Form Spammers

	Home Register Search Help Login

Recent Posts
Todays Posts
Most Active posts
Posts since last visit
My Recent Posts
Mark posts read

Sponsors
Shopping Cart Software
Ecommerce software integrated into Frontpage, Dreamweaver and Golive templates. No monthly fees and available in ASP and PHP versions.
Website Templates
We also have a wide selection of Dreamweaver, Expression Web and Frontpage templates as well as webmaster tools and CSS layouts.
Frontpage website templates
Creative Website Templates for FrontPage, Dreamweaver, Flash, SwishMax

Form Spammers

View related threads: (in this forum | in all forums)

Logged in as: Guest

Users viewing this topic: none

Printable Version

All Forums >> Web Development >> General Web Development >> Form Spammers

Page: [1]


clum1 Posts: 778 From: Glasgow, Scotland Status: offline	Form Spammers - 5/18/2009 4:25:47 I've been getting a load more spam recently from my site's contact forms; most of it takes a familiar pattern with random crap in the text fields (vHPVltJLrohuxU being a typical Company name) and an invalid email address; e.g. kanop@nnywmj.com I've done various things including setting up a quick method to block the user's IP address from spamming me twice (assuming it's from a PC that's infected, sod 'em...) and whilst that cut things down a fair amount it was still a problem. My latest attempt to stem things is to block anything with the user agent Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) as this seems to be behind 99% of my trouble. Looking through my records and on Google, I can't find any legitimate examples of this UA so hopefully I won't be blocking any good responses. On top of these attempts, is there anything else I can do reasonably accurately and easily? Calum _____________________________ kenilweb.com; simple, effective web design "So I said to the Gym instructor "Can you teach me to do the splits?" He said "How flexible are you?". I said "I can't make Tuesdays"." Tim Vine


Tailslide Posts: 6692 Joined: 5/10/2005 From: Out here on the raggedy edge Status: offline	RE: Form Spammers - 5/18/2009 5:46:23 I do: 1. the question thing (is ice hot or cold?) 2. honeypot textfield (if it's completed, it's dumped. Hidden off-screen by CSS) 3. Unique token in hidden field 4. Checking time between arriving and submitting form and dumping anything less than 3 seconds 5. Checking headers etc Haven't had any form spam since I did this. Also - Mike Cherim's secure accessible form is worth looking at as it has about 16 or 17 different checks to prevent spam. Only reason I don't use it more often is it's a big script and therefore awkward to tailor to different field types etc. _____________________________ Little Blue Plane Web Design \| Land Rover project (in reply to clum1)


TexasWebDevelopers Posts: 722 Joined: 2/22/2002 From: Dallas, TX Status: offline	RE: Form Spammers - 5/18/2009 12:17:28 quote: 4. Checking time between arriving and submitting form and dumping anything less than 3 seconds Thanks for the time suggestion. Although I've seen this method suggested I never did know how fast a spam-bot might submit the page versus us sluggish real human types. _____________________________ Follow us on TWITTER (in reply to Tailslide)


clum1 Posts: 778 From: Glasgow, Scotland Status: offline	RE: Form Spammers - 5/19/2009 9:46:19 I like the idea of the time check; I'll see how my current methods work (no spam since implelented...) and add that in too if I need to. cheers Calum _____________________________ kenilweb.com; simple, effective web design "So I said to the Gym instructor "Can you teach me to do the splits?" He said "How flexible are you?". I said "I can't make Tuesdays"." Tim Vine (in reply to TexasWebDevelopers)


Tailslide Posts: 6692 Joined: 5/10/2005 From: Out here on the raggedy edge Status: offline	RE: Form Spammers - 5/19/2009 10:05:49 3 seconds is a bit arbitrary - you can use what you like, I just think that there's no way a human would do it in less. _____________________________ Little Blue Plane Web Design \| Land Rover project (in reply to clum1)


womble Posts: 6007 Joined: 3/14/2005 From: Living on the edge Status: offline	RE: Form Spammers - 5/26/2009 17:18:35 quote: ORIGINAL: Tailslide Also - Mike Cherim's secure accessible form is worth looking at as it has about 16 or 17 different checks to prevent spam. Only reason I don't use it more often is it's a big script and therefore awkward to tailor to different field types etc. I use Mike's form script for all my sites now and I've had no spam through any of the forms on all the sites I used it on where the email address is used no-where else. The latest version of the form has got some optional fields built into it (mainly for 'address') which you can choose whether to use or not, or providing you can find your way around a bit of HTML/PHP you could re-name the fields possibly. _____________________________ ~~ "A cruel god ain't no god at all" ~~ ~~ Erase hate. Practice love. ~~ (in reply to Tailslide)

Page: [1]

All Forums >> Web Development >> General Web Development >> Form Spammers

Page: [1]

Jump to: 1

New Messages	No New Messages
Hot Topic w/ New Messages	Hot Topic w/o New Messages
Locked w/ New Messages	Locked w/o New Messages

Post New Thread

Reply to Message

Post New Poll

Submit Vote

Delete My Own Post

Delete My Own Thread

Rate Posts