homepage Welcome to WebmasterWorld Guest from 184.73.7.143
register, login, search, subscribe, help, library, PubCon, announcements, recent posts, open posts,
Subscribe to WebmasterWorld
Visit PubCon.com
Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library : Charter : Moderators: phranque & physics

Webmaster General Forum

    
spaming a form I have taken off my site.?
flumpet




msg:366625		 5:11 pm on Feb 12, 2006 (gmt 0)

Hi,

I hope this is the correct place to add my query.

I created an add url form for my website and after a while i started getting spam from - poker, casino, black jack ect constantly.

So i deleted my form on my webpage and thought that woudl fix it.

However i am still getting my form sent to me, with black jack and poker ect .....How can this happen?

Im befuddled!

Is it that now my page is cached they have a copy of it they can still send em emails? Its been deleted for about a week and a half.

Has anyone any idea?

thank you!

 

jamesa




msg:366626		 5:30 pm on Feb 12, 2006 (gmt 0)

They're hitting the script directly. You took down the form but not the script. Your setup was probably an HTML page with a form that submitted to a separate PHP or Perl or ASP script. Take down that second page, the script <-- that's the one they're hitting.
kaled




msg:366627		 5:48 pm on Feb 12, 2006 (gmt 0)

My guess is that you used form action="mailto:you@domain.com". In this case, spam is sent directly to the email address. Use of formmail scripts usually avoids this problem (assuming that the destination mailbox is not published on the form page or the script url).

Spambots roam sites collecting email addresses. It makes no difference what use the email address serves.

Kaled.

bartainer




msg:366628		 7:39 pm on Feb 12, 2006 (gmt 0)

Same thing happened to me! Listen to jamesa, that person is correct. You must remove all the scripts.

Bartainer

milanmk




msg:366629		 8:09 pm on Feb 12, 2006 (gmt 0)

I was having the same problem and if it has to be believed that the Spamer is using the script (you can check this by having a look at your server access logs) for sending emails then i have got some solution for that.

Maybe this solution may not be full proof but its working fine at my end and i hope it works good for you also.

&checkreferer;
sub checkreferer {

my $referer = $ENV{'HTTP_REFERER'};
my $ref;
my @referers = ('example.com\/pagewhereformresides\.htm','www.example.com\/pagewhereformresides\.htm');
my $hostpage = 'http://example.com/pagewhereformresides.htm';

if(!$ENV{'HTTP_REFERER'}) { print "Location: $hostpage\n\n"; exit; }

foreach $ref (@referers) { if($referer =~ m/^(http:\/\/)?($ref)/i or $referer =~ m/^(https:\/\/)?($ref)/i) { return; } }

print "Location: $hostpage\n\n";

exit;
}

Add this sub routine at the start of your CGI / Perl script.

kaled




msg:366630		 11:29 pm on Feb 12, 2006 (gmt 0)

Referrer data can be faked.

Ideally, all destination email addresses should be stored in a configuration file - certainly, they should never appear anywhere in the source code of a page.

There have been a couple of attacks this week on my formmail script - the security held. A well written script is useless to a spammer - the most he can do is send you a few junk bits of garbage whilst he tries to find a weakness.

Kaled.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
WebmasterWorld ® and PubCon ® are a Registered Trademarks of Pubcon Inc.
© Pubcon Inc. 1996-2012 all rights reserved