John.. does this carbonize thing work with frontpage,, do i have to change up the format or something?
| |
|
|
|
JohnLearner
Posts: 251
Joined: 2/13/2002
From: Brussels Region, Belgium
Status: offline
|
RE: My Guestbook is being spammed - 5/13/2005 11:49:51
I don't know, Darrin - I just included it because I ran across it when looking for the Junkeater site. I've just had another look - it's way above my level. Sorry, I can't really help you.
If you have a few spare dollars, I'd seriously consider buying a Guestbook facility. Bravenet's not bad-looking at all, but a bit convoluted to edit...
If not, I've just been to Google searching via "free Guestbook no popups" (no inverted commas) - there's plenty of stuff there...
John.
| |
|
|
|
jeepless
Posts: 213
Joined: 12/20/2003
From: Smack in the middle of USA
Status: offline
|
RE: My Guestbook is being spammed - 5/13/2005 14:22:04
Darrin - I looked at John's link to the "carbonize" site and it doesn't appear to be something that will work with the FP guestbook. The link is to a thread which talks about incorporating an image verification script into their "carbonize" guestbook. It's written in PHP and only works with their guestbook though, so it's a no-go for FrontPage.
Interestingly enough, I followed some of the other threads on that board and they're also having a spamming problem with their guestbooks!
John - any idea if Bravenet has been able to avoid the spam problem with their guestbook? I'd be interested in knowing how they're avoiding it, if you know.
Richard
| |
|
|
|
JohnLearner
Posts: 251
Joined: 2/13/2002
From: Brussels Region, Belgium
Status: offline
|
RE: My Guestbook is being spammed - 5/13/2005 18:45:27
Richard,
I've had a bit of spamming of my Bravenet Guestbooks, but nothing serious and only one-offs.
How they're avoiding spamming at Bravenet? Well, there's an IP Banning thingy and you can also turn spam/flood protection on & off, even in the free version. Not that I've ever felt the need to use these, though I guess my spam/flood protection is left on. Further to what you said earlier, Richard, I think it's a security flaw in the FP Guestbook that's giving us all this hassle. That's for Uncle Bill to sort out...
Considering they're free for lots of Net tools, Bravenet are very good, though the popups they create are a pain. It's a question of thinking of your visitors, particularly if they're not au fait with popup killers. Popups really don't bother me - I've used Pow! for years and it keeps me cool.
John.
| |
|
|
|
JohnLearner
Posts: 251
Joined: 2/13/2002
From: Brussels Region, Belgium
Status: offline
|
RE: My Guestbook is being spammed - 5/26/2005 6:10:37
Now here's a thing: I abandoned my Handscombes Guestbook and only use the Bravenet one there. But I left my SongLand one online to see what would happen if I simply removed the box for adding comments, effectively disabling it - see http://www.songland.com/gb.htm
Well, it's still getting spammed half a dozen times a day! But those silly fool robots don't know thay can't leave a message, so I keep getting e-mails called "The joint SongLand Guestbook has just been signed!" (it was for use for 2 sites) informing me of the date & time, but no message. Tee-hee! I might have lost that particular Guestbook, but at least I have the last laugh on the spammers.
However, how can they 'think' they've signed when there's no box for adding comments? I don't get that...
John.
| |
|
|
|
jeepless
Posts: 213
Joined: 12/20/2003
From: Smack in the middle of USA
Status: offline
|
RE: My Guestbook is being spammed - 5/26/2005 15:37:31
HEY IT WORKED!!!
Sorry John, but I was experimenting with something to determine how the spam bots are hitting your guestbook.
Now this really has me worried.... I was able to spam your guestbook FROM MY SITE!!!! And all it took was some simple edits to MY form. A few more edits like that and I could conceivably post anything I wanted to your guestbook page. Crap, if it's THAT easy to spam the FP guestbook, then that's reason enough to dump it... pronto!
Okay I'll stop hitting you with messages since I proved what I feared.
Richard
PS. Email me if you want to know how I did it.
| |
|
|
|
JohnLearner
Posts: 251
Joined: 2/13/2002
From: Brussels Region, Belgium
Status: offline
|
RE: My Guestbook is being spammed - 5/26/2005 16:55:12
That's OK, Richard - all part of life's rich pattern! LOL
I'll drop you an e-mail...
John.
| |
|
|
|
Tailslide
Posts: 5915
Joined: 5/10/2005
From: Out here on the raggedy edge
Status: offline
|
RE: My Guestbook is being spammed - 5/26/2005 17:41:13
Has anyone ever tried the picture approach that Andrew suggested on the first page? You know, have an image with letters or numbers in that the submitee (is that a word?) has to type in to allow the comment to be submitted.
Shouldn't be too hard to implement in PHP or ASP - with the word acting as a password would the bots be able to get at the actual guestbook to spam?
_____________________________
"My strategy is so simple an idiot could have devised it"
Little Blue Plane Web Design | Blood, Sweat & Rust - A Land Rover restoration project
| |
|
|
|
walanghiya
Posts: 12
Joined: 4/5/2002
From: winnetka, ca
Status: offline
|
RE: My Guestbook is being spammed - 5/27/2005 2:26:00
hi guys,
i just started a similar thread in another forum here and was directed by spooky to your thread. here's what i posted:
hi. got a question for the ever-helpful members of this community.
what is the function of the file ".../_vti_bin/shtml.exe/(webpage).htm"? i just recently discovered that a prolific guestbook spammer drops his spam on my site's guestbook thru this file. can i delete the submission box from this file and still have a functional guestbook on my site? i imagine the _vti_bin file is a necessary frontpage file so deleting this file completely is out of the question. is there a way i can block the spammer from accessing this file?
tried "deny from" on htaccess but he changes his ip address with every post. created a robots.txt file disallowing certain search bots (that he used) from spidering our site; this stopped him temporarily so now he goes to my site's _vti_bin file to drop his spam.
it's been so exasperating dealing with this situation. on average, he has 5 to 10 spam messages per day. i am tired of deleting his posts daily.
please, can anybody help?
my site's guestbook url: http://www.therockofmanila.com/bullboard.htm. you won't see any spam there because they have been deleted. a couple weeks ago, i changed the scripts in the form so that submissions are not automatically posted. i add the non-spam posts manually via my provider's file manager. the board has lots of visitors but not too many posts so this has worked for me so far.
going thru my server logs, i discovered that this guy goes to the vti_bin file where he enters his posts (i think, because the logs do not show any visitor going to the .../bullboard.htm page at that time). take a look here: http://www.therockofmanila.com/_vti_bin/shtml.exe/bullboard.htm. you will see at the bottom his recent posts (the ones i haven't deleted yet). however, these do not show on the actual guestbook page. did i miss something somewhere (on the function of the vti_bin file) and mistakenly assumed that he posts from the vti_bin file?
thanx guys. just like john learner, i'm also learnin' thru this thread.
| |
|
|
|
jeepless
Posts: 213
Joined: 12/20/2003
From: Smack in the middle of USA
Status: offline
|
RE: My Guestbook is being spammed - 5/27/2005 9:47:44
walanghiya... I doubt the spammers are hitting your "../_vti_bin/shtml.exe" file directly. That file doesn't know what to do with a post unless it also has the associated --webbot-- code (located in your form tag). And from what I discovered, they can successfully spam your guestbook without even going to your site, which is why they won't show up in your site logs.
What I believe they are doing is directly targeting your guestlog.htm page (or whatever you named it). I was able to "spam" John's guestbook and I never accessed his guestbook page directly. To do it all I needed to know was the name and location of his guestlog.htm page, and I got that from viewing the source code of his guestbook page. If this is how they're doing it, then I think the solution is to "hide" the location and name of your guestlog.htm page. The only way to do that is to encrypt the source code of your guestbook page so spammers can't read it and won't know the guestlog name or location. That should effectively stop this type of exploit.
I plan to do some experimenting with encryption this weekend to determine if it works. I'll post my results here once I know something.
Tailslide... I'm not sure the image verification technique you mentioned will stop this type of spamming. At the least, it would require some ASP code on the guestlog.htm page and some way of getting the FP --webbot-- code to work with it. Otherwise, using my exploit will bypass that sort of verification and still hit your guestlog. I may try to experiment with your idea, though, and possibly come up with a way to make your solution work.
Richard
| |
|
|
|
Tailslide
Posts: 5915
Joined: 5/10/2005
From: Out here on the raggedy edge
Status: offline
|
RE: My Guestbook is being spammed - 5/27/2005 10:07:01
quote:
ORIGINAL: jeepless
Tailslide... I'm not sure the image verification technique you mentioned will stop this type of spamming. At the least, it would require some ASP code on the guestlog.htm page and some way of getting the FP --webbot-- code to work with it. Otherwise, using my exploit will bypass that sort of verification and still hit your guestlog. I may try to experiment with your idea, though, and possibly come up with a way to make your solution work.
Richard
It'd be interesting to see if it did work - plus in all honesty it was Andrew's idea and not mine - although I'm usually ready to claim anything remotely useful as my idea - I thought that on the same thread would be pushing it...
_____________________________
"My strategy is so simple an idiot could have devised it"
Little Blue Plane Web Design | Blood, Sweat & Rust - A Land Rover restoration project
| |
|
|
|
walanghiya
Posts: 12
Joined: 4/5/2002
From: winnetka, ca
Status: offline
|
RE: My Guestbook is being spammed - 5/27/2005 11:40:31
thanx jeepless, that was pretty informative. i will wait for the results of your encryption experiment.
| |
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts
|
|
|
Printable Version 
