homepage Welcome to WebmasterWorld Guest from 23.22.173.58
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque

Webmaster General Forum

    
spaming a form I have taken off my site.?
flumpet

10+ Year Member



 
Msg#: 10946 posted 5:11 pm on Feb 12, 2006 (gmt 0)

Hi,

I hope this is the correct place to add my query.

I created an add url form for my website and after a while i started getting spam from - poker, casino, black jack ect constantly.

So i deleted my form on my webpage and thought that woudl fix it.

However i am still getting my form sent to me, with black jack and poker ect .....How can this happen?

Im befuddled!

Is it that now my page is cached they have a copy of it they can still send em emails? Its been deleted for about a week and a half.

Has anyone any idea?

thank you!

 

jamesa

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 10946 posted 5:30 pm on Feb 12, 2006 (gmt 0)

They're hitting the script directly. You took down the form but not the script. Your setup was probably an HTML page with a form that submitted to a separate PHP or Perl or ASP script. Take down that second page, the script <-- that's the one they're hitting.

kaled

WebmasterWorld Senior Member kaled us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 10946 posted 5:48 pm on Feb 12, 2006 (gmt 0)

My guess is that you used form action="mailto:you@domain.com". In this case, spam is sent directly to the email address. Use of formmail scripts usually avoids this problem (assuming that the destination mailbox is not published on the form page or the script url).

Spambots roam sites collecting email addresses. It makes no difference what use the email address serves.

Kaled.

bartainer

5+ Year Member



 
Msg#: 10946 posted 7:39 pm on Feb 12, 2006 (gmt 0)

Same thing happened to me! Listen to jamesa, that person is correct. You must remove all the scripts.

Bartainer

milanmk

5+ Year Member



 
Msg#: 10946 posted 8:09 pm on Feb 12, 2006 (gmt 0)

I was having the same problem and if it has to be believed that the Spamer is using the script (you can check this by having a look at your server access logs) for sending emails then i have got some solution for that.

Maybe this solution may not be full proof but its working fine at my end and i hope it works good for you also.

&checkreferer;
sub checkreferer {

my $referer = $ENV{'HTTP_REFERER'};
my $ref;
my @referers = ('example.com\/pagewhereformresides\.htm','www.example.com\/pagewhereformresides\.htm');
my $hostpage = 'http://example.com/pagewhereformresides.htm';

if(!$ENV{'HTTP_REFERER'}) { print "Location: $hostpage\n\n"; exit; }

foreach $ref (@referers) { if($referer =~ m/^(http:\/\/)?($ref)/i or $referer =~ m/^(https:\/\/)?($ref)/i) { return; } }

print "Location: $hostpage\n\n";

exit;
}

Add this sub routine at the start of your CGI / Perl script.

kaled

WebmasterWorld Senior Member kaled us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 10946 posted 11:29 pm on Feb 12, 2006 (gmt 0)

Referrer data can be faked.

Ideally, all destination email addresses should be stored in a configuration file - certainly, they should never appear anywhere in the source code of a page.

There have been a couple of attacks this week on my formmail script - the security held. A well written script is useless to a spammer - the most he can do is send you a few junk bits of garbage whilst he tries to find a weakness.

Kaled.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved